Report - en.y2mate.is/153/

Report Overview

Submitted URL
en.y2mate.is/153/
IP
104.21.4.123
ASN
#13335 CLOUDFLARENET
Submitted
2023-01-30 18:48:21
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
system-notify.app	137941	2020-11-12T13:15:34Z	2023-03-13T09:19:39Z	835 B	13 kB	157.90.33.68
platform-cdn.sharethis.com	11841	2019-01-09T19:55:39Z	2023-03-13T07:12:06Z	2.8 kB	7.6 kB	54.230.111.19
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	382 B	46 kB	142.250.74.40
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	369 B	21 kB	142.250.74.46
my.rtmark.net	9054	2015-02-04T10:54:57Z	2023-03-13T05:11:40Z	378 B	741 B	139.45.195.8
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	709 B	443 B	216.239.32.36
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.1 kB	6.3 kB	142.250.74.131
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-13T08:37:09Z	388 B	32 kB	216.58.207.202
buttons-config.sharethis.com	6006	2017-05-04T11:18:15Z	2023-03-13T05:10:08Z	391 B	1.3 kB	54.230.111.117
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
en.y2mate.is	unknown	2022-07-02T14:09:02Z	2023-03-09T07:03:57Z	794 B	94 kB	172.67.132.18
count-server.sharethis.com	11699	2017-01-04T06:02:12Z	2023-03-13T07:12:06Z	441 B	698 B	54.230.111.84
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	1.0 kB	54.230.245.100
l.sharethis.com	4794	2012-05-21T23:59:04Z	2023-03-13T05:10:08Z	968 B	397 B	3.125.136.212
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.38.139.17
maxcdn.bootstrapcdn.com	724	2014-06-18T02:37:31Z	2023-03-13T07:25:00Z	434 B	904 B	104.18.11.207
platform-api.sharethis.com	5118	2017-01-29T12:44:16Z	2023-03-13T05:10:08Z	374 B	596 B	54.230.111.68
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	1.7 kB	9.4 kB	93.184.220.29
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.0 kB	2.9 kB	104.18.32.68
uidsync.net	unknown	2021-07-23T21:20:22Z	2023-03-13T08:06:22Z	968 B	1.7 kB	157.90.33.72
gloaphoo.net	unknown	2022-09-10T14:44:27Z	2023-03-13T06:18:39Z	3.0 kB	2.5 kB	139.45.197.239
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	601 B	588 B	173.194.221.157
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.8 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	378 B	630 B	142.250.74.74
tzegilo.com	unknown	2022-01-14T16:27:15Z	2023-03-13T06:33:04Z	354 B	828 B	104.21.89.122
cdn.itskiddien.club	unknown	2022-10-06T18:03:35Z	2023-03-13T08:06:22Z	374 B	1.9 kB	139.45.197.236
fleraprt.com	unknown	2022-01-14T23:55:14Z	2023-03-13T06:33:10Z	481 B	480 B	139.45.195.254
offerimage.com	304078	2019-06-10T13:11:53Z	2023-03-13T08:06:22Z	416 B	17 kB	172.67.22.216
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	956 B	33 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	fleraprt.com	Sinkholed
2023-01-30	medium	gloaphoo.net	Sinkholed
2023-01-30	medium	gloaphoo.net	Sinkholed
2023-01-30	medium	gloaphoo.net	Sinkholed
2023-01-30	medium	gloaphoo.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	Size	First Seen	Last Seen
	y2mate.is/assets/js/main.min.js	6.2 kB	2023-03-13	2023-03-13
Pretty URL y2mate.is/assets/js/main.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:38:24 Last Seen2023-03-13 12:38:24 Times Seen1 Hash aad879b16f36ead113f15aae96d40444 a6bf08b6f1c5f4f794464514eba16106c33b5c1e 624276d4989898dd5b1d287bfa48c69dcf184df8d2b2f5f986bc059df535ec92 Loading...

	gloaphoo.net/401/5578627	85 kB	2023-03-13	2023-03-13
Pretty URL gloaphoo.net/401/5578627 IP 139.45.197.239 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:38:24 Last Seen2023-03-13 12:38:24 Times Seen1 Hash 98ab7aaa31a39849df9568342abf984a a23a8199df9ec93b628794ab0e55af189a579312 2c40994375be505a03f3866afb0a4635f6b4733c5605ba157b67ebd6fac78594 Loading...

	system-notify.app/f/sdk.js?z=666129	46 kB	2023-03-13	2023-03-13
Pretty URL system-notify.app/f/sdk.js?z=666129 IP 157.90.33.68 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 00:56:36 Last Seen2023-03-13 14:11:40 Times Seen1 Hash 16d735c97182026b11100e605123b9be 55af90def8dc63b87ccacbf9b10f5f6ce6f906bc 3c9360eb7e667f9a8cd046a0fef10cfed3495392637dfc0202a2fdec78e8eac6 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fen.y2mate.is%2F153%2F	195 B	2023-03-13	2023-03-13
Pretty URL count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fen.y2mate.is%2F153%2F IP 54.230.111.84 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:38:24 Last Seen2023-03-13 12:38:24 Times Seen1 Hash a2d3e30360b3611c23bce3f1d8c88482 96975185481f307b7ab08957ef1d6611c4ba8406 64a81ad3d8be6320b85e23fc55b677edfc5758c80169c06dff1ef77f00c74d06 Loading...

