Report - 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068

Report Overview

Submitted URL
6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068
IP
104.21.71.197
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-05 21:25:13
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
my.rtmark.net	9054	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.9 kB	18 kB	139.45.195.8
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	714 B	1.4 kB	216.58.211.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.89.20.60
youltube.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	27 kB	104.21.71.197
ugyplysh.com	51119	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	59 kB	139.45.197.253
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
6steo86qv4.youltube.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	753 B	8.2 kB	104.21.71.197
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	52 kB	34.120.237.76
orqi3s2zeo.youltube.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	521 B	624 B	172.67.148.44

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	youltube.biz	Sinkholed
2022-12-05	medium	youltube.biz	Sinkholed
2022-12-05	medium	youltube.biz	Sinkholed
2022-12-05	medium	youltube.biz	Sinkholed

JavaScript (30)

	URL	Size	First Seen	Last Seen
	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	444 B	2023-03-07	2024-05-05
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:01 Last Seen2024-05-05 14:52:48 Times Seen497 Hash a5964115c589e6ac706966bdd17b4318 574e85a6842075c22750856eb7c06da299389ceb 8f979b26375828fea21e1a76ea1b844f171a0da1348ad25631a92dd98bfb3945 Loading...

	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	948 B	2023-03-08	2023-03-11
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:21:54 Last Seen2023-03-11 14:50:27 Times Seen1 Hash c4b19704ae78f6dec5383507dda93c8a 07de9cae02f6aa2da6a7489391cf8341cdb48cdc 216fa4d2e3de0ff605e00478a173df27eefd7c38b8177d823d59ae2c183ef76f Loading...

	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	659 B	2023-03-08	2023-03-11
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:21:54 Last Seen2023-03-11 22:20:19 Times Seen1 Hash fb90f07541ab40594d9c1e43db8216eb 94e12902179d928e05acec2b0b164af49bc8ee28 d39174bb0ab1ba7e1a3a67496876b309dcbffdc5355b26a6010bdcedb931e1e2 Loading...

	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	3.2 kB	2023-03-08	2023-03-11
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:21:54 Last Seen2023-03-11 14:50:27 Times Seen1 Hash 22a2696f2f8c2d85b2788a579bb38157 64991be8e7b7e1ab7211220ddb7bb0e9d7fa8cc6 c2f72af2324ec0a83611b996556573dcad07aca2715873ba4a44a477cbf40023 Loading...

	youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=e19a21zq5bgqqfe7ff&var=2068&sw=/sw-check-permissions-local-5137789.js	79 kB	2023-03-07	2023-11-02
Pretty URL youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=e19a21zq5bgqqfe7ff&var=2068&sw=/sw-check-permissions-local-5137789.js IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-02 23:01:53 Times Seen1049 Hash 93b0d41455f0af39bf64922cda7fb1a0 3fe05102febbd048c087077eb5a358d7185e64e1 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Loading...

	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	210 B	2023-03-08	2023-03-08
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:58 Last Seen2023-03-08 19:49:58 Times Seen1 Hash 5016504a43fd85dd561ae3052b19c626 6162aab9806dc86ddcf17a0cd01c5c1836a9a36b b7dee7107d90178baf49ff10bc028aff0862ba1c48fa334e7d40cd6093f0df0d Loading...

	6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068	355 B	2023-03-08	2023-03-08
Pretty URL 6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 IP 104.21.71.197 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:49:58 Last Seen2023-03-08 19:49:58 Times Seen1 Hash ebaa84d7c284ddeef913c2baad8f2344 f92080dbbc387126bd62f3a855a100684deae02d 1cc08850c1a743c0e80896822f342728a612a0fd4fba6d96a334638ccb6fda72 Loading...

		Size	First Seen	Last Seen
	#1 Eval - bff9ea9963b0a6ad0580115d9348e3cb	69 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash bff9ea9963b0a6ad0580115d9348e3cb 43aca0609cd33d25d5f205435b23620312c121d1 45aa6c53c20a609e2ff8f20279c5b478042d31f9f0cf21e68c46d3200deb960b Loading...

	#2 Eval - 210641588691e73f107d9c6e3837e28b	73 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash 210641588691e73f107d9c6e3837e28b 30b085ddcd674aa6bd73d8d7431396a3a32c6d7e de84b3266e4cc158adc76562722f1bc09cf92e2f84752076d2b148d7ff6e6743 Loading...

	#3 Eval - 82295ed9d037912f7380dcdcd6cb388b	61 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash 82295ed9d037912f7380dcdcd6cb388b 79edf893883b9ec5ae212c644b217b6363d17597 2393720c4d4835b1fd9e98df4d6a91127add2b99a5c0e46b3089ab1f35f9d94d Loading...

	#4 Eval - 3320716567ca7a52b2585b52a8e5dfc7	14 B	2023-03-07	2023-11-29
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-29 11:22:59 Times Seen202 Hash 3320716567ca7a52b2585b52a8e5dfc7 51715d46f57c481254c748257037e2baa4e81dca 4c3889c04dd1832c457ef1f9c8683b03d1249c0c57932346fe3f6935e58f5883 Loading...

	#5 Eval - d41d8cd98f00b204e9800998ecf8427e	0 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 03:39:59 Times Seen37534299 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	#6 Eval - a43ef377a5107009124b5188a6c0c0a3	65 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:02 Times Seen191 Hash a43ef377a5107009124b5188a6c0c0a3 31c2ee8f61e51281c08316d003b42fc3abaec736 88554f4735242d0e22d0ac195ff0f014f9e6e97b3b2f0a3959aa53eabf5e7fa8 Loading...

	#7 Eval - 16caa856f664ac5cc1c32d6575b47796	25 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:33:24 Last Seen2024-05-11 00:23:22 Times Seen1064 Hash 16caa856f664ac5cc1c32d6575b47796 35eea3d04b3e34ace8cb8162d2ee9ef95988ff19 0d104b78124bc9cede335899791af4e0c98eb238bbefa13e7a7738c5f37db74a Loading...

	#8 Eval - 37c58fab986ab2a8716ceb641184cd26	25 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:02 Times Seen191 Hash 37c58fab986ab2a8716ceb641184cd26 9e58da66657100ea42fd65d43e7740d5ce9190a5 a2e8cd298383fffc88d2620c554fafd288a4a2c0b25a0df452aa2acd04f94abf Loading...

	#9 Eval - 85ef281ef08677afa67a66d49086e601	50 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash 85ef281ef08677afa67a66d49086e601 e668f3b8376595d1efd4486c77e5f8bc06c8daf3 ada3c7ff28ebb54f892df7ab5d0565921d8964508a62c3567d70179fc0f85a8f Loading...

	#10 Eval - 8ecb76d7d80c22c626b04a06cbd87b63	43 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash 8ecb76d7d80c22c626b04a06cbd87b63 abf41522096b05e5f8a0fa293061acffcebcf1e6 afc1f9fdca8cad62c2628787435ebe288ff48955b29b2d1c25f388133a46753e Loading...

	#11 Eval - c510d5a3d97cb2f599576a56b2703434	17 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-11 01:59:04 Times Seen9647 Hash c510d5a3d97cb2f599576a56b2703434 9bc8f27eddd88f1e3f879b2dceb86f92486dc1e3 b4a3a83fe09d48db0c0b4416fefb19af5f9e069c12d2af8793a18f159574bb79 Loading...

	#12 Eval - d8892a65c52f9aa6072c70c97c720460	19 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2024-05-11 00:23:22 Times Seen516 Hash d8892a65c52f9aa6072c70c97c720460 310f7f2c9514ce701cb0521cd7b3af4113ee26f9 e63ab147abec2559a09a62bfdb04cf786dc3d387fe8c0eb27c84b4fd5a1251d9 Loading...

	#13 Eval - 902c460afdd3e381e561395b818a5dbf	18 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-05-11 01:59:04 Times Seen9759 Hash 902c460afdd3e381e561395b818a5dbf 91008cfe46804ec773a2e4f72302086a0a41366b 64e360e85164e7675724c7fe1ed681b25a138c51d437bac5ff97e8910ccf2aa7 Loading...

	#14 Eval - c6e2b9a571e35b24ae67e7216c220b5a	87 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash c6e2b9a571e35b24ae67e7216c220b5a 335ff90d256eaa23aa20f5affe09755eb30d3283 c9f62dbb60981aa9dde0ee2099435234305721066ef86254a477d871f774f108 Loading...

	#15 Eval - d1d3f514be5b82ab195fda21c83d4cdc	35 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash d1d3f514be5b82ab195fda21c83d4cdc 443d41302d9576f58043488c78e44be3823712dd ed500e291c731b0cc2f1caf4e9927da2ac7914b225970279b328f3a56c041f3c Loading...

	#16 Eval - db6dd56ada24f16b78646aa90fccf3a4	24 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash db6dd56ada24f16b78646aa90fccf3a4 2957fb207b1c3aba7b432bcec2c3b311e1e0c8e7 c8d1362c2bd18114ff660083ed3a26efcbd954ffbfbc6da18befb481655f6be9 Loading...

	#17 Eval - 1efbdbe3cf6bf8b1b5ab03a264680404	26 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash 1efbdbe3cf6bf8b1b5ab03a264680404 fb9c61b5aaec994818affe12776440e7460b2b74 ed09fa8a79e4b096a8d260f70b72323ec4f4c72858da25dbc70932bcb86f34df Loading...

	#18 Eval - e1a7013e58913416b7f855d3a8932b98	20 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2024-05-11 00:23:22 Times Seen516 Hash e1a7013e58913416b7f855d3a8932b98 63e749063210734dbdaea64eb11cf520b439bd6d c90d924b8f1f149646ff5cac8b44a3b1efa487a09b0a9567f3660c016c01946e Loading...

	#19 Eval - 817a0e7af0e2db02e66b686f464c4341	14 B	2023-03-07	2023-11-29
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-29 11:22:59 Times Seen202 Hash 817a0e7af0e2db02e66b686f464c4341 758d7bb671b48ed94df224dff14fbdc6e315aec7 8c1e2d50150476d46b33950be46689fbaa84a72406236cca4cf5c0e5ec2db849 Loading...

	#20 Eval - 97027e2582ced35b186bf66d3601cfd2	17 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:04 Last Seen2024-05-11 01:59:04 Times Seen9758 Hash 97027e2582ced35b186bf66d3601cfd2 4133fa316e585c4426c58951884d2db2d0e21548 b18f7c2e4dbfe2926b0413634f7cd6781be55e27b4b885dc68a8f740a80d72e1 Loading...

	#21 Eval - 61d9031f2b0da3ac81b6732b6d1ecf83	36 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-11 01:59:04 Times Seen9294 Hash 61d9031f2b0da3ac81b6732b6d1ecf83 515d4db3d1120a7160d1bc7d93d57f7fbdea1fc4 436179ef4964c80a03e62015696ba10c5ae70602c6538d07f50b75f35bd72a27 Loading...

	#22 Eval - f339d377ad386cf7581781a87a239647	73 B	2023-03-07	2023-11-15
Pretty Observations First Seen2023-03-07 12:28:01 Last Seen2023-11-15 15:41:01 Times Seen191 Hash f339d377ad386cf7581781a87a239647 401f3108c894885a48224ebb5d369f7dac5b520f 27ec647750bbee044f3d840aba7d0607ef662bef7df942087e8133fb5bcb3fee Loading...

	#23 Eval - 4260c01394765a497287987f27d6823a	18 B	2023-03-07	2024-05-11
Pretty Observations First Seen2023-03-07 01:03:05 Last Seen2024-05-11 01:59:04 Times Seen9648 Hash 4260c01394765a497287987f27d6823a 7162f84a1608c790ba9e01abfa0e0ddd067feb97 0200f755a2c13b9335fe39b3a88f696c334e518e8407780c4731d8e6be966c4e Loading...

HTTP Transactions (63)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6982
Expires: Mon, 05 Dec 2022 23:21:24 GMT
Date: Mon, 05 Dec 2022 21:25:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3337
Expires: Mon, 05 Dec 2022 22:20:39 GMT
Date: Mon, 05 Dec 2022 21:25:02 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5020
Cache-Control: max-age=138597
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:25:02 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 11:54:59 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: x3W+QTP9kkjnxebrVUKaaviZnfObX6GQc7dp+CzdMu7XWExJ3mILG86EomOHia8qOemTof2RZfw=
x-amz-request-id: CYYXD0JQN3KSANVA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 20:48:39 GMT
age: 2183
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:18:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 391
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068

104.21.71.197

200 OK

5.4 kB

URL HTTP/1.1
6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068
IP
104.21.71.197:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5373)
Size
5.4 kB (5447 bytes)
Hash
d9ffa46a483675c7074bfe1e530724fc
7dcc2632e4c571ab5ba3e250bd08b096a446c7f2
c40978ccfa4067c4b54ba6077864d1b94cffd168e735af0e871f9470caf3b162

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 HTTP/1.1
Host: 6steo86qv4.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 21:25:02 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eD2NHO1WIwR8mqee6XSM%2BB%2FPGESGBx%2BmfGBZEL5YHRswU8XgJMrVnB%2Fpqr8lL24H%2BDZro6DSEtIZ8YCyXAqXqEaUFQx%2Fy8bf5PACir3%2BXwy4llk2ZXOrRA%2BG2bYtGWukLlUOhYHPgMxf4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fda1f5ca6b500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
474892be6a09056ef2262bd9c21aa57a
bff0a6fca92310c264e5a5ec38b93b1ffed014f3
47ee4331e8ef179a95efaa899555d31d81324523a69fefb4bda5efa16eae88f5

HTTP Headers

POST /s/gts1p5/DsM5GOv2fqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:25:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 964
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4976
Cache-Control: max-age=133486
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:25:02 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:29:48 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

6steo86qv4.youltube.biz/favicon.ico

104.21.71.197

404 Not Found

1.4 kB

URL HTTP/1.1
6steo86qv4.youltube.biz/favicon.ico
IP
104.21.71.197:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (660)
Size
1.4 kB (1433 bytes)
Hash
5d5311d668a4899c6a2851284adc4f8d
f2142341d483367c49583914e9d60e8f25f6e176
cce548759b07863c03628991f10afb1bd8770055c1f5af113db0622c5b84b08e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 6steo86qv4.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://6steo86qv4.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068

HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 21:25:02 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 14 Jul 2022 00:17:54 GMT
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVPmbb6UODQ70XFV%2Fa7uRdDFXwuca%2B1rkz1m37%2FFE0i%2BATQh5aiWHLJaCgLcJO8FDK2t4a5cAsKn2Xp15pKD5xCnkyc2PkvfHfMen4OXcRvVA%2BIrF%2BH1evbc37hxKMkt6yEmI7WGlAqIvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774fda232a7fb500-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.20.60:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UgugypxC1p5vN0rY+vnHPA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 47e7NXOfh/BVenfLLh0p8nWJDLA=

youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=e19a21zq5bgqqfe7ff&var=2068&sw=/sw-check-permissions-local-5137789.js

104.21.71.197

200 OK

26 kB

URL HTTP/2
youltube.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=e19a21zq5bgqqfe7ff&var=2068&sw=/sw-check-permissions-local-5137789.js
IP
104.21.71.197:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25838 bytes)
Hash
847a7599af63c66ed304e52f13f2fd93
0d53b9b7c99f2cebe8bec4168c37822e195dc2b8
c69c5c3faec4114bd332ba80d157456e4f39a7d224f9a37ccad4926b0aea960d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /micro.tag.min.js?z=5137789&cdn=1&ymid=e19a21zq5bgqqfe7ff&var=2068&sw=/sw-check-permissions-local-5137789.js HTTP/1.1
Host: youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://6steo86qv4.youltube.biz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:25:03 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 14 Jul 2022 00:36:03 GMT
vary: Accept-Encoding
etag: W/"62cf64f3-133cd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omq%2BPHRUSR%2FR%2FQen8FhTkf7K%2FF3fzW08kTHPCjnOwWYQf9mbQH5iEqxhcZVGzb6mnsF8H4Gq7rIaG%2B88WAME%2BRDcXVfZJ%2FihMR7%2FXkkZ7sXtHDECmJx%2F602gawcKFJE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fda240cfab4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/DsM5GOv2fqE
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
474892be6a09056ef2262bd9c21aa57a
bff0a6fca92310c264e5a5ec38b93b1ffed014f3
47ee4331e8ef179a95efaa899555d31d81324523a69fefb4bda5efa16eae88f5

HTTP Headers

POST /s/gts1p5/DsM5GOv2fqE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 21:25:03 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9a121e479738af503e7961a4898d72f
1da4bb2515b33ff7c920c46355dadc1410172220
cdc0752adc23140bc21deb6e26a3d21d70931ab632ba0f4bc1aaeac4b1af2bef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDC0752ADC23140BC21DEB6E26A3D21D70931AB632BA0F4BC1AAEAC4B1AF2BEF"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13306
Expires: Tue, 06 Dec 2022 01:06:49 GMT
Date: Mon, 05 Dec 2022 21:25:03 GMT
Connection: keep-alive

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6steo86qv4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6steo86qv4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6steo86qv4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://6steo86qv4.youltube.biz
Connection: keep-alive
Referer: http://6steo86qv4.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:03 GMT
content-length: 0
x-trace-id: 200f92702da927b4d65b212b934f53cc
access-control-allow-origin: http://6steo86qv4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9a121e479738af503e7961a4898d72f
1da4bb2515b33ff7c920c46355dadc1410172220
cdc0752adc23140bc21deb6e26a3d21d70931ab632ba0f4bc1aaeac4b1af2bef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDC0752ADC23140BC21DEB6E26A3D21D70931AB632BA0F4BC1AAEAC4B1AF2BEF"
Last-Modified: Sat, 03 Dec 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13305
Expires: Tue, 06 Dec 2022 01:06:49 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

25 kB

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
data
Size
25 kB (25366 bytes)
Hash
2182cb7caee5bebad889fff1d4e4dca6
eec80e32c59ecbc67aa911b1c744285910134e4b
6b3ab87362c69798f55bf5d1f10305328f85421f287e12d0a2795a6b93e10418

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://orqi3s2zeo.youltube.biz
Connection: keep-alive
Referer: https://orqi3s2zeo.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:24:59 GMT
content-length: 0
x-trace-id: a00d7f3156a7c0a750b368f918bfda2e
access-control-allow-origin: https://orqi3s2zeo.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5f25c4c99bce7de9166e989e0e94df3
977a8feb8420b10fc4b27440203b08ecae7516f8
5e444685fc55211330424827c83a0b4a885ff07f4c97fa667eead72cdc3c3eaf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E444685FC55211330424827C83A0B4A885FF07F4C97FA667EEAD72CDC3C3EAF"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5870
Expires: Mon, 05 Dec 2022 23:02:54 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=orqi3s2zeo.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orqi3s2zeo.youltube.biz/
Origin: https://orqi3s2zeo.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:24:58 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 34358036aaa8809db75df998e8e94ae1
access-control-allow-origin: https://orqi3s2zeo.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://orqi3s2zeo.youltube.biz/
Origin: https://orqi3s2zeo.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://orqi3s2zeo.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6849
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6849
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6849
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6849
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6849
Expires: Mon, 05 Dec 2022 23:19:13 GMT
Date: Mon, 05 Dec 2022 21:25:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 84920
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7728 bytes)
Hash
027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:09:54 GMT
age: 83710
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8749 bytes)
Hash
dcb8fe0c4ba323ab2483fa290c291051
6706e02d6b95edc3a33c951f07d04b0fb7415b77
6be68deb3a330955027ec16eaca2cdf4e2776620ffb7cb995922664b24400f02

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F461bc4a6-a90b-41a8-99ce-a502ba9ed21f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8749
x-amzn-requestid: ee03c447-299b-45d5-b8c6-12d4d1dc436d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_spHdBIAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-0c9805c6112ec9ec6b9d1544;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: joWP2kLWVD0lEy2rMV4Fjm3mJh3mzsPyTWiHDVZZNMy5s_WPViKtCw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "6706e02d6b95edc3a33c951f07d04b0fb7415b77"
content-type: image/jpeg
age: 84995
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 85259
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8315 bytes)
Hash
db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 85345
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10396 bytes)
Hash
24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 37122
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6sna8hst40.youltube.biz
Connection: keep-alive
Referer: https://6sna8hst40.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:00 GMT
content-length: 0
x-trace-id: e92427400409b965d951e1a55e309a8a
access-control-allow-origin: https://6sna8hst40.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6sna8hst40.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6sna8hst40.youltube.biz/
Origin: https://6sna8hst40.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:24:58 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: ed351a50082116d562a2f5acbf97e977
access-control-allow-origin: https://6sna8hst40.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6sna8hst40.youltube.biz/
Origin: https://6sna8hst40.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://6sna8hst40.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vb0asi77c0.youltube.biz
Connection: keep-alive
Referer: https://vb0asi77c0.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:01 GMT
content-length: 0
x-trace-id: d0944db7ac5cc14e01500224e774891a
access-control-allow-origin: https://vb0asi77c0.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vb0asi77c0.youltube.biz/
Origin: https://vb0asi77c0.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://vb0asi77c0.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=vb0asi77c0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://vb0asi77c0.youltube.biz/
Origin: https://vb0asi77c0.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:24:59 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: ea8c603a72b34bc5ef87745e9574b5f6
access-control-allow-origin: https://vb0asi77c0.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xn1nmpeye8.youltube.biz
Connection: keep-alive
Referer: https://xn1nmpeye8.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:01 GMT
content-length: 0
x-trace-id: f9f45eb8dafd1e8f132f40ed76f15f67
access-control-allow-origin: https://xn1nmpeye8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=xn1nmpeye8.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn1nmpeye8.youltube.biz/
Origin: https://xn1nmpeye8.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:24:59 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 4ca54aadc5315e1e2de1cca7dde97eba
access-control-allow-origin: https://xn1nmpeye8.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn1nmpeye8.youltube.biz/
Origin: https://xn1nmpeye8.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:05 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://xn1nmpeye8.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:05 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cjqjkoqpww.youltube.biz
Connection: keep-alive
Referer: https://cjqjkoqpww.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:01 GMT
content-length: 0
x-trace-id: adc2fe4e1bd9419e69ef2a90c453e7da
access-control-allow-origin: https://cjqjkoqpww.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=cjqjkoqpww.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cjqjkoqpww.youltube.biz/
Origin: https://cjqjkoqpww.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:00 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 012670058e1df34dc11efdf4f0880f30
access-control-allow-origin: https://cjqjkoqpww.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cjqjkoqpww.youltube.biz/
Origin: https://cjqjkoqpww.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:06 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cjqjkoqpww.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:06 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

5.1 kB

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
data
Size
5.1 kB (5115 bytes)
Hash
0fb68697029475be051d86880cf697d6
e6f4560987a75ad4637eb0bd619d251f0dd0c554
5addf6b25b49d95e707334fe48d162c36751d2bb819004d1f775bf6205a38d78

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lk079mrl80.youltube.biz
Connection: keep-alive
Referer: https://lk079mrl80.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:02 GMT
content-length: 0
x-trace-id: 7548546e68d43a8d1bcdc987644e5ec8
access-control-allow-origin: https://lk079mrl80.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lk079mrl80.youltube.biz/
Origin: https://lk079mrl80.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://lk079mrl80.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=lk079mrl80.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lk079mrl80.youltube.biz/
Origin: https://lk079mrl80.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:00 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 7ce3453ca3f8a15de2ed7844722c3185
access-control-allow-origin: https://lk079mrl80.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

5.1 kB

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
data
Size
5.1 kB (5115 bytes)
Hash
0fb68697029475be051d86880cf697d6
e6f4560987a75ad4637eb0bd619d251f0dd0c554
5addf6b25b49d95e707334fe48d162c36751d2bb819004d1f775bf6205a38d78

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rsfa63gkf4.youltube.biz
Connection: keep-alive
Referer: https://rsfa63gkf4.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:03 GMT
content-length: 0
x-trace-id: 36a49cfc4afc9134c4587cac6fe6ad5b
access-control-allow-origin: https://rsfa63gkf4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

5.2 kB

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
data
Size
5.2 kB (5180 bytes)
Hash
32a296337adb512dea671735ee5b724b
3fe5ed955d6fa3dd92894c03732829ac2e1abe01
cde087d6449246c7dbf9fe04bc6b8e7232ff9f1aa9dd1f12d7fd23003573bc15

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rsfa63gkf4.youltube.biz/
Origin: https://rsfa63gkf4.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:07 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rsfa63gkf4.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=rsfa63gkf4.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rsfa63gkf4.youltube.biz/
Origin: https://rsfa63gkf4.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:01 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: c186566f30246e74b3ab7c359fb2b03e
access-control-allow-origin: https://rsfa63gkf4.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://d24qtcrgc0.youltube.biz
Connection: keep-alive
Referer: https://d24qtcrgc0.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:03 GMT
content-length: 0
x-trace-id: 76812a1cae03d879b27f91abdc59d3a4
access-control-allow-origin: https://d24qtcrgc0.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=d24qtcrgc0.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d24qtcrgc0.youltube.biz/
Origin: https://d24qtcrgc0.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:02 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 730244f3c1462f50b3f0acb0ae247481
access-control-allow-origin: https://d24qtcrgc0.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://d24qtcrgc0.youltube.biz/
Origin: https://d24qtcrgc0.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://d24qtcrgc0.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tzbgmrl8xs.youltube.biz
Connection: keep-alive
Referer: https://tzbgmrl8xs.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:04 GMT
content-length: 0
x-trace-id: e1a7892641179c966fecc1840f405b96
access-control-allow-origin: https://tzbgmrl8xs.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tzbgmrl8xs.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tzbgmrl8xs.youltube.biz/
Origin: https://tzbgmrl8xs.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:02 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 2f46145b81627042c58f245741e4ffc5
access-control-allow-origin: https://tzbgmrl8xs.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tzbgmrl8xs.youltube.biz/
Origin: https://tzbgmrl8xs.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:08 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://tzbgmrl8xs.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:08 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

5.1 kB

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
data
Size
5.1 kB (5115 bytes)
Hash
0fb68697029475be051d86880cf697d6
e6f4560987a75ad4637eb0bd619d251f0dd0c554
5addf6b25b49d95e707334fe48d162c36751d2bb819004d1f775bf6205a38d78

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://6hpecrxyds.youltube.biz
Connection: keep-alive
Referer: https://6hpecrxyds.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:05 GMT
content-length: 0
x-trace-id: edb63898799bd78cc881050f86729b3b
access-control-allow-origin: https://6hpecrxyds.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

65 B

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
8fa48bcc45088ec0f29ebfaad6f30c44
959c1c896c5e1f94360399c23123a8c5c84c5a6a
c2c4cabd800fc77758c251c2d805a96650db32fa80bffe71141bd691828754ad

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6hpecrxyds.youltube.biz/
Origin: https://6hpecrxyds.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://6hpecrxyds.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=6hpecrxyds.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://6hpecrxyds.youltube.biz/
Origin: https://6hpecrxyds.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:03 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 7c985d1097a3c96bb351c0c45291eb09
access-control-allow-origin: https://6hpecrxyds.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest

139.45.197.253

200 OK

0 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pzhfsabn3k.youltube.biz
Connection: keep-alive
Referer: https://pzhfsabn3k.youltube.biz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:05 GMT
content-length: 0
x-trace-id: 7d321fc76624ca99285069b3a049cafa
access-control-allow-origin: https://pzhfsabn3k.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings

139.45.197.253

200 OK

734 B

URL HTTP/2
ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings
IP
139.45.197.253:0
ASN
#9002 RETN Limited

File type
JSON data\012- , ASCII text, with very long lines (733)
Size
734 B (734 bytes)
Hash
805c768c49e12d20cb78ac5efc04efc1
551cceb32c68cc5990c2535f96e32daa68a6992c
0125507d83df4f84c2eb8416eb631dde9730cf7e996cd01fa57613aea1710c95

HTTP Headers

GET /zone?&pub=0&zone_id=5137789&is_mobile=false&domain=pzhfsabn3k.youltube.biz&var=2068&ymid=e19a21zq5bgqqfe7ff&var_3=&dsig=&action=settings HTTP/1.1
Host: ugyplysh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pzhfsabn3k.youltube.biz/
Origin: https://pzhfsabn3k.youltube.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:04 GMT
content-type: application/json; charset=utf-8
content-length: 734
x-trace-id: 39b6e76eddf083d2b84874f5a4e2441e
access-control-allow-origin: https://pzhfsabn3k.youltube.biz
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068

139.45.195.8

200 OK

5.2 kB

URL HTTP/2
my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068
IP
139.45.195.8:0
ASN
#9002 RETN Limited

File type
data
Size
5.2 kB (5180 bytes)
Hash
32a296337adb512dea671735ee5b724b
3fe5ed955d6fa3dd92894c03732829ac2e1abe01
cde087d6449246c7dbf9fe04bc6b8e7232ff9f1aa9dd1f12d7fd23003573bc15

HTTP Headers

GET /gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=e19a21zq5bgqqfe7ff&var=2068 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pzhfsabn3k.youltube.biz/
Origin: https://pzhfsabn3k.youltube.biz
Connection: keep-alive
Cookie: ID=d32cecb6d3734d608e8ca7a8208088e2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 21:25:10 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://pzhfsabn3k.youltube.biz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=d32cecb6d3734d608e8ca7a8208088e2; expires=Tue, 05 Dec 2023 21:25:10 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

orqi3s2zeo.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068

172.67.148.44

200 OK

0 B

URL HTTP/2
orqi3s2zeo.youltube.biz/?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068
IP
172.67.148.44:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?cnv_id=e19a21zq5bgqqfe7ff&sourceid=2068 HTTP/1.1
Host: orqi3s2zeo.youltube.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://6steo86qv4.youltube.biz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 05 Dec 2022 21:25:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnrphuVCATZv2qHKtQtgfWT5RpdT1nKv0F0Jjan93gosdXAJ%2FLJ9OzCYpBHwU2MLhqxMTQrvGXavZDSuZM2fmLvfxyUuk0R5%2F4gpvYboO3jnig9Dwi9qDjR5w23P8PKx3SJw5WFGyc3aQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774fda290ef8b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash