Report - y2mate.lol/convert/?videoId=mIEQMXj5pYA

Report Overview

Visited public
2025-03-14 06:38:32
Tags
URL
y2mate.lol/convert/?videoId=mIEQMXj5pYA
Finishing URL
y2mate.lol/convert/?videoId=mIEQMXj5pYA
IP / ASN
104.21.32.1
#13335 CLOUDFLARENET
Title
Y2Mate - Youtube Downloader | Download Youtube Videos in HD

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-03-12	900 B	104 kB	104.17.24.14
y2mate.lol	unknown	2022-07-17	2022-09-21	2025-01-28	4.4 kB	278 kB	104.21.80.1
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-03-12	431 B	306 kB	142.250.74.136
vaikijie.net	unknown	2023-01-06	2023-01-07	2025-01-28	406 B	101 kB	139.45.197.107
noblemancradleintrepid.com	unknown	2024-11-12	2024-12-05	2025-01-28	904 B	1.2 kB	192.243.59.13
iframe.y2meta-uk.com	unknown	2024-12-03	2024-12-13	2025-02-24	1.5 kB	80 kB	104.21.29.250
madurird.com	unknown	2023-10-06	2023-10-07	2025-03-10	551 B	1.2 kB	139.45.197.106
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-03-12	498 B	20 kB	104.16.80.73
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-03-12	435 B	20 kB	151.101.129.229
embroiderynaturalistsfighter.com	unknown	2024-12-10	2024-12-13	2025-03-01	468 B	619 B	172.240.253.132
i.ytimg.com	109	2007-12-11	2012-10-03	2025-03-12	446 B	21 kB	142.250.178.118

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-03-14	medium	noblemancradleintrepid.com	Sinkholed
2025-03-14	medium	madurird.com	Sinkholed
2025-03-14	medium	embroiderynaturalistsfighter.com	Sinkholed
2025-03-14	medium	noblemancradleintrepid.com	Sinkholed
2025-03-14	medium	vaikijie.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	y2mate.lol/convert/?videoId=mIEQMXj5pYA	ScriptElement	490 B	2024-12-15	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-15 07:42 Last Seen2025-03-14 06:38 Times Seen5 Hash 76757522c30ed852fe04586a826818d4 c47e156bdf6e35ab9e2dbf9514c73882a2945734 2529f7a95f28c171391952400f0f3fa0369fc948fb992d5a0526308a9e1cdc34 Loading...

	y2mate.lol/convert/?videoId=mIEQMXj5pYA	ScriptElement	5.1 kB	2024-08-02	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-02 19:43 Last Seen2025-03-14 06:38 Times Seen13 Hash fe81b6b9783406e7fbc93278b73ebec7 49b455ed9af2ec94450fb31eeb99e45a8fef1719 7e522c56c99344b3d1feecb7d02656fde48638b53ad4986aad69145bd70c2fa1 Loading...

	y2mate.lol/convert/?videoId=mIEQMXj5pYA	ScriptElement	34 kB	2024-10-01	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-01 17:16 Last Seen2025-03-14 06:38 Times Seen8 Hash 97b2c1209a5f810d732377451e1ef071 b62a8923cf6bf15f6753974a4c93bb3b6aef7866 3b59170fa5c4cdee510391161d666161b6074e8c6dac616b601618089740fb1f Loading...

	iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA	ScriptElement	235 B	2024-12-28	2025-03-14
Pretty URL iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA IP 104.21.29.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-28 23:41 Last Seen2025-03-14 06:38 Times Seen15 Hash 90714eb5a8cf82869f40ac9634b85398 4efb73171fa56e4f28dfbf621d58139286f7376c 52709c00f258d6617c5020f2afecb809e51ae7c18145b77944947ebe433300b0 Loading...

	y2mate.lol/convert/?videoId=mIEQMXj5pYA	EventHandler	8 B	2024-10-01	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-01 17:16 Last Seen2025-03-14 06:38 Times Seen8 Hash c41b130362386256fdcad4ab58f463a3 57babedd8db2859665e67546b186f01ec186cb10 ce2de2dda1250019944f18dc1e0dff1db4039df878c14708b9ebd0acbd0718d0 Loading...

	cdn.jsdelivr.net/npm/@iframe-resizer/child	ScriptElement	19 kB	2025-02-24	2025-03-14
Pretty URL cdn.jsdelivr.net/npm/@iframe-resizer/child IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-24 15:39 Last Seen2025-03-14 06:38 Times Seen7 Hash 332dcd23809fe61527de42e3f9573b75 a2625f12ee3ade5f66ab193105bbad50b802c6cd eeec7ec4b3f70698190b7df1efbfe6b50fea9598df5cc0af7ee5ec7eb5e40348 Loading...

	iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA	ScriptElement	458 B	2024-12-07	2025-03-14
Pretty URL iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA IP 104.21.29.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 17:09 Last Seen2025-03-14 06:38 Times Seen36 Hash eee922c433a74100b3b4f24ef6c50667 767ba8d38d6ca1af582319adc33c9921de69dce2 4f8a5b9c96a857efa1541a2cdb013b016d4eca9f3cc3fe67a8a7b09c97f17fe5 Loading...

	www.googletagmanager.com/gtag/js?id=G-4GV1XWNGP4	ScriptElement	305 kB	2025-03-14	2025-03-14
Pretty URL www.googletagmanager.com/gtag/js?id=G-4GV1XWNGP4 IP 142.250.74.136 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-14 06:38 Last Seen2025-03-14 06:38 Times Seen1 Hash 345e3dda151624e46a4d0f4422c55a3a 7373c7e99469edfbbe52e02b9e51bd257aae9540 c9acfa3fcb14a4df151e482497781cd4503247eb34b6cac0ac760764d2fb8a63 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-03-15
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.80.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-03-15 03:53 Times Seen39054 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	vaikijie.net/tag.min.js	ScriptElement	100 kB	2025-03-13	2025-03-14
Pretty URL vaikijie.net/tag.min.js IP 139.45.197.107 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2025-03-13 17:36 Last Seen2025-03-14 21:43 Times Seen4 Hash e626db241b63eed1d32ae2ace5055cb2 5cb6a6c47ff0dcbc71c349ebdfcdc20b09f1ad61 44d4876e4d8290ef270cc2fc0c40465f045bbcbfd1569377970fa285f40290e6 Loading...

	wasm:vaikijie.net/tag.min.js%20line%201%20%3E%20WebAssembly.instantiate	Wasm	0 B	0001-01-01	2025-03-15
Pretty URL wasm:vaikijie.net/tag.min.js%20line%201%20%3E%20WebAssembly.instantiate IP 0.0.0.0 ASN #0 Introduced by wasm Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-03-15 04:02 Times Seen4127081 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-03-15
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-03-15 03:57 Times Seen23761 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA	ScriptElement	15 kB	2025-03-14	2025-03-14
Pretty URL iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA IP 104.21.29.250 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-14 06:38 Last Seen2025-03-14 06:38 Times Seen1 Hash 23188bcc2f6980bb7f03f041d6b25d1d 7bc8c0fd3b300da5f91321b613490080a68c5125 22de0736e4fa129fed7a8943be285da11977fbfe7d72707f83583e5a11febb2e Loading...

	cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js	ScriptElement	14 kB	2024-03-16	2025-03-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-16 20:43 Last Seen2025-03-14 06:38 Times Seen63 Hash 8a83e81d3aea465f720c231cb664c392 d7d93abf4f8933b9dc69771ec435a1380c0509fc 961bba18ba488f2f871ba5f306de32b3a42046bfe951e2ba5a2316d5e01df7c9 Loading...

	y2mate.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-03-15
Pretty URL y2mate.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-03-15 03:05 Times Seen29277 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	y2mate.lol/convert/?videoId=mIEQMXj5pYA	ScriptElement	156 B	2023-12-03	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-03 07:38 Last Seen2025-03-14 06:38 Times Seen15 Hash 7bc99cdc9dee7f9f0c86767f717b7ce7 5e9ca6cfe97da5f21bf96f7d58fc8ab6d4f12555 259b64476ecf7f85c998acd7f5c26a158d9676dc6cacc5007334bbe309615f69 Loading...

	y2mate.lol/convert/?videoId=mIEQMXj5pYA	EventHandler	11 B	2024-10-01	2025-03-14
Pretty URL y2mate.lol/convert/?videoId=mIEQMXj5pYA IP 104.21.80.1 ASN #13335 CLOUDFLARENET Introduced by eventHandler Embedded in HTML false Observations First Seen2024-10-01 17:16 Last Seen2025-03-14 06:38 Times Seen8 Hash 0f325c9d28bcbfa774c44b9bbfe93e69 c4da14531a38827d0cd59c9b4ec27deadd8ed621 f91023314dbec6fcdda02c434d3b698ec8fca975ffaaec1080039c5ec8c0fb0f Loading...

HTTP Transactions (23)

URL IP Response Size

noblemancradleintrepid.com/4518dbbd3cfaa4ffef321dc89bf83758/invoke.js

192.243.59.13

403 Forbidden

0 B

URL GET
noblemancradleintrepid.com/4518dbbd3cfaa4ffef321dc89bf83758/invoke.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerLet's Encrypt
Subjectnoblemancradleintrepid.com
Fingerprint30:AC:DA:F2:30:EC:A8:99:61:4E:D0:0D:F6:EA:01:A3:75:CF:DC:2B
ValidityWed, 12 Mar 2025 21:45:35 GMT - Tue, 10 Jun 2025 21:45:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4518dbbd3cfaa4ffef321dc89bf83758/invoke.js HTTP/1.1
Host: noblemancradleintrepid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Fri, 14 Mar 2025 06:38:11 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noblemancradleintrepid.com

cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

88 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
88 kB (87533 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iframe.y2meta-uk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 130382
expires: Wed, 04 Mar 2026 06:38:11 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lL6qyXU7ovbq5fhvrmbIH2rXtLvvvTKzR4dgTAWTLdzHqVN%2BedCBUnIJfeh8BQ4VxSqJPBRrYCxdSC37Umb5NOqdXhsbdTyrR1UzVLWwtWZKeOSyanLVhUY6scSInkN3hqGJcCgW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 9201c448bd5bb4f9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

y2mate.lol/convert/?videoId=mIEQMXj5pYA

104.21.80.1

200 OK

99 kB

URL User Request GET
y2mate.lol/convert/?videoId=mIEQMXj5pYA
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type

Size
99 kB (98861 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /convert/?videoId=mIEQMXj5pYA HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
x-cache: MISS
last-modified: Fri, 14 Mar 2025 06:36:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrlA5mEwsQTmuuouDqbYcWcfiChV0zCf5tHfBN7UGNzC%2FO68pJxBokIsSoz7uTKdOn8LhzGDlJmMReyos3TwtLPXlo04vMOF7BsAEdM9m7oTukcDyWOIuvGdTbSA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9201c4408d7cb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=1086&min_rtt=600&rtt_var=855&sent=8&recv=12&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1266&delivery_rate=6205714&cwnd=254&unsent_bytes=0&cid=62269129e81657c7&ts=140&x=0"
X-Firefox-Spdy: h2

y2mate.lol/css/bootstrap.min.css

104.21.80.1

200 OK

122 kB

URL GET
y2mate.lol/css/bootstrap.min.css
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
ASCII text, with very long lines (64985)
Size
122 kB (122271 bytes)
Hash
4911e012475391523e02cb5572616c1c
e720a37fa5d072427f5b4c7dd5fb6c3eee29e95e
0581cb2c3ac319f2f4257579cc974f8c0893a3e8ac7c8d304404c2572c88471c

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BcqhLOn5GWzkUQgoZG2S50VsP%2B%2BrYo37K%2BwOjqgRPUB3HqSmVAE9OQYfqO5gacBCT0%2FCjiVb03GxRunSonRGrDfEwpMtgQNDWb%2BTNRg45I904UPjacaWMC9Gz20b"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 18 Jun 2024 10:21:09 GMT
vary: Accept-Encoding
etag: W/"66715f95-1dd9f"
expires: Fri, 14 Mar 2025 06:38:38 GMT
cache-control: max-age=14400
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-cache: HIT
cf-cache-status: HIT
cf-ray: 9201c443d84d0b55-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

y2mate.lol/images/logo.png

104.21.80.1

200 OK

2.4 kB

URL GET
y2mate.lol/images/logo.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2432 bytes)
Hash
4282b111946261507792c1e0fa924fda
a8f8658af853bff0cc041b007e080681d366114a
6717300b64d5a10b33eb7f1b7ae0a7c64cbbe88e6a4cdf0e21afe4c0f9f02d5e

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tg8TEglwR6CCvZuIT6UWhd156fxWfRKJLspgAYxah3GekrZcZ131b4l5mm%2BlRQvoI%2F1xpt5DsvK01D%2FIN%2BkjPjFrXzLqvgJ3Fzd3tswSDKcfuCyREm39%2BwYXM96L"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Fri, 21 Jun 2024 06:38:09 GMT
etag: "66751fd1-980"
expires: Fri, 14 Mar 2025 06:38:50 GMT
cache-control: max-age=14400
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
x-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
cf-ray: 9201c443d84e0b55-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

y2mate.lol/images/chrome.svg

104.21.80.1

200 OK

16 kB

URL GET
y2mate.lol/images/chrome.svg
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
SVG Scalable Vector Graphics image
Size
16 kB (15479 bytes)
Hash
e286a737f533f31d4e928bce488e859b
9ed7047483e7ee8a364268703683fb599d7c3062
c6bd759943caedceb7f674c0789c3d0b764b6ef855dc8a4601ae724e8b006bea

HTTP Headers

GET /images/chrome.svg HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCPH9OE5QcDUhEzamn7SDmkzGYaj3dZG0TmYVZFWK6YN5SYy2k0hBhOmd53calPYiFLJwl5Vzmo5anY3lRZreZN2ECZWzcMK1Rg4cQJjankRs3ZHIG4f%2FcE3raZx"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Oct 2023 06:58:49 GMT
vary: Accept-Encoding
etag: W/"653b5fa9-3c77"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
content-encoding: gzip
x-cache: MISS
cf-cache-status: HIT
age: 2490239
cf-ray: 9201c445d86a0b55-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

iframe.y2meta-uk.com/images/tip-download-youtube.jpg

104.21.29.250

200 OK

19 kB

URL GET
iframe.y2meta-uk.com/images/tip-download-youtube.jpg
IP
104.21.29.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
FingerprintC7:99:9A:12:97:8E:7F:F1:0E:5F:08:E8:89:54:54:76:17:B2:FD:6C
ValidityFri, 31 Jan 2025 10:20:14 GMT - Thu, 01 May 2025 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 944x93, components 3
Size
19 kB (19310 bytes)
Hash
f7b6fb7f6294270b95d8c232d6c0ee4a
b4cee6150377cc465ee786b3e64a9b6ef0e3a431
3e3f2f6af1bbe494aed832f33541b0e411a0045a33b870916d05e9019f2b7e0b

HTTP Headers

GET /images/tip-download-youtube.jpg HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: image/jpeg
content-length: 19310
last-modified: Wed, 25 Dec 2024 09:53:55 GMT
etag: "4b6e-62a153532aca4"
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6116
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ujb0xTvhLGHh1dA7AlR3o7TcZ6ZLtCWNqLs11JZVy%2BDDOj3agvU%2BYEMJdbtPMHcIyHnVmyNkn4Cm%2BSKxbj9RsdLCcbyUOmCioZ8KJlBwDWlbCDh1JbZLIrvd5QbAC%2BcKnB1SQ1Pthg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9201c4483fb40b45-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=21089&min_rtt=2644&rtt_var=11201&sent=27&recv=12&lost=0&retrans=0&sent_bytes=17066&recv_bytes=1719&delivery_rate=40800&cwnd=24000&unsent_bytes=0&cid=335c0775395cae60&ts=373&x=1", cfExtPri, cfHdrFlush;dur=0

madurird.com/5/5691213/?oo=1&js_build=iclick-v1.1107.0&dmn=vaikijie.net&tt=2&ix=0

139.45.197.106

200 OK

45 B

URL POST
madurird.com/5/5691213/?oo=1&js_build=iclick-v1.1107.0&dmn=vaikijie.net&tt=2&ix=0
IP
139.45.197.106:443
ASN
#9002 RETN Limited

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerLet's Encrypt
Subjectmadurird.com
Fingerprint91:68:A5:03:A0:08:C3:71:EB:3A:29:4C:CC:F9:5B:B6:92:51:DA:AE
ValidityWed, 29 Jan 2025 05:40:30 GMT - Tue, 29 Apr 2025 05:40:29 GMT

File type
ASCII text, with no line terminators
Size
45 B (45 bytes)
Hash
20ce7b1d0629fcff71c939cc95e2312a
2c71b0e4c8d8702a74f949ef706805ddd53e7768
3b0d925c88e570438781cfc9193026e059841b88efef852ab82df427286a7829

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /5/5691213/?oo=1&js_build=iclick-v1.1107.0&dmn=vaikijie.net&tt=2&ix=0 HTTP/1.1
Host: madurird.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2579
Origin: https://y2mate.lol
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 14 Mar 2025 06:38:12 GMT
content-type: application/json
content-length: 45
x-trace-id: df380fddb2784d47389eea884768021f
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: https://y2mate.lol
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=00818c70d1424118f09bb9c25cafbf46; expires=Sat, 14 Mar 2026 06:38:12 GMT; path=/; secure; SameSite=None
oaidts=1741934292; expires=Sat, 14 Mar 2026 06:38:12 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.80.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.80.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18
ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://y2mate.lol
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 9201c4443f8756c7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA

104.21.29.250

200 OK

46 kB

URL GET
iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
IP
104.21.29.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
FingerprintC7:99:9A:12:97:8E:7F:F1:0E:5F:08:E8:89:54:54:76:17:B2:FD:6C
ValidityFri, 31 Jan 2025 10:20:14 GMT - Thu, 01 May 2025 11:18:23 GMT

File type

Size
46 kB (45678 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /lolindex.php?videoId=mIEQMXj5pYA HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
vary: Accept-Encoding
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ilyxCxkEbWbMH2WOF5KWUum%2Bv0Wgj8yHsmw7c1RDYw6rhVmluYmEpZKZmbS5OgYhgCgU6cfgkSBhJzGOrLpsUXRmbt5N%2FtnQO%2BzbWTrlwMH9d1UUwEJ2aSTdUeFUi4zdwcZ3j1aeDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9201c445396556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2360&min_rtt=1122&rtt_var=2402&sent=9&recv=11&lost=0&retrans=1&sent_bytes=3312&recv_bytes=1302&delivery_rate=2167664&cwnd=255&unsent_bytes=0&cid=1f236763724407fe&ts=136&x=0"
X-Firefox-Spdy: h2

y2mate.lol/convert/?videoId=mIEQMXj5pYA

104.21.80.1

200 OK

0 B

URL HEAD
y2mate.lol/convert/?videoId=mIEQMXj5pYA
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /convert/?videoId=mIEQMXj5pYA HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WAp4yVy6%2B9rCjIAfq6qplUm%2FsMVp17GcXNSzfSFGj5O19Uyk4iUXTvDtTt3LRs1z10a2aAes1doNgaS93ovMfiWGaP7sK1pBzezb2EvwxkmyPpqFttpNeRHuq8O3"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
x-cache: MISS
last-modified: Fri, 14 Mar 2025 06:36:37 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
content-encoding: br
cf-ray: 9201c445c8690b55-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-4GV1XWNGP4

142.250.74.136

200 OK

305 kB

URL GET
www.googletagmanager.com/gtag/js?id=G-4GV1XWNGP4
IP
142.250.74.136:443
ASN
#15169 GOOGLE