	www.googletagmanager.com/gtag/js?id=UA-177915668-1	116 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-177915668-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:38:24 Last Seen2023-03-13 12:38:24 Times Seen1 Hash 9637eb67608e5502719192b34c22a713 e775384175dc817d79a3a5b0f33d8450c5a5da61 26426e235f511c084d185c0c108a41e3ee0db78906b65d3bc6db241123203473 Loading...

	www.googletagmanager.com/gtag/js?id=G-QS73XC9RW5&l=dataLayer&cx=c	220 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-QS73XC9RW5&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:38:24 Last Seen2023-03-13 12:38:24 Times Seen1 Hash 30581d0611115611dd6977081a2554eb 4b9178083fc92226fb8fd808944489b39b04fb4c 49ff6aac303e0a9d570ddc2cdaaa0a1d1e602c8daafd0058c440d0a2718d1254 Loading...

	buttons-config.sharethis.com/js/5fa68f511a075b00196b76b6.js	711 B	2023-03-08	2023-03-13
Pretty URL buttons-config.sharethis.com/js/5fa68f511a075b00196b76b6.js IP 54.230.111.117 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:29:09 Last Seen2023-03-13 19:38:35 Times Seen1 Hash ead1494ad242911a1c642f72e641c184 b40504a492c106750daef819f7865e1294390694 c78e90053f5ca2d08be04c65317491bf626f10b58ba82db4c7dc198f3d8db688 Loading...

	tzegilo.com/stattag.js	13 kB	2023-03-12	2023-03-13
Pretty URL tzegilo.com/stattag.js IP 104.21.89.122 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 10:58:26 Last Seen2023-03-13 15:12:18 Times Seen1 Hash 06da61f9a1b79f424c81076c40127cc3 c733f65c9da2acdb14d82582021fbe9da897609b 99a71a1b07146af8472583c57014f45f928b4e3eb59112e40b28efc6fd7a3f60 Loading...

	en.y2mate.is/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-26
Pretty URL en.y2mate.is/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 17:50:11 Times Seen43126 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js	40 kB	2023-03-07	2024-04-26
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 15:22:27 Times Seen12220 Hash 2f34b630ffe30ba2ff2b91e3f3c322a1 b16fd8226bd6bfb08e568f1b1d0a21d60247cefb 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Loading...

	en.y2mate.is/153/	141 B	2023-03-08	2023-09-24
Pretty URL en.y2mate.is/153/ IP 172.67.132.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:29:09 Last Seen2023-09-24 20:56:26 Times Seen5 Hash 0e533a8d73606fcb038abb5e8bafa27b 45a50a8582a76dedc258ac3151e65acf26205902 3ab38c87b5645a1d9f17f1b71609dfb64a20807bd7da9a9990e0b582a30ebc3d Loading...

	platform-api.sharethis.com/js/sharethis.js#property=5fa68f511a075b00196b76b6&product=sticky-share-buttons	197 kB	2023-03-13	2023-03-13
Pretty URL platform-api.sharethis.com/js/sharethis.js#property=5fa68f511a075b00196b76b6&product=sticky-share-buttons IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 06:58:00 Last Seen2023-03-13 12:46:49 Times Seen1 Hash 2c942f90c211a2371a902746d678fdac 106e03353cd09dde3d5d9510fc6b375b21f3168e 15a03579a9226414c71d3bb85d039865eec13c1d73ab10b1d532f59341a21844 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js	88 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP 216.58.207.202 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-04-26 19:32:50 Times Seen95625 Hash 220afd743d9e9643852e31a135a9f3ae 88523924351bac0b5d560fe0c5781e2556e7693d 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Loading...

	en.y2mate.is/153/	40 B	2023-03-07	2024-04-26
Pretty URL en.y2mate.is/153/ IP 172.67.132.18 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-04-26 15:37:19 Times Seen4707 Hash 6bd43cf0ae158526c6ab93dc3be79f28 15c289e342bd3fdf5b1e95f7abf25a2bc78bf357 7a13d5ae0755d86c09084ec300c4a0f1a0a06921f74d9980eba9d966ff17ad38 Loading...

	cdn.itskiddien.club/apu.php?zoneid=5578959	968 B	2023-03-08	2023-03-13
Pretty URL cdn.itskiddien.club/apu.php?zoneid=5578959 IP 139.45.197.236 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 23:29:08 Last Seen2023-03-13 19:38:35 Times Seen1 Hash 034eeb312eff56a2746820e2a25b73e4 d9a7f679e742169bbf0680f4cb452ddc512fce0c 92db690dc8e9d60afb73cfa0b023046ea5f1877b7f1156fff74b1da54d1c0f0d Loading...

HTTP Transactions (75)

URL IP Response Size

en.y2mate.is/153/

172.67.132.18

301 Moved Permanently

0 B

URL HTTP/1.1
en.y2mate.is/153/
IP
172.67.132.18:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /153/ HTTP/1.1
Host: en.y2mate.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 30 Jan 2023 18:48:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 30 Jan 2023 19:48:10 GMT
Location: https://en.y2mate.is/153/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3HTjN0IR8b7wYtvzgXWyNJzjIxGs4dqFkIcHzW%2BPidmX7avPt4K2Iu8gxIEC%2FV%2BWhcseCR7vq1fXPQC3wvHjP30V8jf1aNO8lLyXm3Pj7gKojR9CMiAAKM8XIArgUk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791c61591b770b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2209
Expires: Mon, 30 Jan 2023 19:24:59 GMT
Date: Mon, 30 Jan 2023 18:48:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17335
Expires: Mon, 30 Jan 2023 23:37:05 GMT
Date: Mon, 30 Jan 2023 18:48:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2877
Expires: Mon, 30 Jan 2023 19:36:07 GMT
Date: Mon, 30 Jan 2023 18:48:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 18:35:46 GMT
content-type: application/json
age: 744
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 9sOiE7BhlcYzwjQO2OuYzjGdrw2WiKGLSPMbxPEqwp0rNaueRPVyjM8AzZXIylBp1xTze7BGnXw=
x-amz-request-id: 5XE9SA5QMKVFN6F7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 17:50:49 GMT
age: 3441
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
98050c18a494575ff87768b67a336217
2d58e322253ac73d075781eb2b074c18d020a086
059b88fc05c7b81aa4b568356bee643c6258ed9550f6514af7d3a063bd2b41ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=116767
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:10 GMT
Etag: "63d71c6f-118"
Expires: Wed, 01 Feb 2023 03:14:17 GMT
Last-Modified: Mon, 30 Jan 2023 01:25:03 GMT
Server: ECS (amb/6BBC)
X-Cache: HIT
Content-Length: 280

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:10 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
98050c18a494575ff87768b67a336217
2d58e322253ac73d075781eb2b074c18d020a086
059b88fc05c7b81aa4b568356bee643c6258ed9550f6514af7d3a063bd2b41ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6554
Cache-Control: max-age=116767
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:10 GMT
Etag: "63d71c6f-118"
Expires: Wed, 01 Feb 2023 03:14:17 GMT
Last-Modified: Mon, 30 Jan 2023 01:25:03 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

4.2 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
gzip compressed data, from Unix\012- data
Size
4.2 kB (4166 bytes)
Hash
435289aa56c6a9248bb9f10661006250
7b1644c37b8540c07444ef7657e08ac8feb8b220
226c8679b10c9b66f99af9f4f16273b096165369ee02e31c11f31cba72125ea2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3955
Cache-Control: max-age=119211
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:10 GMT
Etag: "63d73022-118"
Expires: Wed, 01 Feb 2023 03:55:01 GMT
Last-Modified: Mon, 30 Jan 2023 02:49:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.digicert.com/

93.184.220.29

200 OK

2.8 kB

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
2.8 kB (2795 bytes)
Hash
8df8248bb573b28c239a273871168798
09b5a29c09d6604006587490246d939cd16ee5e3
9bca6709b2f4dc6b8cad30d31416bb36aaf72afec71d077ba6a7143ccce4e8e2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3956
Cache-Control: max-age=119211
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:11 GMT
Etag: "63d73022-118"
Expires: Wed, 01 Feb 2023 03:55:02 GMT
Last-Modified: Mon, 30 Jan 2023 02:49:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

216.58.207.202

200 OK

31 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP
216.58.207.202:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65451)
Size
31 kB (30774 bytes)
Hash
81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396

HTTP Headers

GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 00:57:20 GMT
expires: Sun, 28 Jan 2024 00:57:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 237051
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-177915668-1

142.250.74.40

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-177915668-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
45 kB (45057 bytes)
Hash
0412907fde2bb711a317c22af34070c4
324ff88ea22aeade7070e22c922ed1519e2e9538
6053866fb01969c3c1a36c511f80bf9ee5b8fa12cc26ff9bcb4b5e225a565120

HTTP Headers

GET /gtag/js?id=UA-177915668-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 18:48:11 GMT
expires: Mon, 30 Jan 2023 18:48:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45057
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
66f7f69dfde207207d6acded255032a1
e9afeae0f11b7f0faa91779c549c6985197684e8
252ab1a704c510c8a66db97dca0bf61570ec53849cd94c42c6b1c35315e60a29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "252AB1A704C510C8A66DB97DCA0BF61570EC53849CD94C42C6B1C35315E60A29"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15417
Expires: Mon, 30 Jan 2023 23:05:08 GMT
Date: Mon, 30 Jan 2023 18:48:11 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
02675fc46e066b2e07b3765b3c20716c
3e58fc145c6640cd880e832974fe258da4dc3164
9cc733cbaa79762434b3ba197f36f410c2b394c726dabb691f125d4b5f46401b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9CC733CBAA79762434B3BA197F36F410C2B394C726DABB691F125D4B5F46401B"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19815
Expires: Tue, 31 Jan 2023 00:18:26 GMT
Date: Mon, 30 Jan 2023 18:48:11 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 18:41:41 GMT
age: 390
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

en.y2mate.is/153/

104.21.4.123

200 OK

92 kB

URL HTTP/2
en.y2mate.is/153/
IP
104.21.4.123:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (561), with CRLF, LF line terminators
Size
92 kB (92506 bytes)
Hash
2d7c53b2a4d16ea24cc823001fa78f2f
e95d6711ff60f324cc26752d6db79260dedf496f
b3d79a736424205235aef19de03f450fa622dbf77d4c6874110f1d412d8df6e1

HTTP Headers

GET /153/ HTTP/1.1
Host: en.y2mate.is
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 30 Jan 2023 18:48:10 GMT
content-type: text/html
last-modified: Thu, 23 Jun 2022 09:05:13 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWb5rQIzRBbwX8fQVBw8wNrgg9Al6tkEMD7LuMRiKZ2mj%2FPp18BwEA%2BhKmureKINwhxFzwWvXF6yrLuLQwjZjjBlF9isZEISi2VyFdfE7eaRNkki6Dz8GNl%2BYPtJ67A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791c615b3c790b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12077
Expires: Mon, 30 Jan 2023 22:09:28 GMT
Date: Mon, 30 Jan 2023 18:48:11 GMT
Connection: keep-alive

system-notify.app/f/sdk.js?z=666129

157.90.33.68

200 OK

12 kB

URL HTTP/2
system-notify.app/f/sdk.js?z=666129
IP
157.90.33.68:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (45784), with no line terminators
Size
12 kB (11739 bytes)
Hash
7d88873ed748c8d480c093317d273bf7
7262dc04962c94f325455e7971dcd1e9f6705783
01d9e7f0b360d99e0c7f81bd3e5dc66475c7221fb997c143a0854fa50b493a5e

HTTP Headers

GET /f/sdk.js?z=666129 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 11739
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

buttons-config.sharethis.com/js/5fa68f511a075b00196b76b6.js

54.230.111.117

200 OK

711 B

URL HTTP/2
buttons-config.sharethis.com/js/5fa68f511a075b00196b76b6.js
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (711), with no line terminators
Size
711 B (711 bytes)
Hash
ead1494ad242911a1c642f72e641c184
b40504a492c106750daef819f7865e1294390694
c78e90053f5ca2d08be04c65317491bf626f10b58ba82db4c7dc198f3d8db688

HTTP Headers

GET /js/5fa68f511a075b00196b76b6.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 711
last-modified: Wed, 30 Nov 2022 20:49:20 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 30 Jan 2023 18:47:53 GMT
cache-control: public, max-age=60
etag: "ead1494ad242911a1c642f72e641c184"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GOkFTp7KC8Yu2WugNfves2PtW4SP3-itKlwCHUjl7rFnQjGEXcUZCA==
age: 38
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 30 Jan 2023 17:45:20 GMT
expires: Mon, 30 Jan 2023 19:45:20 GMT
cache-control: public, max-age=7200
age: 3771
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
eb9104b9a960ae69cdf9bef37eb8e339
fb6d6fc979850e08071a02685f44ba6907c2e45c
9a4c221d20d2963dff19eebd824d58377381ee6f30b15bff48de7b7b31af04f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87154
Date: Mon, 30 Jan 2023 18:48:11 GMT
Etag: "63d6b72f-1d7"
Expires: Tue, 31 Jan 2023 19:00:45 GMT
Last-Modified: Sun, 29 Jan 2023 18:13:03 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: KgnbiPWfzEMa2YtwwmuUYloseTBUPZPHsmg3V-EaNP2vVzvWGfqNhA==
Age: 2862

system-notify.app/event?z=666129

157.90.33.68

200 OK

0 B

URL HTTP/2
system-notify.app/event?z=666129
IP
157.90.33.68:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=666129 HTTP/1.1
Host: system-notify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-length: 0
access-control-allow-origin: https://en.y2mate.is
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5e109e0499db23ab98f6c844bf72c68d
071f0b062b8f5c6ab995bdbfee973fa6ded86d3b
da9b35ef76c637c268583f1181081dcc9a48d0a91d35e6180d0fcfd869432710

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA9B35EF76C637C268583F1181081DCC9A48D0A91D35E6180D0FCFD869432710"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5681
Expires: Mon, 30 Jan 2023 20:22:52 GMT
Date: Mon, 30 Jan 2023 18:48:11 GMT
Connection: keep-alive

l.sharethis.com/pview?event=pview&hostname=en.y2mate.is&location=%2F153%2F&product=sticky-share-buttons&url=https%3A%2F%2Fen.y2mate.is%2F153%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&cms=unknown&publisher=5fa68f511a075b00196b76b6&sop=true&version=st_sop.js&lang=en&description=Y2Mate%20is%20the%20fastest%20web%20app%20to%20download%20Youtube%20videos%20for%20free.%20Easily%20Convert%20youtube%20videos%20to%20mp3%20and%20mp4%20and%20save%20them%20to%20your%20PC%2C%20Mobile%2C%20and%20tablets.

3.125.136.212

204 No Content

0 B

URL HTTP/1.1
l.sharethis.com/pview?event=pview&hostname=en.y2mate.is&location=%2F153%2F&product=sticky-share-buttons&url=https%3A%2F%2Fen.y2mate.is%2F153%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&cms=unknown&publisher=5fa68f511a075b00196b76b6&sop=true&version=st_sop.js&lang=en&description=Y2Mate%20is%20the%20fastest%20web%20app%20to%20download%20Youtube%20videos%20for%20free.%20Easily%20Convert%20youtube%20videos%20to%20mp3%20and%20mp4%20and%20save%20them%20to%20your%20PC%2C%20Mobile%2C%20and%20tablets.
IP
3.125.136.212:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pview?event=pview&hostname=en.y2mate.is&location=%2F153%2F&product=sticky-share-buttons&url=https%3A%2F%2Fen.y2mate.is%2F153%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&cms=unknown&publisher=5fa68f511a075b00196b76b6&sop=true&version=st_sop.js&lang=en&description=Y2Mate%20is%20the%20fastest%20web%20app%20to%20download%20Youtube%20videos%20for%20free.%20Easily%20Convert%20youtube%20videos%20to%20mp3%20and%20mp4%20and%20save%20them%20to%20your%20PC%2C%20Mobile%2C%20and%20tablets. HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://en.y2mate.is
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Mon, 30 Jan 2023 18:48:11 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive

cdn.itskiddien.club/apu.php?zoneid=5578959

139.45.197.236

200 OK

968 B

URL HTTP/2
cdn.itskiddien.club/apu.php?zoneid=5578959
IP
139.45.197.236:0
ASN
#9002 RETN Limited

File type
ASCII text, with very long lines (801)
Size
968 B (968 bytes)
Hash
034eeb312eff56a2746820e2a25b73e4
d9a7f679e742169bbf0680f4cb452ddc512fce0c
92db690dc8e9d60afb73cfa0b023046ea5f1877b7f1156fff74b1da54d1c0f0d

HTTP Headers

GET /apu.php?zoneid=5578959 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/javascript
content-length: 968
x-trace-id: cb7ea0d8f3e0e5a13ff8e85c55479ee4
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b85f1f4cec2a4a46b512dbecf155c929; expires=Tue, 30 Jan 2024 18:48:11 GMT; path=/; secure; SameSite=None
oaidts=1675104491; expires=Tue, 30 Jan 2024 18:48:11 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.38.139.17

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.139.17:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2EEstaingiBijY5mip4DJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rnGTEtaitk18VN2ZlSlXNqa9acs=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e2d2b00ed4a3970f9b7c4561eec1f2ba
5d51d00a750a05bcad6aac56b5dcd410afff7591
20f4ee50766ee62c45e9a18f9646a856c1ae9b702a055c7d9131026dce630c42

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "20F4EE50766EE62C45E9A18F9646A856C1AE9B702A055C7D9131026DCE630C42"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Mon, 30 Jan 2023 19:40:47 GMT
Date: Mon, 30 Jan 2023 18:48:11 GMT
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fbc689e17d6097d51bde604be7aba923
981e2376b7c65044e68c37c3230f26009bbcf701
9c70aeef462145d93eca1588305454638abefc90d5bacc603c64507b03e0c1f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 18:48:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 07:28:20 GMT
Expires: Fri, 03 Feb 2023 07:28:19 GMT
Etag: "981e2376b7c65044e68c37c3230f26009bbcf701"
Cache-Control: max-age=304207,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791c61620e73b50b-OSL

my.rtmark.net/gid.js

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
1610a6ea46f5446c3faf81043a958440
4d506cc39fc948245f6a5e2d0efbc4bcfef3c9de
add5b7a43c8d25ad88a9a5be649250852831d8ff0332687c210a70b958e76b57

HTTP Headers

GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://en.y2mate.is
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=f9796855f6b4480b836cca74c581c799; expires=Tue, 30 Jan 2024 18:48:11 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
fbc689e17d6097d51bde604be7aba923
981e2376b7c65044e68c37c3230f26009bbcf701
9c70aeef462145d93eca1588305454638abefc90d5bacc603c64507b03e0c1f5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 18:48:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 07:28:20 GMT
Expires: Fri, 03 Feb 2023 07:28:19 GMT
Etag: "981e2376b7c65044e68c37c3230f26009bbcf701"
Cache-Control: max-age=304207,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791c61621f5db524-OSL

uidsync.net/sync?user_id=q3yWj5nEH46UOFUASCkjMF

157.90.33.72

204 No Content

0 B

URL HTTP/2
uidsync.net/sync?user_id=q3yWj5nEH46UOFUASCkjMF
IP
157.90.33.72:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?user_id=q3yWj5nEH46UOFUASCkjMF HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://en.y2mate.is/
Origin: https://en.y2mate.is
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 204 No Content
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
access-control-allow-origin: https://en.y2mate.is
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
8c974945aa19b203f94c228ed355a01a
65d899c3fd847edfcf36417f4c88e94c7f12647e
4abde0b1cd9faca80483fe88383326794e0bdaa434d451eaddb09954f5947aa2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 18:48:11 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 03:49:35 GMT
Expires: Sun, 05 Feb 2023 03:49:34 GMT
Etag: "65d899c3fd847edfcf36417f4c88e94c7f12647e"
Cache-Control: max-age=463882,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791c6161adbab50b-OSL

fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f

139.45.195.254

200 OK

12 B

URL HTTP/1.1
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
139.45.195.254:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 896
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 30 Jan 2023 18:48:13 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://en.y2mate.is
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true

gloaphoo.net/500/5578627?excludes=&oaid=f9796855f6b4480b836cca74c581c799&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

0 B

URL HTTP/2
gloaphoo.net/500/5578627?excludes=&oaid=f9796855f6b4480b836cca74c581c799&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /500/5578627?excludes=&oaid=f9796855f6b4480b836cca74c581c799&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://en.y2mate.is/
Origin: https://en.y2mate.is
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:12 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://en.y2mate.is
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-QS73XC9RW5&gtm=2oe1p0&_p=1996840330&cid=1281962137.1675104505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675104504&sct=1&seg=0&dl=https%3A%2F%2Fen.y2mate.is%2F153%2F&dt=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-QS73XC9RW5&gtm=2oe1p0&_p=1996840330&cid=1281962137.1675104505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675104504&sct=1&seg=0&dl=https%3A%2F%2Fen.y2mate.is%2F153%2F&dt=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-QS73XC9RW5&gtm=2oe1p0&_p=1996840330&cid=1281962137.1675104505&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675104504&sct=1&seg=0&dl=https%3A%2F%2Fen.y2mate.is%2F153%2F&dt=Youtube%20Downloader%20-%20Convert%20%26%20Download%20Youtube%20Videos%20-%20Y2Mate&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://en.y2mate.is
date: Mon, 30 Jan 2023 18:48:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
cfe2d3468f98a7cb707b15b7cee50118
f69313b5cfbc10de800006869472db9d15349bed
0c810d929010bcd5a05f6a8c3d3b9955ca23265323cc250bb5653d13aa38c4e7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4994
Cache-Control: max-age=114117
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:12 GMT
Etag: "63d7182f-117"
Expires: Wed, 01 Feb 2023 02:30:09 GMT
Last-Modified: Mon, 30 Jan 2023 01:06:55 GMT
Server: ECS (amb/6B98)
X-Cache: HIT
Content-Length: 279

offerimage.com/www/images/c63915b4b19e61133bbc0d9d2b53b1a9.jpeg

172.67.22.216

200 OK

17 kB

URL HTTP/2
offerimage.com/www/images/c63915b4b19e61133bbc0d9d2b53b1a9.jpeg
IP
172.67.22.216:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
17 kB (17021 bytes)
Hash
c63915b4b19e61133bbc0d9d2b53b1a9
c2eb03600c3423c53cfcf23941fb3378dbf66315
a20783df617a0784fa0a2f098de5a2184d6c3255f217090f40f286b02b8241ae

HTTP Headers

GET /www/images/c63915b4b19e61133bbc0d9d2b53b1a9.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 18:48:12 GMT
content-type: image/jpeg
content-length: 17021
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6345f9f1-427d"
expires: Tue, 31 Jan 2023 08:33:29 GMT
last-modified: Tue, 11 Oct 2022 23:19:13 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 36883
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 791c61648e680b45-OSL
X-Firefox-Spdy: h2

uidsync.net/sync?user_id=q3yWj5nEH46UOFUASCkjMF

157.90.33.72

200 OK

62 B

URL HTTP/2
uidsync.net/sync?user_id=q3yWj5nEH46UOFUASCkjMF
IP
157.90.33.72:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
ee5ee445f7a1b8f695862337ffbd1d0d
9977443688074a1822a00b29fb7a56ab1814a8b1
1b62d544a5526464b0293b3e072491e5896e468e16df05390d7ca6a0db7b8857

HTTP Headers

GET /sync?user_id=q3yWj5nEH46UOFUASCkjMF HTTP/1.1
Host: uidsync.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://en.y2mate.is/
Content-Type: application/json
Origin: https://en.y2mate.is
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/json; charset=utf-8
content-length: 62
access-control-allow-origin: https://en.y2mate.is
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
set-cookie: rauid=q3yWj5nEH46UOFUASCkjMF; expires=Tue, 30 Jan 2024 18:48:11 GMT; path=/; secure; SameSite=None
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/arrow_right.svg

54.230.111.19

200 OK

565 B

URL HTTP/2
platform-cdn.sharethis.com/img/arrow_right.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Size
565 B (565 bytes)
Hash
9928d025bd5792b718ee0a185f62e67c
16406d7b5b6d383b12859b853cf6cb7e3733e33d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e

HTTP Headers

GET /img/arrow_right.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Jan 2023 09:52:54 GMT
cache-control: public, max-age=2592000
etag: "9928d025bd5792b718ee0a185f62e67c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t5bVa7vu0cMTUn1B6m2nTNRI0eXgZm5r2ysqKTZm7rrNgzzEnI5FVw==
age: 2537719
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/messenger-white.svg

54.230.111.19

200 OK

346 B

URL HTTP/2
platform-cdn.sharethis.com/img/messenger-white.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
346 B (346 bytes)
Hash
6e47d1a316ff66022db5c84721bb6cb2
c0c5511529c4a6eda31623126760596b72f9adb5
9a72a6a001720eb75f9c7381db5a0b011430aa144a1da8beca753fdecfa063e1

HTTP Headers

GET /img/messenger-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 346
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Jan 2023 06:41:55 GMT
cache-control: public, max-age=2592000
etag: "6e47d1a316ff66022db5c84721bb6cb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O54Eu1UgDa-l1pyoB_HAZLeons4c0kxfHDz5bylNYY1nOiMqgCmaLw==
age: 2549197
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/facebook-white.svg

54.230.111.19

200 OK

357 B

URL HTTP/2
platform-cdn.sharethis.com/img/facebook-white.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
357 B (357 bytes)
Hash
d2c2caf5b123988ddd17ceeb1c7d9d50
06890bd619eced1f588073c3c48da7a6280a34b8
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8

HTTP Headers

GET /img/facebook-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 357
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 09 Jan 2023 03:19:52 GMT
cache-control: public, max-age=2592000
etag: "d2c2caf5b123988ddd17ceeb1c7d9d50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T2Q5uNq84kVpk26v_i3LwnfXqdbaYqjJIwdKb1MrviatBpjdbTYoog==
age: 1870101
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/twitter-white.svg

54.230.111.19

200 OK

797 B

URL HTTP/2
platform-cdn.sharethis.com/img/twitter-white.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (705)
Size
797 B (797 bytes)
Hash
011c4584e5c59c6dc0daa1fa5c845b76
a007ec390d002a36a164797013d24644f15afd47
26a112b47990822d68103d4ac8d452f78d1da928874a376a7335d26244b50431

HTTP Headers

GET /img/twitter-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 797
date: Thu, 05 Jan 2023 07:43:06 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "011c4584e5c59c6dc0daa1fa5c845b76"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xXCjZJ_vXpnMiVRtuZssQG6AddoI5v4KTszIuq_V5d69CouQ5LVSPA==
age: 2199907
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/email-white.svg

54.230.111.19

200 OK

599 B

URL HTTP/2
platform-cdn.sharethis.com/img/email-white.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (507)
Size
599 B (599 bytes)
Hash
69eb3e5fe732c6c9862f5ec42580e1a1
2beaae42a365c22f092014d5013ef7e12604d649
5110c1e29bb22f0c8ae1b7af3c994dd4f580d05d8773f5fb1f031b5ce1560c83

HTTP Headers

GET /img/email-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 599
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 11 Jan 2023 03:58:09 GMT
cache-control: public, max-age=2592000
etag: "69eb3e5fe732c6c9862f5ec42580e1a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ccfqi5iWOn9Gj2m5aNBpLVip8HzcLwYY_4v1NsygGa_3Z1_t7GOLKw==
age: 1695004
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fen.y2mate.is%2F153%2F

54.230.111.84

200 OK

195 B

URL HTTP/2
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fen.y2mate.is%2F153%2F
IP
54.230.111.84:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
195 B (195 bytes)
Hash
a2d3e30360b3611c23bce3f1d8c88482
96975185481f307b7ab08957ef1d6611c4ba8406
64a81ad3d8be6320b85e23fc55b677edfc5758c80169c06dff1ef77f00c74d06

HTTP Headers

GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fen.y2mate.is%2F153%2F HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript
content-length: 195
apigw-requestid: fkeDghB7IAMEPUg=
date: Mon, 30 Jan 2023 18:47:54 GMT
cache-control: public, max-age=60
etag: a2d3e30360b3611c23bce3f1d8c88482
x-cache: Hit from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4yWsrEt6Z10dO4mxtKLxncNyZcJiTr6BoKY5NXd1Gwqh3zthBgQwyQ==
age: 52
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/arrow_left.svg

54.230.111.19

200 OK

565 B

URL HTTP/2
platform-cdn.sharethis.com/img/arrow_left.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (409)
Size
565 B (565 bytes)
Hash
b55d8d2b9321e381a3c38a4bddb74037
000c29635758e608bbe15d191e953adb27627c2e
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38

HTTP Headers

GET /img/arrow_left.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 565
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 07 Jan 2023 02:05:38 GMT
cache-control: public, max-age=2592000
etag: "b55d8d2b9321e381a3c38a4bddb74037"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MddGFUKCdGNmxgMMo8ABCIYKwd3OdOX29bmSJjQuh1d094B8oue6hg==
age: 2047355
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-177915668-1&cid=1281962137.1675104505&jid=1464255709&gjid=181330895&_gid=1149613699.1675104505&_u=YADAAUAAAAAAACAAI~&z=1658288661

173.194.221.157

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-177915668-1&cid=1281962137.1675104505&jid=1464255709&gjid=181330895&_gid=1149613699.1675104505&_u=YADAAUAAAAAAACAAI~&z=1658288661
IP
173.194.221.157:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-177915668-1&cid=1281962137.1675104505&jid=1464255709&gjid=181330895&_gid=1149613699.1675104505&_u=YADAAUAAAAAAACAAI~&z=1658288661 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://en.y2mate.is
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 18:48:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Mon, 30 Jan 2023 20:24:49 GMT
Date: Mon, 30 Jan 2023 18:48:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Mon, 30 Jan 2023 20:24:49 GMT
Date: Mon, 30 Jan 2023 18:48:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Mon, 30 Jan 2023 20:24:49 GMT
Date: Mon, 30 Jan 2023 18:48:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10997 bytes)
Hash
65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 75305
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 75172
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 75364
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:56:46 GMT
age: 75087
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9457 bytes)
Hash
51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 74855
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 23:25:02 GMT
age: 69791
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

gloaphoo.net/impression/XlPKwi7oPLjTqTAk2UH0TYo1Yrff8JX_FLWHycpBirTux5_FdB5gM8PS69H-2Y57jxOo5fTbiVEhswo2YTNfxyfyGh4J1o1RYOu5d8ooavGLnu_Hpug-mWTDp6jIuZqu9T0OJOudHfvDFnH2sBpNAfSDa7sIKFFFTcl2m5XLvm1mDWbU-beLAl2fm2bcY0ZeAgSO65uRa5htHS3Uf4La6y-xLREHvotbAJQJaPVSYNGSv_w8UMJ3oj0210gNI8Soaq6iQYFUU1Yqk8zaKQNNpdjBBA_1K4EWrzjtYjjgWaP1-TxdbPbHP0g9GKSR71j7pLIcWq7y45z3gwYa980_L-pXobwmkxfo4lb0qFWDf5f-09nWinQYb1R7q0yKiKvWfrU7ydE036yVQXbxWVxJSjAi4Zr3q2AZ2RiMv1OZqe_zI1Xw4dN2K5dXhCnmJN9w2PiUHUMsfRyiW0hUR8HJJFujbn7co-fbG8NBVwI5dKLKVOHWGlIOtKwiKaQ7EeuIBTkL9A2d2TqJfWkNFVMkJ__lRuwhAgAt0ee63RAoC7Mlgo3DPqdPl1z6k5onjoy74ER6QOtuguOpr2g3QWCWAR-6_txp5I-z?_z=5578627&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

139.45.197.239

200 OK

43 B

URL HTTP/2
gloaphoo.net/impression/XlPKwi7oPLjTqTAk2UH0TYo1Yrff8JX_FLWHycpBirTux5_FdB5gM8PS69H-2Y57jxOo5fTbiVEhswo2YTNfxyfyGh4J1o1RYOu5d8ooavGLnu_Hpug-mWTDp6jIuZqu9T0OJOudHfvDFnH2sBpNAfSDa7sIKFFFTcl2m5XLvm1mDWbU-beLAl2fm2bcY0ZeAgSO65uRa5htHS3Uf4La6y-xLREHvotbAJQJaPVSYNGSv_w8UMJ3oj0210gNI8Soaq6iQYFUU1Yqk8zaKQNNpdjBBA_1K4EWrzjtYjjgWaP1-TxdbPbHP0g9GKSR71j7pLIcWq7y45z3gwYa980_L-pXobwmkxfo4lb0qFWDf5f-09nWinQYb1R7q0yKiKvWfrU7ydE036yVQXbxWVxJSjAi4Zr3q2AZ2RiMv1OZqe_zI1Xw4dN2K5dXhCnmJN9w2PiUHUMsfRyiW0hUR8HJJFujbn7co-fbG8NBVwI5dKLKVOHWGlIOtKwiKaQ7EeuIBTkL9A2d2TqJfWkNFVMkJ__lRuwhAgAt0ee63RAoC7Mlgo3DPqdPl1z6k5onjoy74ER6QOtuguOpr2g3QWCWAR-6_txp5I-z?_z=5578627&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impression/XlPKwi7oPLjTqTAk2UH0TYo1Yrff8JX_FLWHycpBirTux5_FdB5gM8PS69H-2Y57jxOo5fTbiVEhswo2YTNfxyfyGh4J1o1RYOu5d8ooavGLnu_Hpug-mWTDp6jIuZqu9T0OJOudHfvDFnH2sBpNAfSDa7sIKFFFTcl2m5XLvm1mDWbU-beLAl2fm2bcY0ZeAgSO65uRa5htHS3Uf4La6y-xLREHvotbAJQJaPVSYNGSv_w8UMJ3oj0210gNI8Soaq6iQYFUU1Yqk8zaKQNNpdjBBA_1K4EWrzjtYjjgWaP1-TxdbPbHP0g9GKSR71j7pLIcWq7y45z3gwYa980_L-pXobwmkxfo4lb0qFWDf5f-09nWinQYb1R7q0yKiKvWfrU7ydE036yVQXbxWVxJSjAi4Zr3q2AZ2RiMv1OZqe_zI1Xw4dN2K5dXhCnmJN9w2PiUHUMsfRyiW0hUR8HJJFujbn7co-fbG8NBVwI5dKLKVOHWGlIOtKwiKaQ7EeuIBTkL9A2d2TqJfWkNFVMkJ__lRuwhAgAt0ee63RAoC7Mlgo3DPqdPl1z6k5onjoy74ER6QOtuguOpr2g3QWCWAR-6_txp5I-z?_z=5578627&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Cookie: OAID=f9796855f6b4480b836cca74c581c799
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:16 GMT
content-type: image/gif
content-length: 43
x-trace-id: d849a235a8762b08d4ffcffcc3c31289
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 538751
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 74777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 18:48:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;700
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Roboto:wght@100;300;400;500;700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 18:48:17 GMT
date: Mon, 30 Jan 2023 18:48:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gloaphoo.net/401/5578627

139.45.197.239

200 OK

0 B

URL HTTP/2
gloaphoo.net/401/5578627
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /401/5578627 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/javascript
x-trace-id: d249bc8e7d867fe2af3f667094316788
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ad4ec1da62d74077b2409be991913cb9; expires=Tue, 30 Jan 2024 18:48:11 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

104.18.11.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 07/01/2022 20:56:09
cdn-edgestorageid: 860
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 5277866fcda4694d59804c772ca0ac3d
cdn-cache: HIT
cf-cache-status: HIT
age: 17459949
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 791c615cbfa2b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

platform-api.sharethis.com/js/sharethis.js

54.230.111.68

200 OK

0 B

URL HTTP/2
platform-api.sharethis.com/js/sharethis.js
IP
54.230.111.68:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Mon, 30 Jan 2023 18:38:33 GMT
cache-control: max-age=600, public
etag: W/"302c1-EG4DNTzQnd49XZUQ/Gs3WyHzFo4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QMiISTIZfmtgYhjf-ZfjkS6aGl7MvzC_O7PEDLw0Cmmrj8YJCsISpQ==
age: 578
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

tzegilo.com/stattag.js

104.21.89.122

200 OK

0 B

URL HTTP/2
tzegilo.com/stattag.js
IP
104.21.89.122:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 30 Jan 2023 18:48:11 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 4475
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=978jkNqEkBlBs5O8dFFtQKyRCjlW5ye%2FLtyc%2BTCdJVzx3UYaCWBpAjtJijhl0zG0oQoaJqGsb7i8pOCgyu1dxgSmHVI8zsc8nWTYZThOjUjB8TOjaiC7Hq1y4TO2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791c61604c190b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

139.45.197.239

200 OK

0 B

URL HTTP/2
gloaphoo.net/500/5578627?excludes=&oaid=f9796855f6b4480b836cca74c581c799&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP
139.45.197.239:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /500/5578627?excludes=&oaid=f9796855f6b4480b836cca74c581c799&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fen.y2mate.is%2F153%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://en.y2mate.is
Connection: keep-alive
Referer: https://en.y2mate.is/
Cookie: OAID=ad4ec1da62d74077b2409be991913cb9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 18:48:12 GMT
content-type: application/javascript
x-trace-id: 0524a8d7a1c508e4ef03d3d851e932fe
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://en.y2mate.is
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=f9796855f6b4480b836cca74c581c799; expires=Tue, 30 Jan 2024 18:48:12 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

platform-cdn.sharethis.com/img/whatsapp-white.svg

54.230.111.19

200 OK

0 B

URL HTTP/2
platform-cdn.sharethis.com/img/whatsapp-white.svg
IP
54.230.111.19:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /img/whatsapp-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://en.y2mate.is/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 05 Jan 2023 10:08:17 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: W/"a2bc3effacbd66c837b37ccb0a16e417"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: brw6gWj2UkO3JF2G-b0zl50aAO5xJ7WSlh0emE5_rtmvgc3HCsjgPw==
age: 2191196
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML