r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1456357aecbd23f21ad98da57e0127eb
7074815b39fa8da9013883971d665e4c1b0797ea
f3eba265ee64870b2f822f1511b36c747d763c382557789cdad8be1d3b52d1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F3EBA265EE64870B2F822F1511B36C747D763C382557789CDAD8BE1D3B52D1F5"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5154
Expires: Wed, 23 Nov 2022 19:42:43 GMT
Date: Wed, 23 Nov 2022 18:16:49 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5355
Cache-Control: max-age=150221
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:49 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:00:30 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6911
Expires: Wed, 23 Nov 2022 20:12:00 GMT
Date: Wed, 23 Nov 2022 18:16:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 23 Nov 2022 17:17:08 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3581
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: g83ewIqWp7Ms3Vz7hjIjkIblSuuRwPTc9TOkZwhRs+iD9BgPudZVEf4OCgd25fksf1J5z8Arl4Y=
x-amz-request-id: BSY9EDSTHDR4JQXW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 23 Nov 2022 17:43:04 GMT
age: 2025
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
youtuber.money/
200 OK 8.4 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (456), with CRLF line terminators
Hash c627cbcaf47b3eaf36d24583bd40078f
9c47be170ea5fc6d8985cbeb9d155ee77c338924
2bdf386b4a0872578081c206655a6390a1869cab659ddd47f98331a1ee5e62b6
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9h8YbuA8rxxccz6OgorS6vJMSzu3qJH6PhLv5NyKylp7PaXsZ%2FPbFwwaAnRcImhYZOQD1j64tAnskLJY%2FOB8%2FbXtcHpTNq8fiVpyRDqBm0E3799w2WU1RKAtrX%2FplqXDg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5e9598cb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 23 Nov 2022 18:16:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-228184982-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-228184982-1
IP
File type ASCII text, with very long lines (1921)
Hash 68059fd3a399a4d5e731ec4c9af21712
16d3207ccce7e2efc3b9bddb7828de9bd31abff9
a61fe08d5cc2d713d6528cb32651ff8f69b23eb9ae2c34e9cf2b168d26a3cdd7
GET /gtag/js?id=UA-228184982-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 23 Nov 2022 18:16:49 GMT
expires: Wed, 23 Nov 2022 18:16:49 GMT
cache-control: private, max-age=900
last-modified: Wed, 23 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash fb4ee3082622f9f3340432290d63437e
852ca64934462e133e34043fca561aca215e6255
d4c2f665873baede94309128e276df6fdf7f0e1ec15699e75cd6bae2c24d556a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ulogin.ru/js/ulogin.js
200 OK 19 kB IP
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (580)
Hash 5f871d4922671d282a6a00a3e4b9d7f5
cb4ed6939d6cea3bb899e148a2844f8ee8abf277
126c613608dedbddb289846da141e4e0eddd6668a9b16064c6a5b3e646bcc2bb
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 10 Oct 2022 16:50:51 GMT
Set-Cookie: ulogin_token=u17eebd1299d379daedfe880da32fe309; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Sat, 26 Nov 2022 18:16:51 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
youtuber.money/js/jquery.min.js
200 OK 34 kB URL HTTP/1.1 youtuber.money/js/jquery.min.js
IP
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 73f80263c68fd293498e44945a02d22c
1eea9d07bd36e84f2dab4a8ea39c9f7d17d5f98d
a2d2d7b70ab9b07f642e03d6cf1aefc2df36c1805255d7b1ecc07f4a1f8d9282
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.min.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-1538f"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqrOcgtcRk8dCzPBHrtga3LVEIM95RDBpCt48HnLxqk6G15yDKJbj16%2FMzVBsFxc1Vj8ayD9lIR2XWCFPF0coVFBnj%2BuLMDbypv0%2FrOOpdwiWMEWqt0BsjOIsgqke4N%2Bag%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ec6e69b4e8-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/css/bootstrap.css
200 OK 34 kB URL HTTP/1.1 youtuber.money/css/bootstrap.css
IP
File type ASCII text, with very long lines (629), with CRLF line terminators
Hash 6d29deb09e134305f516dbdbe41a21a4
a37baafc33c697e29579c1bc406f0058e070d192
13055643f01f3d3a2eb1f797020a8d2007ae50ef1f0df85f33e8afe0bffd13e4
Analyzer Verdict Alert quad9 Sinkholed
GET /css/bootstrap.css HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-32df2"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RFKujpRSzICvvc1nskkYeBeQO6g7VLd1LNp%2BGZ%2Btw9I0xV9f6qxhIEZ6JfOyy2Pm2N5SZM2kN06pD7kftWEoC4vhkfF85QDKrBxpWtb4je95sLdO9ja2ShDhbIGJHm19gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ec6cca1c16-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/css/main.css?rstr=532909801696
200 OK 613 B URL HTTP/1.1 youtuber.money/css/main.css?rstr=532909801696
IP
File type ASCII text, with CRLF line terminators
Hash 10e55217068921399da883fe1667b300
009be3b5505912388393a2eaa6fabc39f74ff868
69e54e06e36457e43879f61d6329195ea782c354d58c6d5b8d2dfb64f2344158
Analyzer Verdict Alert quad9 Sinkholed
GET /css/main.css?rstr=532909801696 HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-6a9"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjA5Dk0VGjnOGvkUtsji9moAD88TstUQ2Nl6469xjcAX2MwGWIOYlbbHwBVxK2P5ZXlRY8xvVcZRcOljl%2BQTqRl%2BmpGFZ1In7Nuhl20y%2BDGr%2BJxXkuCbNCNQo9E3rqgczg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ec6a961bfa-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/css/font.css
200 OK 14 kB URL HTTP/1.1 youtuber.money/css/font.css
IP
File type ASCII text, with very long lines (388), with CRLF line terminators
Hash 8899e269d088320da29eeb8cdef09ce1
74d2509d79660843f59140494ad6455ae9359679
7021f9dd9cde35321b2e96636568b01f3ad467e5d0bdc27f6c6bd9de17362785
Analyzer Verdict Alert quad9 Sinkholed
GET /css/font.css HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-121f3"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od3GJaslUsMFzglvuGms4eMszM5D2BuT9kARU%2BJgmS9%2B12T%2BFJ76%2FMdWVNOB9CV2khwyfY%2BpUiseQAdKLPxNzfQUqKqa66A9xKhVqRiotgCLKQOBERqmpx%2FfwwnqPqGq2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ec6fce0b51-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/js/bootstrap.min.js
200 OK 18 kB URL HTTP/1.1 youtuber.money/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (59765), with CRLF line terminators
Hash e0eba1697e09c3c7427c6fc23ed4def7
0ea1f96f826b3969874ff7a6f2a8bcaf359dec6a
94650e9bdeae206711fd37832a3898523d2765c7691291c8b9cbaf8dcdda26d5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-ea69"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mfu6stYnrIT9dOY%2BtAd213QHG0jePF6KgAIg%2BnLUts3c%2BBe52%2B7iRRaEeIdptSPCn6Ruzv9qszWlLbcpwxRK6Of5BlJYm%2FgSY5%2BYMgyffAzSzb9KMIapFrE1armhZirv6g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ec6a15b4f7-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/css/business-frontpage.css?rstr=532909801696
200 OK 228 B URL HTTP/1.1 youtuber.money/css/business-frontpage.css?rstr=532909801696
IP
Hash 742b5ff3f4bf0109cddb975a3f54ca1a
4b7fb21e6e88b48dd97a1e36572832e8eb7e1af8
1500652b7ab3761a7a4b3c92328ae1e83ebbbc5a23464f6a40abe9c933f381c8
Analyzer Verdict Alert quad9 Sinkholed
GET /css/business-frontpage.css?rstr=532909801696 HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-157"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZK4Jd4ntatSeqFvPW8%2F8v1gs2cQft8j96HaGH3oThVIpyW%2FvyVauVdUwMFeY393Qgy6O8%2FwnD1RruqEg6u%2FHHgpHQouHYzlknTwKRv4DyvdjhpmqD%2BOFLyjr6vL7j5MJA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5ec6c07b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 23 Nov 2022 18:11:11 GMT
cache-control: public,max-age=3600
age: 338
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
youtuber.money/css/ext-component-toastr.css
200 OK 1.5 kB URL HTTP/1.1 youtuber.money/css/ext-component-toastr.css
IP
File type ASCII text, with very long lines (497)
Hash a67a84afa5eac4e3358926b84370edab
1af9caf0e1143cef41ffa3ed440bd7a70e285c8e
0641b526f1f841a0eee7a34982e982d78ee3c4d67800a9958abfe731c265bf4f
Analyzer Verdict Alert quad9 Sinkholed
GET /css/ext-component-toastr.css HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:49 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-159f"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7V4em%2FEQg2Kz3JE3QZm8vpmNxv%2FmZtAjST4VCtr47tPsDbTWvqp2mDhVmkyn6mLMdhBR%2F%2BROBR6XENanLXX2qVIjZKV%2FJSpAtFj%2FwvOFEYTHlQ6qebqgfU%2B9p5tkFblTbw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5eebe1ab4f7-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1248
Cache-Control: max-age=141051
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:50 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 09:27:41 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
youtuber.money/js/commonscripts.js
200 OK 2.4 kB URL HTTP/1.1 youtuber.money/js/commonscripts.js
IP
File type ASCII text, with CRLF line terminators
Hash a97dd86a2bb33003773e05a4f34b9ead
0eebe04de6e4c53b870c3d83748f26655f760cda
c7da4f628f8c32d6da8a2be8292e7143b3577650e54d82a9038a1d23c345cfa0
Analyzer Verdict Alert quad9 Sinkholed
GET /js/commonscripts.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-20d6"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZW59djDsM%2BaG02ws4HwLA6hQJO%2BgdqZW6cmHStBtj347NrsTvr6jrA41eLYuZHy7s5MuLTBmT1E5ZcwWnWtk5htGrKchQwBDZEYhRgRWZEuHWYiogpeD2aoSoPz0xScjeA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ee8f181c16-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/js/popper.min.js
200 OK 8.1 kB URL HTTP/1.1 youtuber.money/js/popper.min.js
IP
File type ASCII text, with very long lines (21060), with CRLF line terminators
Hash 75762ba631b47014a292c9cdb360bbd4
9cca96596201df2b6bb39967fd3de817b38edb1d
17b5fabbbfba3e676957a1d941289013f3914f16c7ec0c9dd62e84f31acb30d3
Analyzer Verdict Alert quad9 Sinkholed
GET /js/popper.min.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-52fb"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCiUkzd%2BuExseIbKS86Z2RXr%2BBMBuObkfZAGYKUNRjDeisOkpSUebT46wFcA5%2BQw%2FBdouOOiNwFFYMWeQrnLnqOEUWdtScWADXlKGJ1pb1QpGlJ%2FRFVI%2Ba1Up7Mm3pOkiA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ee7a1cb4e8-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/js/geterrorcodes.js?new
200 OK 958 B URL HTTP/1.1 youtuber.money/js/geterrorcodes.js?new
IP
File type ASCII text, with very long lines (4783), with no line terminators
Hash e828db3308875ba32c3094a4c5ae7184
dbc6b4420dd9e0a11ca3e8e83a2c5e176d9b607c
02731213c81a8a1a6df1c299bfcf57d8ff1d111dd005a7b5b4cb202323d8598b
Analyzer Verdict Alert quad9 Sinkholed
GET /js/geterrorcodes.js?new HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-12af"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OztCXoEID7Vv1Co9yZO%2FJh%2BFthju3lF3A7q7VH8RIYhG%2F0QSYQmrDTpdYCrpErDTkvBrGfAhba27IK66Lg%2FqZ%2BUALFHdQbrpa4325Wc2v1hpdr1TcsZ5Hunf5G1UN0AmDA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5ee8d001bfa-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/css/toastr.min.css
200 OK 3.1 kB URL HTTP/1.1 youtuber.money/css/toastr.min.css
IP
File type ASCII text, with very long lines (6455)
Hash 07bce3dfee6ddb81159fd31ba983e4ca
ea86d675af1b28f71750ae1ed60ab302855f91ad
c30004273ad8e20cc8d414ee8aca2b7f19318c36b80357b808924c43fb66f870
Analyzer Verdict Alert quad9 Sinkholed
GET /css/toastr.min.css HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-1a6a"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnLhTnJl37jlDxq8cvOJRcyMZWw7o9%2Bb8EkvAkemYxcZgktgCmiXeRvFnnxpN280HK%2BiS2G38pwYcp08eW%2FnfoNJa%2F1uNZ42iPwwY90hAE4WOM2p%2FnBK47qo29YqNcSYIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5eeba860b51-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/js/vendors.min.js
200 OK 127 kB URL HTTP/1.1 youtuber.money/js/vendors.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65445)
Size 127 kB (127273 bytes)
Hash f885c0955ed28ab120026fd6782773c0
1d561ebc1f1c89201c5db9901ac2f176a7a10c79
09cb369e5cc25db147e5ac28a57e47e31c608667bba4e716caf4e23ce6d6079f
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendors.min.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-5bfc3"
Expires: Thu, 24 Nov 2022 06:16:49 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5m1EqIy%2FwA9%2BEju3%2BAOWo9ecvzEtylORTlGKzGXYHxFtha0JOAhiLCK879JteEwv34aPKggU93AMh2P8bj4YnSvkBaTbb6tBC65%2FGqvv%2FA7JAQk5wdYAHqjxz42j97c1A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5eebf4ab4f3-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/images/fb.jpg
200 OK 16 kB URL HTTP/1.1 youtuber.money/images/fb.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=232, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=217], progressive, precision 8, 100x100, components 3\012- data
Hash da7ba50455e216f348ea611a4bde3aa5
0d716d9c0b9ee8d4c0554ea287e838a648942f34
83f39aa462ae8b8276cc3e9a46fe6e38e5510f97048e738902727b158d70d64b
Analyzer Verdict Alert quad9 Sinkholed
GET /images/fb.jpg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/jpeg
Content-Length: 15481
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
ETag: "62ae7992-3c79"
Expires: Fri, 16 Dec 2022 18:30:59 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 603951
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q194QJ1%2B1hQ8dsLc1DrOHTh4oQcRgDJh9F0ED1fINbJtu2NXtkqBN67Q7aU95dXVQ35lGoiWF5afo%2FNp3oG1KejwaqL4cbfZbpKxTxHuP4IoSLSzP%2B5q870umkFaUP4PbA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0dd320b51-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/images/cash.png
200 OK 6.9 kB URL HTTP/1.1 youtuber.money/images/cash.png
IP
File type PNG image data, 120 x 48, 8-bit/color RGB, non-interlaced\012- data
Hash 6907d175d114a6f449ebb5c11d9cffe5
65a0b1fb266df7c7bd822ed2c5ef241ec9b9d5a2
5b2024830a620f4eb1cdda3a5a0bcb9a873fd119ba3023d6eb6363ee41eb5538
Analyzer Verdict Alert quad9 Sinkholed
GET /images/cash.png HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/png
Content-Length: 6949
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
ETag: "62ae7992-1b25"
Expires: Tue, 13 Dec 2022 02:27:28 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 920962
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaSlpYYGY1yLm48hoYnIXUfnlzJCwdxSsv4oR3zOHadt6I3sHIvC9zeRlM%2FGukaxJ99%2FxAqko2Qf%2BWFUIOs7dgYQromPHCcAcnFzKbJ1qgZlv5AFTqHmV%2FPO7Bjnf%2Bln7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0df7b1bfa-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/images/tg.jpg
200 OK 16 kB URL HTTP/1.1 youtuber.money/images/tg.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=216, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=233], progressive, precision 8, 100x100, components 3\012- data
Hash 290f3d71651cd6db71f0e1f08b360a02
8acc9145abc9c71978032edcbf0dd5e364bca8b8
0c56fb343b35317edbb0921e3d207e26bd5c0b41921ccb1e71155965dac5e4d5
Analyzer Verdict Alert quad9 Sinkholed
GET /images/tg.jpg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/jpeg
Content-Length: 15607
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
ETag: "62ae7992-3cf7"
Expires: Tue, 13 Dec 2022 02:27:31 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 920959
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuW0qmAPcO9cLX%2BN5jXzCFMPx0D%2FOB8L2UXnN6Q%2B3RJ5KgHnX7L4VcxCP2YtdM1ZTZDys4UmJXYapxV321VoYmz93ucHVcmFvaUZqsJQ09hqK9m%2BqQFK7mYx9C%2BuIBjlRw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0ed470b51-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/images/line.jpg
200 OK 8.2 kB URL HTTP/1.1 youtuber.money/images/line.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 100x100, components 3\012- data
Hash e026e719a323672571f99165d1da693c
7c5d60dadd39a3211872fb5e7f7bc6928ed2f678
074bd4fdd36b56b6ad79b9183d9cf10c23827559abd2b59f985f97b03ac72428
Analyzer Verdict Alert quad9 Sinkholed
GET /images/line.jpg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/jpeg
Content-Length: 8249
Connection: keep-alive
Last-Modified: Sun, 19 Jun 2022 01:19:14 GMT
ETag: "62ae7992-2039"
Expires: Tue, 13 Dec 2022 02:27:31 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: HIT
Age: 920959
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am%2FG6epaHAXhZaL0YSvU4Nia0hDPeD%2BOR%2F%2B50G4zT9XmiKW7oiTrDsobJEk3lve5%2BLYQH1HmkPjDX8qTilpzr1DEXQs6kaGgRZ3AkNh0WYtxtgKuEy2hK%2FdQLjIFxy6jgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0fd5f0b51-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/js/lan/lan.php
200 OK 297 B URL HTTP/1.1 youtuber.money/js/lan/lan.php
IP
Hash 764610a354674e940e84ec3264386abe
9778de940f2797e4aa59a69afc004d70e3d96dc5
85365f5aeef256e0fc130600da7b275ef6760bd483be5412c368cd784a047c73
Analyzer Verdict Alert quad9 Sinkholed
GET /js/lan/lan.php HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fkxLAywgW1iR3eeg3OkMrZYVHLB81QPEM09YM5zHe%2Bo7PoUjgyAw8Ek7xpZ8yHtpddcWeSr%2FFC897%2FoiLhrGiiL8useZM5s62iLZUqDCDrC2vIGxKN9xUTuLXzhEZrhu%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5f098de1c16-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/js/toastr.min.js
200 OK 2.3 kB URL HTTP/1.1 youtuber.money/js/toastr.min.js
IP
File type ASCII text, with very long lines (6059)
Hash 86d061a27bfce288940f7a7842479acd
8b3afff80c0c2ac9447bd47aa93e7b9da1533b9c
5c9f592728e343c41939610963fa0b52c01e2a8c9c666ee141c74bb26ffb99fd
Analyzer Verdict Alert quad9 Sinkholed
GET /js/toastr.min.js HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
Vary: Accept-Encoding
ETag: W/"63764e3a-17be"
Expires: Thu, 24 Nov 2022 06:16:50 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F491p%2BlFcYalLEjnSytoTNYSQZOZO1TrgK8NwBPPK4Rinu1BxU9dkqH895oWyrjRpF5qHkwBZCSGlnyyy4gevSeMqGZm7lx99IGArld2WaSlriYtvwF7i9skPx70LyAb8g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76ebe5efcfcfb4f7-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Sp2QLqGuHnqWnxGG8iWuiw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pvv0wYwJaEVeLnCLepsj4YMN8CQ=
youtuber.money/images/twitter.png
200 OK 5.3 kB URL HTTP/1.1 youtuber.money/images/twitter.png
IP
File type PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Hash 602333f53faa534162f6298ecd776141
1725c8d37b2fff81487749aba924c6d042b26fc0
b831001126ca98f8b42d393d0c8c72ddb7bdb26ca2b702d429e01378135f81c8
Analyzer Verdict Alert quad9 Sinkholed
GET /images/twitter.png HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/png
Content-Length: 5302
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: "63764e3a-14b6"
Expires: Fri, 23 Dec 2022 18:16:50 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8%2B39lynrY0xDgYMb6cQOJU%2BLsJpAp7JLuvOzNzKp8uwJPtGBMe1ubr0J3WM70dKTFwAM6T4ffAljo%2F9yItZLPyBXFmdbH5va6bYAsz4Kp%2B0MofouwMVgtBZNrErAHfMHw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0ef961bfa-OSL
alt-svc: h2=":443"; ma=60
cdn.smntq.com/c83ul/smart.js
301 Moved Permanently 169 B URL HTTP/1.1 cdn.smntq.com/c83ul/smart.js
IP
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://cdn.smntq.com/c83ul/smart.js
mode: no-cors
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Cache-Control: no-cache
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd4e79dc5fdbd2b39980ac826e91cb6e
36f21d3a19aeef4514cc2e34907d7f4bbde3bd19
27732858a5f6865c48c1f5b8b31c215af3f862236e8048a17aaaf208738f15ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27732858A5F6865C48C1F5B8B31C215AF3F862236E8048A17AAAF208738F15ED"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4902
Expires: Wed, 23 Nov 2022 19:38:32 GMT
Date: Wed, 23 Nov 2022 18:16:50 GMT
Connection: keep-alive
youtuber.money/images/flag/lr.svg
200 OK 389 B URL HTTP/1.1 youtuber.money/images/flag/lr.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c59b4235014094c366f01efaa5f7c91d
8742c6d2c418c51c39fc30d68beb4c138cab3457
097d077e6406aaaf09dc0261e0f8bc27abd2a6737fbd8ae908f4c5e9c2ded93a
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/lr.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-2d1"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bxwqc9wH7TH%2Fa5HkvgMsm7%2FNLu91JVfb6YDfoLQl5VGwDgUru0V3Rzq%2BL9c4HzQtf%2FgHSj%2Ft6%2B%2BQ%2Fuquyh7j%2F2nR1Xqy602Hx5m9634ng9kanQG%2Bz33IP0Q5yQjfmyq%2BlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f10d740b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mazelift.ru/codes1.js
200 OK 4.5 kB IP
File type ASCII text, with very long lines (9774), with no line terminators
Hash 856e27c56869629cf52610ddcd9e4382
1a6844357e9585711503a5741556f3109595b9ff
44a818bbd35370666df87631c2a239cb8c2485764eb8dcb853bdb551ffb32a2a
GET /codes1.js HTTP/1.1
Host: mazelift.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: utm1=1:9f057492-d046-449a-b1ae-f953323b9679; expires=Thu, 23 Nov 2023 18:16:50 GMT; Max-Age=31536000; Path=/
ttl_eW91dHViZXIubW9uZXkz=0; Path=/
Last-Modified: Wednesday, 23-Nov-2022 18:16:50 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bd4e79dc5fdbd2b39980ac826e91cb6e
36f21d3a19aeef4514cc2e34907d7f4bbde3bd19
27732858a5f6865c48c1f5b8b31c215af3f862236e8048a17aaaf208738f15ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27732858A5F6865C48C1F5B8B31C215AF3F862236E8048A17AAAF208738F15ED"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4902
Expires: Wed, 23 Nov 2022 19:38:32 GMT
Date: Wed, 23 Nov 2022 18:16:50 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 23dac8d8c4a20197c07bd1e9dba85309
16b5a5e564b34d19c23469a3e489a6b204839640
39871543a8617adaa3c107ca4b79307eb508f4c4b4961db3b3d5a69fede773e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39871543A8617ADAA3C107CA4B79307EB508F4C4B4961DB3B3D5A69FEDE773E5"
Last-Modified: Wed, 23 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4678
Expires: Wed, 23 Nov 2022 19:34:48 GMT
Date: Wed, 23 Nov 2022 18:16:50 GMT
Connection: keep-alive
ulogin.ru/stats.html?r=93603&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7303&xdm_p=1
200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=93603&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7303&xdm_p=1
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=93603&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7303&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 18:16:52 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youtuber.money/images/wa.jpg
200 OK 16 kB URL HTTP/1.1 youtuber.money/images/wa.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=225, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=225], progressive, precision 8, 100x100, components 3\012- data
Hash 07ef3c50cf2905b3f0a3da683ac7d76b
383755f965269fcc9a42c47e759a4b953fab8e9b
04b43d2ded159249f8de72e72debc94f7e80aef23149be49ef7fb489f3430375
Analyzer Verdict Alert quad9 Sinkholed
GET /images/wa.jpg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/jpeg
Content-Length: 16336
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: "63764e3a-3fd0"
Expires: Fri, 23 Dec 2022 18:16:50 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O4na4dYhu4ui29kozwgEGRnmUE29TIxhX6BjyNqtqdU1ruhR9j7BIR9eQv3imkv1CrF%2F4L7AhPO808Db3OuxULPb1lrFkXJD%2BzHQ7YfjMSOpSfqNMpLvi2d0%2FDpZMKXRtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0dd92b4e8-OSL
alt-svc: h2=":443"; ma=60
ulogin.ru/stats.html?r=94750&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7304&xdm_p=1
200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=94750&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7304&xdm_p=1
IP
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=94750&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7304&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 18:16:52 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youtuber.money/images/ms.jpg
200 OK 22 kB URL HTTP/1.1 youtuber.money/images/ms.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=247, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=204], progressive, precision 8, 100x100, components 3\012- data
Hash 0eda1811135611b9ef023826887b76a4
b515a4ba1ae389c346a1f8d3c3b40552899085fc
878b91556e630a7bc724443bcd6e992351ea55d75818c97d764080509f480aa5
Analyzer Verdict Alert quad9 Sinkholed
GET /images/ms.jpg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/jpeg
Content-Length: 22008
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: "63764e3a-55f8"
Expires: Fri, 23 Dec 2022 18:16:50 GMT
Cache-Control: max-age=2592000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27A7GVwtWwxg7QSmQS80gm%2BSnvZAQoOeOuI2YMClGRynOWVKC2TbCBpV8Y9clyyBfoOGFo0iDlrEHPJvQV%2BTl0i6GP7f8vEEOc7HS7aX8U%2FbkqsIyhFpSL%2BJrvOWjKi9CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f0e9e3b4f3-OSL
alt-svc: h2=":443"; ma=60
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 93c6c92383208073bd489f7a27e0cdcd
13dea857a40fdc72fde3eb2f3576e6a633f04c1c
b47e0884e4fc9e29534cb6101a115ea015c258dd95e1c96a8a6398d7518fcd60
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sun, 27 Nov 2022 16:18:20 GMT
ETag: "13dea857a40fdc72fde3eb2f3576e6a633f04c1c"
Last-Modified: Wed, 23 Nov 2022 16:18:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1721
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f43a140b51-OSL
youtuber.money/images/flag/dm.svg
200 OK 3.1 kB URL HTTP/1.1 youtuber.money/images/flag/dm.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 839ef46d7b82a59011d1bbaa986cc90c
6bda2d64d5feb572a93dae2920eaadd6989e08e9
5bcfe8c2ba071c3585bf8610c0e1708341ac39680c9ada3cb4465b45b48e711a
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/dm.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-3e78"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTvcgcWiiV3%2FDtRKjCInc4dRHyybAaZoKa2JeMOTBgLfWlCjq%2FGOWSAcS1zhKC1FzaeoUqLLpXgvFY7OrKLWNoDOW52f8095QuvHVlwJYYK5S3QOP%2F3FcPUiovtXjEFLcA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f1daf5b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/sa.svg
200 OK 4.3 kB URL HTTP/1.1 youtuber.money/images/flag/sa.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1304)
Hash f42f6760cbdd65e3be6396555c72d23b
443b90aea4603def5c33a9a666fb8953e1d18c62
0606f2affcdf6082b8a6fa3611f4841bf6d780caa8fac034d0de1960aa8d604c
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/sa.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-2832"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BtXIZP3GMJirQdcRWqL%2FEyfRCBMGSGhx3U2SJhdmVimHR7JQvTBsO5YlgC5de2Q7xbLt84AOpFZOSA8SF0SwCTupYad%2BATRSC%2BOztLkL1IUMJTSgrP4sXFvmKDH4xY1qJg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f40ea4b4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/bj.svg
200 OK 309 B URL HTTP/1.1 youtuber.money/images/flag/bj.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 9349e7724232efcc8f0dcb685263f463
3f583c0163e4b098e8e109f654c0756f12bfcf8e
6ea8d7e7693eb03abbb55869c1a151267f42ea11ef0d656bc8f806e931a3e4aa
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/bj.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-1f0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TLHScLZILBT9%2B9uVlvwe1s0H3Ci%2FzloAioY%2BlDYU18Dno5Eh0kB%2FwVnxDILDOalsA%2BlD98w%2BprGJ2OZsB1obAV%2FaGdQY7wJdf4X%2F5k9LtJaxGWOC1IXfQR163HBj9T1HMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f30a591bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/ga.svg
200 OK 186 B URL HTTP/1.1 youtuber.money/images/flag/ga.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 525ce6ca01a0f09e7559cde89e1b4a23
b0af416896b7985ae145e671667eb7cc94b3c126
d512ed6ea10cba850db72b7a244be97f3527fc48df56b10c3e5e49e7c604a013
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/ga.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-112"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D9udGINIFLLh%2FeUgZDnao%2BoE6O4%2FuBuHA01bH%2FlRtbnTX%2BVRPu8FFTvtI7n6uNCTVpdabhkJY8YmkPV9K7P%2Ff3pDL2lXCcMw6%2Fc9qiFK%2FIGpkJhGpnvcpEyntB2OCUlyMA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f338e00b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 youtuber.money/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://youtuber.money/css/font.css
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5; video=video
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: font/woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: "63764e3a-12d68"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7dGspkkll39WxYGQ6PECk7ungeWjEGmCO78VOdfufl5Z4tuG8uavIFsUCZzzizlKnejxEQef53aoZBYl%2FNGz%2B2gpxVY%2FHdB8Ake49MTbmeTdYXlppZPnfRfr%2Frp2SCptQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f1a9fb1c16-OSL
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/zw.svg
200 OK 2.7 kB URL HTTP/1.1 youtuber.money/images/flag/zw.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5260)
Hash 9d941e8c8da8d63351e5d1bd2f284c8d
0f8dba30cbac056680c83e98e9c4fb7ecfe3327f
dfc624b511ba312d5368368636695c50cbb15a3b9b1d54d4863c45694388c0b3
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/zw.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-1a7c"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaYpVRzkVLOEI4yEVyEv8MxRvnpllVR6sLKWCE0C90JbR89%2FrV1%2FlxNWdBsHqd%2BHAv3AK3wjG3tZAQlqZ2cPYMMX%2F8IsHVh0WqLQnKNqmDH5tpzg8HBy1PjGoxc4Fv5tXw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f4ffd6b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/at.svg
200 OK 185 B URL HTTP/1.1 youtuber.money/images/flag/at.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d836c55d7c2c03a3860e662b6189ea9a
ce012dca20c02a205d1c3f4346685519ced0a9e3
fc26aece52031af21911df92c42dd19fc531e82b4f50be46a4ab9abe0bc279f8
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/at.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:50 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-f0"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZJpNUXnG7OFHtgt7Ubn3kTebfpOo97QN8B1UiPh0y5fc3AMPEr8Q3JhmdiEruy8GDh%2Fq61yBqQQJC4FcjtwUZgj1CSx%2F0x9dyodqmh%2Bqlbx7dbFYkhOuyT6ZtbPfWI9aw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f5183cb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
200 OK 7.0 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (19804)
Hash 489ab3ceae080380a204ec274fb6debc
4759776b7953b70ecb269125ad0d945a7836b884
4840a22f680156aa6f5d95be69dcb71962c27747b6dfae8f7946f90d6387932f
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=93603&type=panel&xdm_e=http%3A%2F%2Fyoutuber.money&xdm_c=default7303&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 23 Nov 2022 18:16:52 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Sat, 26 Nov 2022 18:16:52 GMT
Cache-Control: max-age=259200, public
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash c0e109bdc8bd6b53aaa82626cbe6daf1
e847cf8d5d191a33754796ae43567d2927ed6649
de72455fa2c1133e92973eb69aa3e20fdd7d69db9074ef913d38cb58df50490f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 27 Nov 2022 17:08:44 GMT
ETag: "e847cf8d5d191a33754796ae43567d2927ed6649"
Last-Modified: Wed, 23 Nov 2022 17:08:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2838
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f6cd440b51-OSL
ocsp2.globalsign.com/gsalphasha2g2
200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP
Hash c0e109bdc8bd6b53aaa82626cbe6daf1
e847cf8d5d191a33754796ae43567d2927ed6649
de72455fa2c1133e92973eb69aa3e20fdd7d69db9074ef913d38cb58df50490f
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 27 Nov 2022 17:08:44 GMT
ETag: "e847cf8d5d191a33754796ae43567d2927ed6649"
Last-Modified: Wed, 23 Nov 2022 17:08:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2838
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f6cafeb511-OSL
counter.yadro.ru/hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93603%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7303%26xdm_p%3D1;0.16260994938168882
200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93603%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7303%26xdm_p%3D1;0.16260994938168882
IP
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D93603%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7303%26xdm_p%3D1;0.16260994938168882 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Mon, 22 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D94750%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7304%26xdm_p%3D1;0.1366695303679606
200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D94750%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7304%26xdm_p%3D1;0.1366695303679606
IP
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttp%3A//youtuber.money/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D94750%26type%3Dpanel%26xdm_e%3Dhttp%253A%252F%252Fyoutuber.money%26xdm_c%3Ddefault7304%26xdm_p%3D1;0.1366695303679606 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Mon, 22 Nov 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
youtuber.money/images/flag/ps.svg
200 OK 331 B URL HTTP/1.1 youtuber.money/images/flag/ps.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash db9ddc2f302117f6d6d48fb069fcd81d
1be3ca8db04f25c13014f837a034aa16b47db889
7dbee59516cd03f0c5439ab6256441704e459626a446a8efd1eccf7415dc014c
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/ps.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-22b"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkXJTuJSln2hFk4s7fDSuuAmeq%2BFIURnsgfXvsHFk3rMBvRh4jIb6UpIHeObF6ucxFSgxHY8PtxdlBo2b8ylSymeqv0f5tjKwQzrOg2YB5dg42C6c40vhadp4ldzyKV%2F2A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f51d771bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youtuber.money/images/flag/mx.svg
200 OK 33 kB URL HTTP/1.1 youtuber.money/images/flag/mx.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3766)
Hash 35f2954516334edb7d57d821d49cbcf1
d9b922aef3fa148c9db93ed833b243903c6fd55a
4f1ec951da6752e4710eb3c7aebcb2f512e431ce25493952e5ac14f4a2694932
Analyzer Verdict Alert quad9 Sinkholed
GET /images/flag/mx.svg HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-17527"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fik1FAXy%2B8Br8FL6x%2FQsJeLBZAlQW9LbkcBZPLwpshi1ZbancLvG78eSYMAeFYaMQCDUXEsjSaVRCuAmNWMocpAaUoHQI7OCfv7xtXsMWegWggPtsF6Z%2FDrbdEJBVkLY2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f3eb7cb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img.youtube.com/vi/B43AHlEJhBs/hqdefault.jpg
200 OK 23 kB URL HTTP/1.1 img.youtube.com/vi/B43AHlEJhBs/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 91ac1a2ef4dd22f84d886ee9e378e851
fa455785ad602746f8b9c15b1328f71a38f085f8
7c35d03b60803e15580a5643fb89ca922ef3061aa0c91bbd5cf8a2c21d50c83f
GET /vi/B43AHlEJhBs/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 23158
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1627824686"
Content-Type: image/jpeg
Age: 0
img.youtube.com/vi/8jc1hrPpL-0/hqdefault.jpg
200 OK 37 kB URL HTTP/1.1 img.youtube.com/vi/8jc1hrPpL-0/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 433af26f8836f69ee3d5852c1bc102a1
a408c1cc068d4e5291987ebbd0028f78bc11c3cc
97ade11eed2d971ecf0c5fa2ce92955caabc2b1c078c1933aafbb33e10af8bb3
GET /vi/8jc1hrPpL-0/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 37237
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1477057279"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
img.youtube.com/vi/1rNDjaAFDZw/hqdefault.jpg
200 OK 28 kB URL HTTP/1.1 img.youtube.com/vi/1rNDjaAFDZw/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash f9b68010caa6fb2951afaf4e435bdc12
e16f4a180af0f0da6b44b5f2ec42faa9d094e122
b671551be64f2d2f0e170ac13a7da27efaca7c50ee77d188669fd0a63f2b2adb
GET /vi/1rNDjaAFDZw/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 27799
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1610462975"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
img.youtube.com/vi/asZm5gHknmU/hqdefault.jpg
200 OK 26 kB URL HTTP/1.1 img.youtube.com/vi/asZm5gHknmU/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 39fb6f8b300c66a2d927b05e384cb513
645574afa3354c148d77b1e222cf961ccdbbcac8
85b59ddff779ef65938cce07569d2cc8e5ebf223a196dcb807d6fb4a8fbbe863
GET /vi/asZm5gHknmU/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 26204
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1626984260"
Content-Type: image/jpeg
Age: 0
img.youtube.com/vi/RqGacP1m_Jg/hqdefault.jpg
200 OK 28 kB URL HTTP/1.1 img.youtube.com/vi/RqGacP1m_Jg/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash fa942c8c707de8839a6713fea06bd42a
c5139fcd5e0bf610001074ddee57e3f351f0cbd4
39bbac11ea3c5a5b8a2e0ee6b10e5341c182f2793fd32fe1763c53391a9d4eda
GET /vi/RqGacP1m_Jg/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/jpeg
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 28476
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1629211980"
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
cdn.smntq.com/c83ul/smart.js
200 OK 35 kB URL HTTP/2 cdn.smntq.com/c83ul/smart.js
IP
ASN #24940 Hetzner Online GmbH
Hash 34b3ede6c06c91143c73b04b2948270f
318fdc0fdbe0b7632c75cf9c9c4aaff154db4bdf
75125729913603d7add20c5f03644bc9683ddaccb5d6349218f6e252a6f5c3f5
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://youtuber.money/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Wed, 23 Nov 2022 18:16:50 GMT
content-type: text/javascript;charset=UTF-8
set-cookie: smart=08ab2419bd374230adcef7617286fa8c; expires=Mon, 27-Dec-2027 18:16:50 GMT; Max-Age=160704000; path=/; SameSite=None; Secure; domain=cdn.smntq.com
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
302 Moved temporarily 0 B URL HTTP/1.1 mc.yandex.ru/metrika/watch.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 302 Moved temporarily
Content-Length: 0
Location: https://mc.yandex.ru/metrika/watch.js
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 18:16:51 GMT
Connection: keep-alive
img.youtube.com/vi/TVXfeKC-9Ws/hqdefault.jpg
200 OK 27 kB URL HTTP/1.1 img.youtube.com/vi/TVXfeKC-9Ws/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 72bd8bcf16e2d77607eb3936df566650
8a3a2b3f914e50e3295a77b87ff04c5132c67032
f379fb1f612899e1a5095a45c2bf390d34ba3d0120a66663dfa78ffc4a81b073
GET /vi/TVXfeKC-9Ws/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 27408
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1629028464"
Content-Type: image/jpeg
Age: 0
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 23 Nov 2022 16:41:08 GMT
expires: Wed, 23 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 5743
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/mopPZNqocbw/hqdefault.jpg
200 OK 39 kB URL HTTP/1.1 img.youtube.com/vi/mopPZNqocbw/hqdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 4008866e315e11876959f04c5ebefde9
3e01d2ab2dc878c9658b5c6d38c266fc9655474e
b0f5900b8b9ae0fa4b2fc8aa71df040569bddc614b757c58d45ab6c830d7fe36
GET /vi/mopPZNqocbw/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Timing-Allow-Origin: *
Content-Length: 38814
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 18:16:51 GMT
Expires: Wed, 23 Nov 2022 20:16:51 GMT
Cache-Control: public, max-age=7200
ETag: "1629991164"
Content-Type: image/jpeg
Age: 0
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6380f73d47906bd63b9c48137e4df61
94e053461d2db89e9d08321f26a2555ebcd7e0b9
84144e3c3e7acc7339fd1da9b373f18582734b6f4d235b2aef8c90616ed1c8a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0ea68cc-d723-41ae-8bc2-16e2e422e2aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5914
x-amzn-requestid: 175363fa-bb7a-4c95-8aa4-ebb3f16f3745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1lI3HaqIAMFmTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63788238-1bb736b52bbae37c5e19486f;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 39Lmple6qq9vrKeKJ4lcditVdK5XfRFtv3Cs0_R8B7pVDYPiRAGFtg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:13:08 GMT
age: 72223
etag: "94e053461d2db89e9d08321f26a2555ebcd7e0b9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 18:16:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 35a44687c086af7b41c8333297bec58e
1b3efc7e58c1e7220830d0060a6d1942869243a0
39a525fde61e3110f773cb121407925a2d2d1b8003c7beb58cf4fd8b18b8d78a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70cd6ebf-bddf-4637-8842-4c05872ec539.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8683
x-amzn-requestid: 4e9d4c04-802f-4ab8-bb51-645f31de068a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBb_4G8voAMF-YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4065-01d3c8271b80e7ba7bb40f88;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: juNmmSsvjf_CNHlUVIpJTDDg6Cqyu2X1Xl9EQW8ZrC6Tuu7RmcrMKA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:52:56 GMT
age: 73435
etag: "1b3efc7e58c1e7220830d0060a6d1942869243a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06c6e720bc9900b38e88cd72f739603e
22884cbc78622d6f78c1c3397c9b440946144a99
8675d08e6d8ae5bdedbc7c7ce647f8c6e72cc457917b4ed1856c50b11c2fe88b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20f7461d-18d1-4343-9ecb-d68d44ce1ee4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7589
x-amzn-requestid: 533d7650-cb21-4090-a50a-e205adad316d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brr5zH4qoAMF79Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748d0b-017f7bf4390eb124097af648;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:11:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZtjzvMh_vqVaOqm8xPfZ2EWGGl0X7Iv8GK40Z32EbKM4wk6tGPnlYA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 22:27:21 GMT
age: 71370
etag: "22884cbc78622d6f78c1c3397c9b440946144a99"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d2c986e076309d51d199332caebb07a
343a5bfba0f8fec28f9345f276b44f44c6eaf6a6
64e6fba6a45c70c1db6040a2273472774c00257bef373cc45b6ca00cb819681a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d582ed2-f829-4647-9113-832d4500a207.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9138
x-amzn-requestid: 524e565e-a9fb-45f9-b786-d64cf26a3cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcAAHG8IAMFhwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d4066-3689e70e6212e9e77dc134f4;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:34:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cwu__NPGaU0zyAG0H1yZhmjGsFzvNmzsGv6Zt9hrF5gwSysEio2MjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:52 GMT
age: 73859
etag: "343a5bfba0f8fec28f9345f276b44f44c6eaf6a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg
200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 050f43f830803646a2ece48e01ac8d24
d359314799f8873b35580dd5f8c64b75dfa4ffe3
d4ad8c9e5e1fe428c55c02e567aba32664055f8a881ee6aff8438c3a09124f3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f159cda-2152-46b5-8f3f-971d5d406960.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6475
x-amzn-requestid: b3f37508-ce80-4bfd-8f40-d98c1ee57f7d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQlaF-9IAMFh8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e22-42b6d99c69142d1e37161d69;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:02:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PZE1jHafMw2Qp-hgWemayemh8jLD57th6a2hD55aLhj4KSyjR-rvmQ==
via: 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:53 GMT
age: 39658
etag: "d359314799f8873b35580dd5f8c64b75dfa4ffe3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 18:16:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 611d1eca860866489908506a26bd6a2a
5e8c401f098357cd12889a6e507baf7c8a87772a
e3216e5edd547bc8f6a43780da5a118842b96de96d5cf668af68d8706ceb32e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E3216E5EDD547BC8F6A43780DA5A118842B96DE96D5CF668AF68D8706CEB32E4"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Wed, 23 Nov 2022 20:26:24 GMT
Date: Wed, 23 Nov 2022 18:16:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1416
Cache-Control: max-age=160277
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:51 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 14:48:08 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/j/collect?v=1&_v=j98&a=2089888698&t=pageview&_s=1&dl=http%3A%2F%2Fyoutuber.money%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=364590596&gjid=932648982&cid=43145709.1669227411&tid=UA-228184982-1&_gid=402749385.1669227411&_r=1>m=2oub90&z=1302288533
200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=2089888698&t=pageview&_s=1&dl=http%3A%2F%2Fyoutuber.money%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=364590596&gjid=932648982&cid=43145709.1669227411&tid=UA-228184982-1&_gid=402749385.1669227411&_r=1>m=2oub90&z=1302288533
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=2089888698&t=pageview&_s=1&dl=http%3A%2F%2Fyoutuber.money%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=364590596&gjid=932648982&cid=43145709.1669227411&tid=UA-228184982-1&_gid=402749385.1669227411&_r=1>m=2oub90&z=1302288533 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://youtuber.money
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://youtuber.money
date: Wed, 23 Nov 2022 18:16:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e8d7af3a5d030774447a0f71c7824f0
663cace8681891ad55943dd0273493aa9474d102
22068df04672281e392caa485259df103d591ab247c3eb5e0ccba10ffd8a9ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44f9633f-15fe-459e-aebf-06d2b582efa8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9766
x-amzn-requestid: ca8b7a9f-3c1a-419d-953e-2944bf820e5e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBcR_Hd4IAMFWUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d40d9-4ca5e9b2476a47cd199b9cba;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gtzOoH3--VR9BQTHvU5vInc6yhBcK0-O1oBbVJpAhpRRqqKY8vAf_g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 22 Nov 2022 21:45:48 GMT
age: 73863
etag: "663cace8681891ad55943dd0273493aa9474d102"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash 63bfc0f13125b5b5739dc862de9ef1b0
fddc811e1f459a8092b6ca7389b517158c185735
e10f141a33fdd209cc74b59c5f91489f2e89ace90a439920c71ee4aa09132701
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://youtuber.money
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7f7fb36cad05eea71a974e18b6815e8d
etag: "f6913a6f9cb78f39d4d937e353edc719"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 23 Nov 2022 18:18:06 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Y7/A8TEltbVznchi3p7xsA==
x-fb-debug: 27kUkNAKDxP4wFO8k6uWIrdXd5desRPSAACLWlHU+DXHtj93UwlzuefD9iLJKtZM4J3L+Hl4p42T4wjTX8ph1A==
content-length: 1687
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 18:16:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
200 OK 937 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash e9b8790665af284944954828ed002c2c
370b52820c2e14abca689566faeba655da5988f2
caa12722cbaa9ede36bd8d22992b5b62affe46e19c5c42b0c37f675f83236952
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: application/ocsp-response
Content-Length: 937
Connection: keep-alive
Expires: Sun, 27 Nov 2022 14:45:05 GMT
ETag: "370b52820c2e14abca689566faeba655da5988f2"
Last-Modified: Wed, 23 Nov 2022 14:45:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1529
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f9c8d40b51-OSL
ocsp.digicert.com/
200 OK 471 B IP
Hash b6e7c5faf2d24e0d958ab10ee95f6791
16b68ad4b4a2776571697dff8edc9369a3c5c451
1431771f6fd4ad8c028d53a7489acc16b829e32e01d92df5e8c923723024b75a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1416
Cache-Control: max-age=160277
Content-Type: application/ocsp-response
Date: Wed, 23 Nov 2022 18:16:51 GMT
Etag: "637e2d20-1d7"
Expires: Fri, 25 Nov 2022 14:48:08 GMT
Last-Modified: Wed, 23 Nov 2022 14:24:32 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
mc.yandex.ru/metrika/watch.js
200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash 89185e037b366ee6c6b5d55bd893c11d
6a0e2cd6189b890da76b827beaeeca41097e8cf1
2b46f64d745301de1b0f94206157e0373db1e5db20e7725794fb34adaab08423
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://youtuber.money/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57741
date: Wed, 23 Nov 2022 18:16:51 GMT
access-control-allow-origin: *
etag: "637b3777-e18d"
expires: Wed, 23 Nov 2022 19:16:51 GMT
last-modified: Mon, 21 Nov 2022 11:31:51 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
youtuber.money/favicon.ico
200 OK 2.8 kB URL HTTP/1.1 youtuber.money/favicon.ico
IP
File type PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash eb3e5ed534733deceae9af986353b060
c690655e74a121c9df2cd827114bb1162e5f4e51
b14fba0ab72af8d4cc866cc7de2278321b5f411b21ab1dcd45832355a2216a48
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: youtuber.money
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://youtuber.money/
Cookie: PHPSESSID=8ngm3qtq5b1vksm8m5neshopl5; video=video; Anti_Fraud=1
HTTP/1.1 200 OK
Date: Wed, 23 Nov 2022 18:16:51 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 15:07:38 GMT
ETag: W/"63764e3a-bd9"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mb0G7C27IV39tHzBIYwHOKuNykCs40Q48h%2BHGVhUt6VsDACW0khfoNCuweRIVhGzrdJnEOWN64xw7FxbVhl7Ye5ZtjMwwuLAzvRaqRmFEeZj5hnj96lyL8eS1VFO9VpZzA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76ebe5f8bd4bb4f3-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
connect.facebook.net/en_US/sdk.js?hash=4a88176bc5526bb85e5df4ac3729afd8
200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=4a88176bc5526bb85e5df4ac3729afd8
IP
File type ASCII text, with very long lines (18530)
Hash 691a56a1c08f9dc1290d481baf75e0b1
bfd03a73d89553e24d1ffc12f9fb78b14113bfaf
677a33d5350194fe12f2e83e769b4b1ec7118564860b0474504d15ee6c5c6540
GET /en_US/sdk.js?hash=4a88176bc5526bb85e5df4ac3729afd8 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://youtuber.money
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1e86f83088190f570c943794de91b67a
etag: "3d9a36c75266cf7c2cddc835fbbe9a8a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Thu, 23 Nov 2023 17:24:37 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: aRpWocCPncEpDUgbr3XgsQ==
x-fb-debug: +jEmVIGNLcrL2YOM8q88HIiNrJN/DfoNZzDuTYZHegjl4Aa179eat0doTEUMusXNDM0EFfSVs9NUlvPHEAdqig==
content-length: 88359
x-fb-trip-id: 1679558926
date: Wed, 23 Nov 2022 18:16:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash a9be173413917d20a4eaafb500d776df
39d84722c98edc4b0fc14445d7f9112b714f9ba9
0e22b2d236abe4c352e168b8286cdf343a46388e1c555954750f9972d4daae27
GET /hm.js?ca39fa08836e125f6ea13e25b34bd166 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Wed, 23 Nov 2022 18:16:51 GMT
Etag: c9147ecb181f511b8cbec830f70c297b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5298BB08B70A4341; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
mc.yandex.ru/watch/82412725?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
302 Found 43 B URL HTTP/2 mc.yandex.ru/watch/82412725?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /watch/82412725?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://youtuber.money
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82412725/1?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Wed, 23 Nov 2022 18:16:51 GMT
access-control-allow-origin: http://youtuber.money
set-cookie: yandexuid=679165101669227411; Expires=Thu, 23-Nov-2023 18:16:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=679165101669227411; Expires=Thu, 23-Nov-2023 18:16:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1353066621669227411; Path=/; SameSite=None; Secure
i=RvFIJn7yzInEa4pw0OuE9brRASHDT5EUIHn399B2f45TGI72DkH98S4TtJey7BGxPzTbikt55QZlExFUNNAtJvZ54ts=; Expires=Sat, 20-Nov-2032 18:16:47 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1700763411.yc.1669227411#1700763411.yrts.1669227411#1700763411.yrtsi.1669227411; Expires=Thu, 23-Nov-2023 18:16:51 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 18:16:51 GMT
last-modified: Wed, 23-Nov-2022 18:16:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725/1?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/82412725/1?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash a99878d32443e368c859482b2b65a604
6349aad79c8f69fd34b4768bf7b59d52412c988c
d1d8f72fd41a22372fb2f8d9cff9e78fdf2889efff876a459f8b3efb3ed98ec3
GET /watch/82412725/1?wmode=7&page-url=http%3A%2F%2Fyoutuber.money%2F%231669227410482&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A1252%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1242752097319%3Ahid%3A67349347%3Az%3A0%3Ai%3A20221123181651%3Aet%3A1669227412%3Ac%3A1%3Arn%3A716917512%3Arqn%3A1%3Au%3A1669227412361254761%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A3%2C1%2C355%2C2%2C-7%2C0%2C%2C1032%2C8%2C%2C%2C%2C1477%3Ans%3A1669227408698%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669227412%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://youtuber.money
Referer: http://youtuber.money/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Wed, 23 Nov 2022 18:16:51 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://youtuber.money
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Wed, 23-Nov-2022 18:16:51 GMT
last-modified: Wed, 23-Nov-2022 18:16:51 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1160338079&si=ca39fa08836e125f6ea13e25b34bd166&v=1.2.97&lv=1&sn=50962&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fyoutuber.money%2F%231669227410482&tt=Paid%20video%20viewing
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1160338079&si=ca39fa08836e125f6ea13e25b34bd166&v=1.2.97&lv=1&sn=50962&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fyoutuber.money%2F%231669227410482&tt=Paid%20video%20viewing
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1160338079&si=ca39fa08836e125f6ea13e25b34bd166&v=1.2.97&lv=1&sn=50962&r=0&ww=1280&ct=!!&u=http%3A%2F%2Fyoutuber.money%2F%231669227410482&tt=Paid%20video%20viewing HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://youtuber.money/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 23 Nov 2022 18:16:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6803295AF92F1889; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
172.67.158.116
104.18.20.226
77.88.21.119
93.184.220.29
95.217.109.66
103.235.46.191
23.36.77.32
157.240.200.14