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
FingerprintAE:1B:D4:56:41:F7:15:A7:24:B8:F3:55:83:91:17:2C:97:12:67:6E
ValidityWed, 26 Feb 2025 15:32:54 GMT - Wed, 21 May 2025 15:32:53 GMT

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
305 kB (305308 bytes)
Hash
345e3dda151624e46a4d0f4422c55a3a
7373c7e99469edfbbe52e02b9e51bd257aae9540
c9acfa3fcb14a4df151e482497781cd4503247eb34b6cac0ac760764d2fb8a63

HTTP Headers

GET /gtag/js?id=G-4GV1XWNGP4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 14 Mar 2025 06:38:11 GMT
expires: Fri, 14 Mar 2025 06:38:11 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1020:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1020:0
report-to: {"group":"ascgcycc:1020:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1020:0"}],}
server: Google Tag Manager
content-length: 107320
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

y2mate.lol/cdn-cgi/rum?

104.21.80.1

204 No Content

0 B

URL POST
y2mate.lol/cdn-cgi/rum?
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1327
Origin: https://y2mate.lol
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Cookie: _ga_4GV1XWNGP4=GS1.1.1741934293.1.0.1741934293.0.0.0; _ga=GA1.1.1441693562.1741934293
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 204 No Content
date: Fri, 14 Mar 2025 06:38:13 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://y2mate.lol
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 9201c45398df0b55-OSL
x-frame-options: DENY

cdn.jsdelivr.net/npm/@iframe-resizer/child

151.101.129.229

200 OK

19 kB

URL GET
cdn.jsdelivr.net/npm/@iframe-resizer/child
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (18287), with escape sequences
Size
19 kB (19118 bytes)
Hash
332dcd23809fe61527de42e3f9573b75
a2625f12ee3ade5f66ab193105bbad50b802c6cd
eeec7ec4b3f70698190b7df1efbfe6b50fea9598df5cc0af7ee5ec7eb5e40348

HTTP Headers

GET /npm/@iframe-resizer/child HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.3.3
x-jsd-version-type: version
etag: W/"4aae-omJfEu463l9mqxkxBbutULgCxs0"
content-encoding: br
accept-ranges: bytes
date: Fri, 14 Mar 2025 06:38:11 GMT
age: 26535
x-served-by: cache-fra-etou8220173-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7510
X-Firefox-Spdy: h2

iframe.y2meta-uk.com/images/loading.gif

104.21.29.250

200 OK

12 kB

URL GET
iframe.y2meta-uk.com/images/loading.gif
IP
104.21.29.250:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
FingerprintC7:99:9A:12:97:8E:7F:F1:0E:5F:08:E8:89:54:54:76:17:B2:FD:6C
ValidityFri, 31 Jan 2025 10:20:14 GMT - Thu, 01 May 2025 11:18:23 GMT

File type
GIF image data, version 89a, 160 x 24
Size
12 kB (11689 bytes)
Hash
046677ff48107680705f654c9250c567
c0cbc0b2c8b84014dcfea943e4582c7bd9e79710
4bf7f8d97e7584aeb2932c7313bb7e6266651a22cad37fe16f4239ed7ea1784c

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: image/gif
content-length: 11689
last-modified: Wed, 25 Dec 2024 09:53:55 GMT
etag: "2da9-62a153532a8bc"
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 6117
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9lRUlYhzF1iF31ikwMEvsxY8zXgHcwNy6AP5eI9RDtboL%2Bh6idLXSto5KyeGS%2Fgt0vOu%2BLRP3etDKqtxPs7lNlyEltmyL28UicVOjM5lwZjpz3wbT0%2Bd2AmQjFTc7l22Ob%2BBVNnmnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9201c447ff670b45-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20696&min_rtt=2644&rtt_var=13886&sent=15&recv=10&lost=0&retrans=0&sent_bytes=4270&recv_bytes=1349&delivery_rate=224598&cwnd=12000&unsent_bytes=0&cid=335c0775395cae60&ts=344&x=1", cfExtPri, cfHdrFlush;dur=0

embroiderynaturalistsfighter.com/36c121257645a346bea6b4ffc9e8866b/invoke.js

172.240.253.132

403 Forbidden

0 B

URL GET
embroiderynaturalistsfighter.com/36c121257645a346bea6b4ffc9e8866b/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerLet's Encrypt
Subjectembroiderynaturalistsfighter.com
Fingerprint68:82:F5:69:CF:89:D9:53:C8:49:AD:57:1F:85:BC:60:13:26:BB:66
ValiditySat, 08 Feb 2025 21:07:47 GMT - Fri, 09 May 2025 21:07:46 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /36c121257645a346bea6b4ffc9e8866b/invoke.js HTTP/1.1
Host: embroiderynaturalistsfighter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 14 Mar 2025 06:38:11 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
x-envoy-upstream-service-time: 1
Host: embroiderynaturalistsfighter.com

y2mate.lol/images/logo.png

104.21.80.1

200 OK

2.4 kB

URL GET
y2mate.lol/images/logo.png
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced
Size
2.4 kB (2432 bytes)
Hash
4282b111946261507792c1e0fa924fda
a8f8658af853bff0cc041b007e080681d366114a
6717300b64d5a10b33eb7f1b7ae0a7c64cbbe88e6a4cdf0e21afe4c0f9f02d5e

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: image/png
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8LBx9LNKBRdGfVBVs03GINuaMyHWANDkQp9WobQAx0qvRC6JwLmgpDjtEbqgQkxcuxvsoqt75ZjWK4ywuNeAV7W5cR7aOvyX8RhxHnECjPTqfqTa2Zg6jx2tPN9X"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Fri, 21 Jun 2024 06:38:09 GMT
etag: "66751fd1-980"
expires: Fri, 14 Mar 2025 06:38:50 GMT
cache-control: max-age=14400
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
x-cache: HIT
content-encoding: gzip
age: 0
cf-cache-status: HIT
cf-ray: 9201c44a18930b55-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

i.ytimg.com/vi/mIEQMXj5pYA/0.jpg

142.250.178.118

200 OK

20 kB

URL GET
i.ytimg.com/vi/mIEQMXj5pYA/0.jpg
IP
142.250.178.118:443
ASN
#15169 GOOGLE

Requested by
https://iframe.y2meta-uk.com/lolindex.php?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjectedgestatic.com
Fingerprint6D:EF:9D:14:AA:DD:49:EF:FD:44:8A:42:9B:00:FB:08:ED:0D:4A:CE
ValidityWed, 26 Feb 2025 15:32:53 GMT - Wed, 21 May 2025 15:32:52 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
20 kB (20492 bytes)
Hash
652079d8a9e9e8a49ccfbdc2018f1380
8a58c06eaa5a54a222af4560c0a42c9cb7e71a5b
236d400bacc639d5d0b7248df501ada86e00704e149f7cb8a8a85934c04cf82b

HTTP Headers

GET /vi/mIEQMXj5pYA/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 20492
date: Fri, 14 Mar 2025 06:38:12 GMT
expires: Fri, 14 Mar 2025 08:38:12 GMT
cache-control: public, max-age=7200
etag: "1738353757"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

noblemancradleintrepid.com/4518dbbd3cfaa4ffef321dc89bf83758/invoke.js

192.243.59.13

403 Forbidden

0 B

URL GET
noblemancradleintrepid.com/4518dbbd3cfaa4ffef321dc89bf83758/invoke.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerLet's Encrypt
Subjectnoblemancradleintrepid.com
Fingerprint30:AC:DA:F2:30:EC:A8:99:61:4E:D0:0D:F6:EA:01:A3:75:CF:DC:2B
ValidityWed, 12 Mar 2025 21:45:35 GMT - Tue, 10 Jun 2025 21:45:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /4518dbbd3cfaa4ffef321dc89bf83758/invoke.js HTTP/1.1
Host: noblemancradleintrepid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Fri, 14 Mar 2025 06:38:12 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: noblemancradleintrepid.com

y2mate.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.80.1

200 OK

12 kB

URL GET
y2mate.lol/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: application/javascript
last-modified: Tue, 11 Mar 2025 18:12:36 GMT
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"67d07d14-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yTzzpkWLww5RSsKbR0MPE5HHwdeNchIenzzFR2HKQ6tKj4%2BnWD%2Bbrawg8NEYCRS6DpEtl%2Bh%2FqqarMHPcqa28enXI5j8i8%2FwcanQJeW1JISjDelkDlOuj3Bczlf1D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9201c443d84f0b55-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 16 Mar 2025 06:38:10 GMT

vaikijie.net/tag.min.js

139.45.197.107

200 OK

100 kB

URL GET
vaikijie.net/tag.min.js
IP
139.45.197.107:443
ASN
#9002 RETN Limited

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerLet's Encrypt
Subjectvaikijie.net
Fingerprint34:27:DF:A7:05:2A:49:59:51:03:B3:C4:05:7B:9F:2D:92:59:2A:AA
ValidityThu, 26 Dec 2024 05:22:37 GMT - Wed, 26 Mar 2025 05:22:36 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
100 kB (100417 bytes)
Hash
e626db241b63eed1d32ae2ace5055cb2
5cb6a6c47ff0dcbc71c349ebdfcdc20b09f1ad61
44d4876e4d8290ef270cc2fc0c40465f045bbcbfd1569377970fa285f40290e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: vaikijie.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: text/javascript; charset=utf-8
content-length: 37444
content-encoding: br
x-trace-id: 03c94c93be65a9f034dc24fd3556b155
accept-ranges: bytes
last-modified: Thu, 13 Mar 2025 16:31:16 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace, favicon
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

y2mate.lol/fonts/glyphicons-halflings-regular.woff2

104.21.80.1

200 OK

18 kB

URL GET
y2mate.lol/fonts/glyphicons-halflings-regular.woff2
IP
104.21.80.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjecty2mate.lol
FingerprintCA:5C:1E:92:1C:22:1E:03:A6:6E:F3:4F:EF:6D:DC:6D:97:CD:82:CA
ValidityThu, 27 Feb 2025 11:59:44 GMT - Wed, 28 May 2025 12:57:53 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: y2mate.lol
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/css/bootstrap.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 14 Mar 2025 06:38:10 GMT
content-type: font/woff2
content-length: 18028
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=POr2fj%2FPKWOaUkJN%2FYmEzimKcVrgUoUcxA%2BffjCHc%2FieXv9OdzLu%2FfBxefsv4E2fMvW9e4BA9VdSDkOXX2DIfGSHcNxEOt8Z%2FTPRZVzQevflPzKIr7IumXRYIe%2Fs"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 18 Jun 2024 18:03:09 GMT
etag: "6671cbdd-466c"
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
expires: Fri, 14 Mar 2025 06:38:34 GMT
cache-control: max-age=14400
x-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
cf-ray: 9201c445b8670b55-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js

104.17.24.14

200 OK

14 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2mate.lol/convert/?videoId=mIEQMXj5pYA
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13839)
Size
14 kB (14166 bytes)
Hash
8a83e81d3aea465f720c231cb664c392
d7d93abf4f8933b9dc69771ec435a1380c0509fc
961bba18ba488f2f871ba5f306de32b3a42046bfe951e2ba5a2316d5e01df7c9

HTTP Headers

GET /ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2mate.lol/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 14 Mar 2025 06:38:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 4942
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "654e4d27-134e"
last-modified: Fri, 10 Nov 2023 15:32:55 GMT
cf-cdnjs-via: cfworker/r2
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 733105
expires: Wed, 04 Mar 2026 06:38:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xdHuEJRETm7HA%2FbfjiPtgpwB4Ppe5jxDtGoATn7QY0RfXSij1ZXKVWKSzfRoSQZuCcDIJP2LW8jxwiV0T%2B736NNRVJuN%2Ftuk5%2FVeyeEWOpuXPs6BVOnsX4UeROMJm7nIGOFk535"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 9201c446fc5cb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML