| cy.alrightcorozo.com/rrdFsZsC0jn/64681 |  188.42.108.108 | 200 OK | 20 B |
URL GET HTTP/1.1cy.alrightcorozo.com/rrdFsZsC0jn/64681 IP188.42.108.108:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q CertificateIssuerLet's Encrypt Subjectcy.alrightcorozo.com FingerprintFD:B2:AA:87:97:D6:8F:2A:54:96:DE:5D:60:CB:BE:19:D4:16:A2:B8 ValidityFri, 22 Mar 2024 07:45:14 GMT - Thu, 20 Jun 2024 07:45:13 GMT
File typegzip compressed data, from Unix Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /rrdFsZsC0jn/64681 HTTP/1.1
Host: cy.alrightcorozo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 06:14:54 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-ua-full-version-list
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://younetu.cc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtug0AQRPljJ4akJQ7gIxgUjL3MJivfAQ0zDZ4Ypq1mjJ3bZxIp2dUrPVV5nhcUL%2BAvyRrCm6hhe1R9s5dYojyUVVW%2BHSrZ151o%2BlJVTVnvYK3n1opuRBvBap4E29YuEWwGNMhatpIUZvDqrL%2FmYuhuIog7FkZlEE%2FOGDNIO6b7jFyEEBkxIaQfmrGnhzPEJzEEx72L2rjo7yCguQjzJ4hP2twe%2BSbx8jzx4Pk6CtsTT61WDuOBhULw32ElhcWB%2BAtShfPF0hWARtX%2B%2B7%2Bf8fizBonCRUuHZM%2FI38wATrY%3D; expires=Sat, 04-May-2024 06:14:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjIC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7R3S; expires=Sat, 04-May-2024 06:14:54 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q |  104.26.7.219 | 200 OK | 986 B |
URL User Request GET HTTP/2younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q IP104.26.7.219:443
CertificateIssuerLet's Encrypt Subjectyounetu.cc Fingerprint51:C8:E6:4E:6B:51:0E:06:AB:AE:8B:42:41:D7:6E:DD:96:36:FB:58 ValidityMon, 01 Apr 2024 21:29:48 GMT - Sun, 30 Jun 2024 21:29:47 GMT
File typeHTML document, ASCII text, with very long lines (357) Hash40f903db78e6fb0ac5af92b6539baecf a19e4d391cadcbb7ae28d82b0f14db573ef6dded 09f7e1ac325a6d306e68388104778830e6ebf437e3d2cf4242a1d17dcb21f1da
GET /player/embed_player.php?vid=vfuTQKn1RA7Q HTTP/1.1
Host: younetu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D7jZRrGxVaMeVFPLTKIOH78dTg5f3duAuVRMMFPm5i8CBHaJeNCKQY5ibVmJNes2zKeE%2BeUpI05a9e7zn%2FUkCuUfdU5MnXBUfBplbpeSTK8gukfk0bjdXdz%2B1Y4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d05584156c6-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| commentsmodule.com/js/js.load.1.js?8389242645667790 |  188.114.96.1 | 200 OK | 0 B |
URL GET HTTP/2commentsmodule.com/js/js.load.1.js?8389242645667790 IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcommentsmodule.com Fingerprint93:14:03:FF:0E:5C:59:B4:17:D6:D3:03:3E:B0:19:72:F7:97:6D:D0 ValiditySat, 06 Apr 2024 23:39:59 GMT - Fri, 05 Jul 2024 23:39:58 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?8389242645667790 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://younetu.org/
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 222783
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sRAzFCGA3tKN3%2F4JVU0an3BIyATxpkyF8VxM0c8eWjA4z%2F03NbE78%2BP%2BvSXGh0xyY6rlo58UU%2BaKQFUUs62vWWSiXc%2BUPIoF6Nn48rtNNcuLdCN3MccIabXNNK8lrfGYhDHZMb8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 87de1d0edaba56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=40142990 | 188.114.97.1 | 200 OK | 2 B |
URL GET HTTP/3younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=40142990 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=40142990 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHYXCtAzqxFhwjo%2F8OGFW8CHBZaEb0N3xaTPzX1qKE3wtGYrCBMd9o75cE3aMLfKjAHPZVM%2BsyQ%2BLndCmhewE3GxTX8O2XeSJ6T1iUhZP10kRJ5auQ8jxzpRqyz7Hg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d105a705688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=93112588 | 188.114.97.1 | 200 OK | 2 B |
URL GET HTTP/3younetu.org/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=93112588 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=93112588 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: *
x-inferno-location: banner
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rn%2BcnvEcXz07wZH8KF9umA7VbNwEP70mvzGL9xx1G1WjXLgVnjUbZHcLGzAQ%2B3ER533lSd4li7nKEI%2Fd4IwxOPd6xb1TQzDclRXa2XiD2UkdI817bU393jrHLqe4oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d108a965688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/js/embed.232.js?736 | 188.114.97.1 | 200 OK | 48 kB |
URL GET HTTP/3younetu.org/js/embed.232.js?736 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (3159) Hash2ef0f0aaced28cafd6f81e3817e119a5 a7350dad6f2a5a030506712a3500ac5991c858b4 c08fcc8c5a98d44983c1b328f7345751e4aa22d21b90b1929c5c084fb62bf863
GET /js/embed.232.js?736 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 18 Nov 2023 19:14:49 GMT
etag: W/"65590d29-2a6ef"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 218731
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XF66dQhJLAQZEyfZWQ0xUVQZHT0zhiF7BI74ncpzcynEL1kUUe9IbkMWTCEbvpkxj3hvO8LEjZTkZz96BZVOEaa%2BZEQk3Q5Rew0U11Z0hqazl7GmGteUfjms%2F1%2FoJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d38395688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/js/adv/fuckadblock.js?2 | 188.114.97.1 | 200 OK | 10 kB |
URL GET HTTP/3younetu.org/js/adv/fuckadblock.js?2 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with CRLF line terminators Hash626be86ed51eef8b8b4038b6dcb8fcb2 229b2c503c8a0acc4bb1b423c895fc30330a0723 7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 214583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2F%2BzN5jKs1Y669bNfUncWRyTSt9dVZOFn5tTNWhjXcn7zlhqdPfc%2BIYbZLx%2B67oa3G6X0knNt3FozEcL9q4Mewpz6yzRrmAlXKYRV2%2B8W%2BZDyMu1SHnOOUCKtJmo1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d58525688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/js/video.jquery_plugs/modernizr.js?12 | 188.114.97.1 | 200 OK | 9.6 kB |
URL GET HTTP/3younetu.org/js/video.jquery_plugs/modernizr.js?12 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (1227), with no line terminators Hash981ce49e4c69148552b01cbbe30f0858 9cb566fa0e6cfda06fe4721214acc445d443ef07 458cc3be215bef898d5e6a41e25f0c022e6d5d5e61add13f13c01898bb53b9bc
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 214584
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hHvaUJM%2FCMTL62PtLP1y%2BpUW8Dd%2F%2BbFyMMedo%2BJkWqRAspku4GCpnuBat8mLETwhWe2Km5UeVAEwgJVrEHwEfRxA9jUfbPP%2BNIzd22d5ht8%2FOzYlsQDBF9yFKnldiA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d282c5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| i0.wp.com/cdn-s9.cfglobalcdn.com/flv/api/files/thumbs_new/2021/10/17/1634456482cku0d/1634456482cku0d-640x480-1.jpg |  192.0.77.2 | 200 OK | 12 kB |
URL GET HTTP/2i0.wp.com/cdn-s9.cfglobalcdn.com/flv/api/files/thumbs_new/2021/10/17/1634456482cku0d/1634456482cku0d-640x480-1.jpg IP192.0.77.2:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerSectigo Limited Subject*.wp.com Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2 ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x640, Scaling: [none]x[none], YUV color, decoders should clamp Hash2e6b85044add08b080d1d310abd8c99b 6a29282e1c5595773abc0bd6f7fc846ad90c88b0 1bd76179c5f67b3d646f4b8c82794756dfda913e39200b71e983c8248be3d8fe
GET /cdn-s9.cfglobalcdn.com/flv/api/files/thumbs_new/2021/10/17/1634456482cku0d/1634456482cku0d-640x480-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 03 May 2024 06:14:54 GMT
content-type: image/webp
content-length: 12486
last-modified: Mon, 08 Apr 2024 12:14:12 GMT
expires: Thu, 09 Apr 2026 00:14:12 GMT
cache-control: public, max-age=63115200
link: <http://cdn-s9.cfglobalcdn.com/flv/api/files/thumbs_new/2021/10/17/1634456482cku0d/1634456482cku0d-640x480-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "eeaca09f9a41e934"
vary: Accept
x-nc: MISS arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dns.google/resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true | 8.8.8.8 | 200 OK | 196 B |
URL GET HTTP/2dns.google/resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true IP8.8.8.8:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectdns.google FingerprintF6:C0:2A:1B:30:64:91:F5:F2:62:3A:0B:7A:46:EA:2B:9B:90:C3:FA ValidityMon, 08 Apr 2024 07:34:06 GMT - Mon, 01 Jul 2024 07:34:05 GMT
Hashb310288078e97924a66636758d0d2122 b16d387b44eb3f4ce44c7ca16ebfaaea5d9672d5 d64dc5854bee94a3318e987216919af6469319f782fa5c021e5b82dc846f4907
GET /resolve?name=154.42.90.91.in-addr.arpa&type=PTR&cd=true HTTP/1.1
Host: dns.google
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://younetu.org/
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
date: Fri, 03 May 2024 06:14:55 GMT
expires: Fri, 03 May 2024 06:14:55 GMT
cache-control: private, max-age=300
content-type: application/json; charset=UTF-8
content-encoding: gzip
server: HTTP server (unknown)
content-length: 196
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| correlationcocktailinevitably.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js | 172.240.108.68 | 200 OK | 14 kB |
URL GET HTTP/1.1correlationcocktailinevitably.com/ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js IP172.240.108.68:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectcorrelationcocktailinevitably.com Fingerprint9D:29:AF:9B:5E:11:7C:28:2A:99:00:DC:D0:79:70:64:71:03:BE:B0 ValidityThu, 11 Apr 2024 08:16:39 GMT - Wed, 10 Jul 2024 08:16:38 GMT
File typeJavaScript source, ASCII text, with very long lines (39623), with no line terminators Hash2b268682222da3a259842533d70f6f70 abf698143cac07ccc2220d5a54118fd7b6d34332 41298b813f9e7bbb402a818f4512ca6a428661b7be46ca07c38eee9a175ae4dc
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ab/0b/e2/ab0be2a44b7ecf91bdbd5cd360d84937.js HTTP/1.1
Host: correlationcocktailinevitably.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:56 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c50c9f17a9fbada41572cfd32a5d7da4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js | 104.17.247.203 | 200 OK | 2.4 kB |
URL GET HTTP/2unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js IP104.17.247.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text Hashd5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: "c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01HWRA5PTHBM6Y40WNWEFTRSGQ-arn
cf-cache-status: HIT
age: 208964
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87de1d0d7ce656bd-OSL
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats |  18.185.9.67 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.185.9.67:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash4becb3a5a43ed44e832abfb21a9dfefb 4806784fd8a531c4c8d5f0e63b1f0bff064eb8e8 c1762e764e59db76097803a368fd1348b04c56351903394e29dceaf832312ce6
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:57 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://younetu.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=75a20591-7c2b-4d3d-8ed3-9add7234aaf0:2:1; expires=Mon, 01 May 2034 06:14:57 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| marazma.com/sub/zxwk7krOl5 | 188.114.96.1 | 200 OK | 617 B |
URL GET HTTP/2marazma.com/sub/zxwk7krOl5 IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectmarazma.com Fingerprint59:97:1F:84:2D:08:1A:6C:B3:9C:22:D5:77:31:8B:C8:5F:A0:0B:43 ValidityMon, 25 Mar 2024 00:10:01 GMT - Sun, 23 Jun 2024 00:10:00 GMT
File typeHTML document, ASCII text Hash143bb2b766d541d812d1611deb5214be c5496756f523572b40edf2303b908043781e9213 02c5f57a077940444e91a2e72b8cdeefb95ae3e30822371c8161be3f04d2bda4
GET /sub/zxwk7krOl5 HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5j04tbjBiESKrPiLaPJdwb5H6rgXe1II58%2B4NgZMvyYNaTho1yLUZJLdXjjpRiy23Scbeg%2B0sM10Y1m4xj0XqfKLSIqzKurOqZvRr5o3TyFhVBmqk3M5K43HuAUE6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d1cec9cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.popmansion.com/load | 188.114.97.1 | 302 Found | 30 kB |
IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
Hash2f1e66d728a9ecdf39461e5a9083bade 6ac5ae8d867a9c8c46b78b700a9cc47395e86948 08e2061fb9854ef0e9c9b889b25eb16dade9565a195005eb002b701e6107bade
POST /load HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 92
Origin: https://xml.popmansion.com
DNT: 1
Connection: keep-alive
Referer: https://xml.popmansion.com/sub/ED05GzY
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 03 May 2024 06:14:57 GMT
content-type: text/html; charset=utf-8
location: https://xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9j7r4%2FqKpcNbz6JI39oBxR86yeOWsUEr17z5VYwApHSzrK57yKtayYqxf053P3a4BgiVRkv2mOcSwK7w%2FAiojvTIU4Ii7z5seV5fsMLP%2FR08rc0KJV22rld1HQw9dAunlRLQUAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d1e8bbc56a8-OSL
alt-svc: h3=":443"; ma=86400
|
|
| disablepovertyhers.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=75a20591-7c2b-4d3d-8ed3-9add7234aaf0%3A2%3A1 | 172.240.253.132 | 200 OK | 7.2 kB |
URL GET HTTP/1.1disablepovertyhers.com/sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=75a20591-7c2b-4d3d-8ed3-9add7234aaf0%3A2%3A1 IP172.240.253.132:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdisablepovertyhers.com Fingerprint0A:69:39:81:7E:C8:02:63:21:26:95:6A:6A:3F:CC:AA:B4:4E:C8:07 ValidityMon, 29 Apr 2024 08:17:06 GMT - Sun, 28 Jul 2024 08:17:05 GMT
Hash98eb9fb9476ff7c468fb37653d9e338c 8be562dd684a3bfc5cef11e443167b05e070aa86 1f0c61aa28c239cc2270a9b5d494c9f6eb05f155f0b45595a7aaac7117c25a69
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=ab0be2a44b7ecf91bdbd5cd360d84937&uuid=75a20591-7c2b-4d3d-8ed3-9add7234aaf0%3A2%3A1 HTTP/1.1
Host: disablepovertyhers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:57 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://younetu.org
Access-Control-Allow-Origin: https://younetu.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334947; expires=Sat, 04 May 2024 06:14:57 GMT; secure; SameSite=None
uid_id2=75a20591-7c2b-4d3d-8ed3-9add7234aaf0:2:1; expires=Fri, 10 May 2024 06:14:57 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 04 May 2024 06:14:57 GMT; secure; SameSite=None
uncs=1; expires=Sat, 04 May 2024 06:14:57 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 04 May 2024 06:14:57 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 04 May 2024 06:14:57 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70b84de250943f21c616c9e55e78e060
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerSectigo Limited Subject*.poprtb.com FingerprintBC:1E:BA:6C:0D:14:DC:3F:C7:53:D4:7C:D1:CE:5A:EC:61:16:21:71 ValidityThu, 27 Jul 2023 00:00:00 GMT - Fri, 26 Jul 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=491010&auth=OpDJQF&pubid=152420 HTTP/1.1
Host: xml.poprtb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://marazma.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 06:14:57 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| disablepovertyhers.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitniwoeBAlNxXmoKAkO9vd86NnzCEY48rimg2JoheRqq6a2XJrujpVXdOze1oSkBwHwXvvm%2F2BGiT%2BAQnSG8hhQcgoyIIuiP%2BBQsCbzDg4%2Bl2%2B7%2FV7Da%2Fe932%2B585ICEdPr76vd6RSdKVZ86uvfxwEl6rrMnHD6rDd%2BrTVuFQ1gzc7rZr%2FRvVdEW%2FpldAPfD%2Fwg%2BqqNKKrhytTEjK91wlqHb%2FWCGtBs4Gh%2BT%2B2zoOlHvjgjLwIySdLj7zzkHGJpH%2F%2FqrBbmU4vvtN3imbaYMCPPky2Ep0n6C%2FGrvHQTY7mamj7ZPUhdHIwsws9%2BFfI5IR4jx%2BCJUdzk2CD%2FZlPpiASMP4c8kEJoUpIWiLWdyD5EwLEHNc2kPQPr2mT0%2B1%2FWDplJ2Tp6Z%2BQ%2BYQs%2FXoeSf%2FbK0oOqze1cpnUicWwW0AOS8heidQdI9upQObHiLPbkPwHsvJ0HUl%2Ff8MqDclPX42aNPSbnWA5ikO23OB1vtwWvL7coZxHYb1BadefBSRlCdktocQI1FbgrAcnPbiuB5d66PPTahwEQeTzmPrtThzXeSRYi%2FsBjboBDfxWGy6evmGELB0hViPEZhep2cWWHMG472E3C1juwWYEA14gFwS5JcgpQS4J8owgHxQHXNnQFodcWceCeQ%2FnvV6Mddbbowc664mEgJoRDC%2F20jPywjRA79nbY2yJ0yplPhMhbTRYJOJuJ2Cc8WbM6y2ftxudegQrC0hbAbUeduSEvPzgAlI5Ic988gsYPYZVx4jla6DuFdC8AN0ssJMcbt66Vcs0uC6QZkvItr09dUZemi3v2k%2BPIeKTy7%2FXZ4XYFEhNgc%2FkI4Keuju%2BoXOyf0Pnlny3kWayL3fodLE3M5qJc1%2B%2FJ7ZzbfjaVTv66q14SkzHex8Im63ThMukZ8k3VyTnwqxqEwvyYM1%2BJNh1ZzevOJO4dP3626tr%2FdQIa6VOStDpjf5hEMsJef7Li7ObvfDXz5CmhHEF%2Bu6EzAtSl4jTXdh04d9qAqMWGpZ6yF0xNiFbfFSSQIkFpqyA%2FQ9mi3ls6PRvKos9exc9UwHN7iDpFxiYAgNVgKoRrDs3zlJzcvnHuQ2mKmOmTGWfKaO%2BmMU8IWsb92HlaTWq133a6jSDKKIiYo2w3W0FnNKw0QpbLVpHZifdxu5vfwMAAP%2F%2FAQAA%2F%2F%2B0ELe1jQQAAA%3D%3D | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1disablepovertyhers.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitniwoeBAlNxXmoKAkO9vd86NnzCEY48rimg2JoheRqq6a2XJrujpVXdOze1oSkBwHwXvvm%2F2BGiT%2BAQnSG8hhQcgoyIIuiP%2BBQsCbzDg4%2Bl2%2B7%2FV7Da%2Fe932%2B585ICEdPr76vd6RSdKVZ86uvfxwEl6rrMnHD6rDd%2BrTVuFQ1gzc7rZr%2FRvVdEW%2FpldAPfD%2Fwg%2BqqNKKrhytTEjK91wlqHb%2FWCGtBs4Gh%2BT%2B2zoOlHvjgjLwIySdLj7zzkHGJpH%2F%2FqrBbmU4vvtN3imbaYMCPPky2Ep0n6C%2FGrvHQTY7mamj7ZPUhdHIwsws9%2BFfI5IR4jx%2BCJUdzk2CD%2FZlPpiASMP4c8kEJoUpIWiLWdyD5EwLEHNc2kPQPr2mT0%2B1%2FWDplJ2Tp6Z%2BQ%2BYQs%2FXoeSf%2FbK0oOqze1cpnUicWwW0AOS8heidQdI9upQObHiLPbkPwHsvJ0HUl%2Ff8MqDclPX42aNPSbnWA5ikO23OB1vtwWvL7coZxHYb1BadefBSRlCdktocQI1FbgrAcnPbiuB5d66PPTahwEQeTzmPrtThzXeSRYi%2FsBjboBDfxWGy6evmGELB0hViPEZhep2cWWHMG472E3C1juwWYEA14gFwS5JcgpQS4J8owgHxQHXNnQFodcWceCeQ%2FnvV6Mddbbowc664mEgJoRDC%2F20jPywjRA79nbY2yJ0yplPhMhbTRYJOJuJ2Cc8WbM6y2ftxudegQrC0hbAbUeduSEvPzgAlI5Ic988gsYPYZVx4jla6DuFdC8AN0ssJMcbt66Vcs0uC6QZkvItr09dUZemi3v2k%2BPIeKTy7%2FXZ4XYFEhNgc%2FkI4Keuju%2BoXOyf0Pnlny3kWayL3fodLE3M5qJc1%2B%2FJ7ZzbfjaVTv66q14SkzHex8Im63ThMukZ8k3VyTnwqxqEwvyYM1%2BJNh1ZzevOJO4dP3626tr%2FdQIa6VOStDpjf5hEMsJef7Li7ObvfDXz5CmhHEF%2Bu6EzAtSl4jTXdh04d9qAqMWGpZ6yF0xNiFbfFSSQIkFpqyA%2FQ9mi3ls6PRvKos9exc9UwHN7iDpFxiYAgNVgKoRrDs3zlJzcvnHuQ2mKmOmTGWfKaO%2BmMU8IWsb92HlaTWq133a6jSDKKIiYo2w3W0FnNKw0QpbLVpHZifdxu5vfwMAAP%2F%2FAQAA%2F%2F%2B0ELe1jQQAAA%3D%3D IP172.240.253.132:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdisablepovertyhers.com Fingerprint0A:69:39:81:7E:C8:02:63:21:26:95:6A:6A:3F:CC:AA:B4:4E:C8:07 ValidityMon, 29 Apr 2024 08:17:06 GMT - Sun, 28 Jul 2024 08:17:05 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitniwoeBAlNxXmoKAkO9vd86NnzCEY48rimg2JoheRqq6a2XJrujpVXdOze1oSkBwHwXvvm%2F2BGiT%2BAQnSG8hhQcgoyIIuiP%2BBQsCbzDg4%2Bl2%2B7%2FV7Da%2Fe932%2B585ICEdPr76vd6RSdKVZ86uvfxwEl6rrMnHD6rDd%2BrTVuFQ1gzc7rZr%2FRvVdEW%2FpldAPfD%2Fwg%2BqqNKKrhytTEjK91wlqHb%2FWCGtBs4Gh%2BT%2B2zoOlHvjgjLwIySdLj7zzkHGJpH%2F%2FqrBbmU4vvtN3imbaYMCPPky2Ep0n6C%2FGrvHQTY7mamj7ZPUhdHIwsws9%2BFfI5IR4jx%2BCJUdzk2CD%2FZlPpiASMP4c8kEJoUpIWiLWdyD5EwLEHNc2kPQPr2mT0%2B1%2FWDplJ2Tp6Z%2BQ%2BYQs%2FXoeSf%2FbK0oOqze1cpnUicWwW0AOS8heidQdI9upQObHiLPbkPwHsvJ0HUl%2Ff8MqDclPX42aNPSbnWA5ikO23OB1vtwWvL7coZxHYb1BadefBSRlCdktocQI1FbgrAcnPbiuB5d66PPTahwEQeTzmPrtThzXeSRYi%2FsBjboBDfxWGy6evmGELB0hViPEZhep2cWWHMG472E3C1juwWYEA14gFwS5JcgpQS4J8owgHxQHXNnQFodcWceCeQ%2FnvV6Mddbbowc664mEgJoRDC%2F20jPywjRA79nbY2yJ0yplPhMhbTRYJOJuJ2Cc8WbM6y2ftxudegQrC0hbAbUeduSEvPzgAlI5Ic988gsYPYZVx4jla6DuFdC8AN0ssJMcbt66Vcs0uC6QZkvItr09dUZemi3v2k%2BPIeKTy7%2FXZ4XYFEhNgc%2FkI4Keuju%2BoXOyf0Pnlny3kWayL3fodLE3M5qJc1%2B%2FJ7ZzbfjaVTv66q14SkzHex8Im63ThMukZ8k3VyTnwqxqEwvyYM1%2BJNh1ZzevOJO4dP3626tr%2FdQIa6VOStDpjf5hEMsJef7Li7ObvfDXz5CmhHEF%2Bu6EzAtSl4jTXdh04d9qAqMWGpZ6yF0xNiFbfFSSQIkFpqyA%2FQ9mi3ls6PRvKos9exc9UwHN7iDpFxiYAgNVgKoRrDs3zlJzcvnHuQ2mKmOmTGWfKaO%2BmMU8IWsb92HlaTWq133a6jSDKKIiYo2w3W0FnNKw0QpbLVpHZifdxu5vfwMAAP%2F%2FAQAA%2F%2F%2B0ELe1jQQAAA%3D%3D HTTP/1.1
Host: disablepovertyhers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=75a20591-7c2b-4d3d-8ed3-9add7234aaf0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98c0a640305e7b61f939efaa410243c0
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| slideaspen.com/pixel/purst?dl=0&th=0&sc=0&rs=3672&rd=3672&fd=537&bv=24.4.7838&tmpl=136 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1slideaspen.com/pixel/purst?dl=0&th=0&sc=0&rs=3672&rd=3672&fd=537&bv=24.4.7838&tmpl=136 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectslideaspen.com FingerprintB7:74:ED:51:55:88:04:32:92:6A:E7:94:48:04:F5:63:41:31:BC:FE ValidityMon, 29 Apr 2024 08:11:02 GMT - Sun, 28 Jul 2024 08:11:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=3672&rd=3672&fd=537&bv=24.4.7838&tmpl=136 HTTP/1.1
Host: slideaspen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:58 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 188.114.96.1 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 214594
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9M2xCzExp2V%2BAltUGA0eRso6iODhWTEytsdSmot%2Fp1VckiYTclJb9cEtmtPr2wMRY6r8EPIi2Z0IbVYU5AcPo4jXr6fBHj%2B44tUDUokHBjrqgJuSbqGWeY5tjYp77ueu4gaRMeJlgL9%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d26199d56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| marazma.com/load | 188.114.96.1 | 302 Found | 359 B |
IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectmarazma.com Fingerprint59:97:1F:84:2D:08:1A:6C:B3:9C:22:D5:77:31:8B:C8:5F:A0:0B:43 ValidityMon, 25 Mar 2024 00:10:01 GMT - Sun, 23 Jun 2024 00:10:00 GMT
File typeHTML document, ASCII text Hash03b8712e5691ef83bf8f3d4dbbc14742 47b5792c6c4a46babee2cd91651da3f7a067eb0b 389f9f92b519813c86bd74d77e63756199534667d74597bf4eba134b2601244f
POST /load HTTP/1.1
Host: marazma.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 92
Origin: https://marazma.com
DNT: 1
Connection: keep-alive
Referer: https://marazma.com/sub/zxwk7krOl5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Fri, 03 May 2024 06:14:57 GMT
content-type: text/html; charset=utf-8
location: https://xml.poprtb.com/redirect?feed=491010&auth=OpDJQF&pubid=152420
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vxLkN8e3RuwVvz%2Fczb3gbiM9A%2F%2BgKv%2Fuc6cRmbh2m8cRiLUq7AnsYHTBiCu7aKToCTXXJqhQA6SFsu5U0yELuhH1xmEiz4MtrmD7FLn9VJ2HLHOieYSo7bhDI6nfzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d1e7a7b56c6-OSL
alt-svc: h3=":443"; ma=86400
|
|
| xml.cachegorilla.com/redirect?feed=652770&auth=kWcHhV&pubid=202912 | 173.239.53.20 | 200 OK | 0 B |
URL GET HTTP/1.1xml.cachegorilla.com/redirect?feed=652770&auth=kWcHhV&pubid=202912 IP173.239.53.20:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerSectigo Limited Subject*.cachegorilla.com Fingerprint29:B3:53:29:E3:6F:D3:48:F6:66:3E:78:57:05:A6:19:12:0D:2C:4A ValidityFri, 10 Nov 2023 00:00:00 GMT - Sun, 10 Nov 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=652770&auth=kWcHhV&pubid=202912 HTTP/1.1
Host: xml.cachegorilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 06:14:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.10 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sun, 05 May 2024 06:14:58 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.13 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.13:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 03 May 2024 06:14:58 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1dbf8353feea2352116bc565c1dfd83
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 188.114.96.1 | 200 OK | 34 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash630f303dfe147dec2c4a226287393b69 3e9f8270b84e09595181bd55de6785a89f53ba10 967d085a33a12064d83cb38f582c3e418e021a2d523dd9597bb75dc00589fec7
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 208882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5puEEqO2hXM7IXLTH%2BaS%2BtnbumY5avCfOQW5uCI63%2BwZXuuHjw9TBxFvNSw5WWcalssV5mooYIsSe5JpNXq64c%2BY9WZPJRDhAecKqECjopJSlJPFhyL6DhcklQ2rBNZUmr0GDXX6I2vq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d25e97c56c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 22:40:35 GMT
expires: Fri, 02 May 2025 22:40:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 27264
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| disablepovertyhers.com/pixel/sbs?c=1 | 172.240.127.234 | 200 OK | 0 B |
URL GET HTTP/1.1disablepovertyhers.com/pixel/sbs?c=1 IP172.240.127.234:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdisablepovertyhers.com Fingerprint0A:69:39:81:7E:C8:02:63:21:26:95:6A:6A:3F:CC:AA:B4:4E:C8:07 ValidityMon, 29 Apr 2024 08:17:06 GMT - Sun, 28 Jul 2024 08:17:05 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: disablepovertyhers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=75a20591-7c2b-4d3d-8ed3-9add7234aaf0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:59 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| disablepovertyhers.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR91RlQcCFKdir0QkFJpqeqv9ssgjGODI6ZkCi6EXlf1fOc1%2FUq79Xr6pnVkIBk2Qjua07PB2qQ%2BAMSpCeQxYCQVpABHRD%2FgULAnXTb2Ho39546p%2BC8c%2B%2Fne%2F6MVOHp6dX3zY7Smq40KmH59Y%2Bj6FJ5XSV%2BUB60m58265fKtv9mp1kJ3yi%2FK%2FmWWamGURhGYVReVVbGZrAyJaHSe52o0gkr9WolatQxsP%2FHzgdwNIDon5EXocRk6VFwHoqPkfTuX5VuKzPpxXd6XtPMWPTF0YfJVmLyBL3FGNsAcXI0V8O4J6sPYZKDmV2Y%2Fr9CpiYkePwQLDmamwTr7898Mg2ZgInnkPfHkHoMRcfg5g6UeEIALnBtA0nv8JqxOd3%2Bh6VTdkKWnv4JlU%2FI0q%2FnkfS%2BvaLVoHzTaJ8pkzgM4gJqMIbqjpH6Y2Q7Jaj8GDy7DSV%2BICtP15H09jecNlDi9NVWg1bDRidabvEqW66LmlhuS1Fb7lAhWtVandI4nAWk1BgqHkPLIagrwbsAXgXwcQCfBuiJ0zKPoqgVCk7DdofzmmhJ1hRhRFtxRKOw2Ybn0zcMkaVDcD0Et7tI7S621BDWfw%2B3WcCJAC4j6IsCuSTIHUFOCXJFkGcEeb84ENpVXXEotPMsmvfqvNeKkcm6e%2FTAZF2ZEFA7hBXFXnpGXpgGGDx7e4QteVqmLGSySut11pI87kRMMNHgotYMRbveqbXgVAHlSqAuwI6akJcfXECqJuSZT34Bo8dw%2BhhcvQbqXwHNC9DNAjvJ4eatW5XMQJgCabaEbDvY02fkpdnyrv30GJKfXP69NitwWyC1BT5Tjwi6%2Bu7ohsnJ%2Fg2TO%2FLdRpqpntqh08XezGgmz339ntzOjRVrV93wq7f4lJiO9z6QLluniVBJ15FvrighpF01lkvyYM19JNl17zaveJv4dP3626trvdRK55RJxqDTG%2F3DgqsJef7Li7ObvfDXz1B2DOsL9PwJmReUGYOnu3Dpwr8zBFYvNCwNkPtiZKts8VErAi0XmLIC7j%2BYLeaRpdO%2FqSr23F10bQk0u4OkV6BvC%2FR1AaqHcP7cKEvtyeUf5zaYLo2YtqV9pq3%2BYhbzhKxt3IdTp%2BVaKFpMxrLFZL1RjyUXrNFgIY85q4l2myNzk7i%2B%2B9vfAAAA%2F%2F8BAAD%2F%2FzTEYl2NBAAA | 172.240.253.132 | 200 OK | 7 B |
URL GET HTTP/1.1disablepovertyhers.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR91RlQcCFKdir0QkFJpqeqv9ssgjGODI6ZkCi6EXlf1fOc1%2FUq79Xr6pnVkIBk2Qjua07PB2qQ%2BAMSpCeQxYCQVpABHRD%2FgULAnXTb2Ho39546p%2BC8c%2B%2Fne%2F6MVOHp6dX3zY7Smq40KmH59Y%2Bj6FJ5XSV%2BUB60m58265fKtv9mp1kJ3yi%2FK%2FmWWamGURhGYVReVVbGZrAyJaHSe52o0gkr9WolatQxsP%2FHzgdwNIDon5EXocRk6VFwHoqPkfTuX5VuKzPpxXd6XtPMWPTF0YfJVmLyBL3FGNsAcXI0V8O4J6sPYZKDmV2Y%2Fr9CpiYkePwQLDmamwTr7898Mg2ZgInnkPfHkHoMRcfg5g6UeEIALnBtA0nv8JqxOd3%2Bh6VTdkKWnv4JlU%2FI0q%2FnkfS%2BvaLVoHzTaJ8pkzgM4gJqMIbqjpH6Y2Q7Jaj8GDy7DSV%2BICtP15H09jecNlDi9NVWg1bDRidabvEqW66LmlhuS1Fb7lAhWtVandI4nAWk1BgqHkPLIagrwbsAXgXwcQCfBuiJ0zKPoqgVCk7DdofzmmhJ1hRhRFtxRKOw2Ybn0zcMkaVDcD0Et7tI7S621BDWfw%2B3WcCJAC4j6IsCuSTIHUFOCXJFkGcEeb84ENpVXXEotPMsmvfqvNeKkcm6e%2FTAZF2ZEFA7hBXFXnpGXpgGGDx7e4QteVqmLGSySut11pI87kRMMNHgotYMRbveqbXgVAHlSqAuwI6akJcfXECqJuSZT34Bo8dw%2BhhcvQbqXwHNC9DNAjvJ4eatW5XMQJgCabaEbDvY02fkpdnyrv30GJKfXP69NitwWyC1BT5Tjwi6%2Bu7ohsnJ%2Fg2TO%2FLdRpqpntqh08XezGgmz339ntzOjRVrV93wq7f4lJiO9z6QLluniVBJ15FvrighpF01lkvyYM19JNl17zaveJv4dP3626trvdRK55RJxqDTG%2F3DgqsJef7Li7ObvfDXz1B2DOsL9PwJmReUGYOnu3Dpwr8zBFYvNCwNkPtiZKts8VErAi0XmLIC7j%2BYLeaRpdO%2FqSr23F10bQk0u4OkV6BvC%2FR1AaqHcP7cKEvtyeUf5zaYLo2YtqV9pq3%2BYhbzhKxt3IdTp%2BVaKFpMxrLFZL1RjyUXrNFgIY85q4l2myNzk7i%2B%2B9vfAAAA%2F%2F8BAAD%2F%2FzTEYl2NBAAA IP172.240.253.132:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdisablepovertyhers.com Fingerprint0A:69:39:81:7E:C8:02:63:21:26:95:6A:6A:3F:CC:AA:B4:4E:C8:07 ValidityMon, 29 Apr 2024 08:17:06 GMT - Sun, 28 Jul 2024 08:17:05 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR91RlQcCFKdir0QkFJpqeqv9ssgjGODI6ZkCi6EXlf1fOc1%2FUq79Xr6pnVkIBk2Qjua07PB2qQ%2BAMSpCeQxYCQVpABHRD%2FgULAnXTb2Ho39546p%2BC8c%2B%2Fne%2F6MVOHp6dX3zY7Smq40KmH59Y%2Bj6FJ5XSV%2BUB60m58265fKtv9mp1kJ3yi%2FK%2FmWWamGURhGYVReVVbGZrAyJaHSe52o0gkr9WolatQxsP%2FHzgdwNIDon5EXocRk6VFwHoqPkfTuX5VuKzPpxXd6XtPMWPTF0YfJVmLyBL3FGNsAcXI0V8O4J6sPYZKDmV2Y%2Fr9CpiYkePwQLDmamwTr7898Mg2ZgInnkPfHkHoMRcfg5g6UeEIALnBtA0nv8JqxOd3%2Bh6VTdkKWnv4JlU%2FI0q%2FnkfS%2BvaLVoHzTaJ8pkzgM4gJqMIbqjpH6Y2Q7Jaj8GDy7DSV%2BICtP15H09jecNlDi9NVWg1bDRidabvEqW66LmlhuS1Fb7lAhWtVandI4nAWk1BgqHkPLIagrwbsAXgXwcQCfBuiJ0zKPoqgVCk7DdofzmmhJ1hRhRFtxRKOw2Ybn0zcMkaVDcD0Et7tI7S621BDWfw%2B3WcCJAC4j6IsCuSTIHUFOCXJFkGcEeb84ENpVXXEotPMsmvfqvNeKkcm6e%2FTAZF2ZEFA7hBXFXnpGXpgGGDx7e4QteVqmLGSySut11pI87kRMMNHgotYMRbveqbXgVAHlSqAuwI6akJcfXECqJuSZT34Bo8dw%2BhhcvQbqXwHNC9DNAjvJ4eatW5XMQJgCabaEbDvY02fkpdnyrv30GJKfXP69NitwWyC1BT5Tjwi6%2Bu7ohsnJ%2Fg2TO%2FLdRpqpntqh08XezGgmz339ntzOjRVrV93wq7f4lJiO9z6QLluniVBJ15FvrighpF01lkvyYM19JNl17zaveJv4dP3626trvdRK55RJxqDTG%2F3DgqsJef7Li7ObvfDXz1B2DOsL9PwJmReUGYOnu3Dpwr8zBFYvNCwNkPtiZKts8VErAi0XmLIC7j%2BYLeaRpdO%2FqSr23F10bQk0u4OkV6BvC%2FR1AaqHcP7cKEvtyeUf5zaYLo2YtqV9pq3%2BYhbzhKxt3IdTp%2BVaKFpMxrLFZL1RjyUXrNFgIY85q4l2myNzk7i%2B%2B9vfAAAA%2F%2F8BAAD%2F%2FzTEYl2NBAAA HTTP/1.1
Host: disablepovertyhers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Cookie: u_pl=17334947; uid_id2=75a20591-7c2b-4d3d-8ed3-9add7234aaf0:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:59 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a73951e1c739224db510faa672254fa
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 101999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 188.114.96.1 | 200 OK | 7.1 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash4f5f05ab032dd8fc0db448fcf51a35e2 78f94f93fdb792d95ea3ac293ac1b8e3bc13d609 7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 92410
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jefsm1ZZ3wPewISimAQBIe50tuBAz1VIaMiR5oKpDAKg5KUn7U2JedK9hkfpDyhf8m4S7e8fejjW%2BDf6txGBobF2YlkbhOhsBZqtmj%2F3UOZobj%2FZuHZhFnuNml%2FKLP%2FDODe%2FO4EBY4vK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d280b3456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.cc/favicon.ico | 104.26.7.219 | 200 OK | 42 kB |
IP104.26.7.219:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q CertificateIssuerLet's Encrypt Subjectyounetu.cc Fingerprint51:C8:E6:4E:6B:51:0E:06:AB:AE:8B:42:41:D7:6E:DD:96:36:FB:58 ValidityMon, 01 Apr 2024 21:29:48 GMT - Sun, 30 Jun 2024 21:29:47 GMT
File typeMS Windows icon resource - 1 icon, 100x100, 32 bits/pixel Hash1f1617bb9d33485e49af9fae638831f9 e245af39fd84866e07b7e177fa0ff6d25221252f 3fe1701b124953220bd71e61910006cb7c3ae36f6c8975075c842101d97cf513
GET /favicon.ico HTTP/1.1
Host: younetu.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Fri, 10 May 2024 06:14:54 GMT
last-modified: Mon, 04 May 2020 19:52:00 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EXtIo6sI6gQZ%2FZqQtoYxzxCnliv2RfbbL8P2f%2BRjGvDf1qznwDFSxWyOVc9RtcHOjjJiOFG3%2FpSaGnZ69t%2Bg6ppTpnVplI4Pa3qtGmA7zcT2vFvxBSJ%2F8L073D4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0c2d2e56c6-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| younetu.org/js/websocket_ip.min.js | 188.114.97.1 | 200 OK | 4.6 kB |
URL GET HTTP/3younetu.org/js/websocket_ip.min.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (4798), with no line terminators Hash7c354bd309d3152f26fd4c61b1f7eb2b 2dc50304cfaecb57148a5001827f8e0b19acb9ca f88d924353140c3c8cbfd2ce7f128539408029907fadeaa0f5cb81c4fde1e1e8
GET /js/websocket_ip.min.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 214584
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B7HwE%2FO0NjFjb%2F%2FtGv20MxNF451pf7wlooV4J89wcuV0N348bciUOVFeGsS1TS9o%2FcXsPlXqsYoVCYd0wbDUpaMyV4FyEIlwj8QPoB6LPUwjtTvB04xxsvcZxrwpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d181d5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js | 188.114.97.1 | 200 OK | 1.2 kB |
URL GET HTTP/3younetu.org/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeHTML document, ASCII text, with very long lines (1271), with no line terminators Hash40d981045a7516cdadd00e8dccc9c58d 8b8d9a48c6b9d2fba596034ef5db3dd0f2f781c3 71c7d5fc630ff38080f71945be1e8b0c43140d8c25338056b752495e18739c0c
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript
last-modified: Tue, 30 Apr 2024 15:20:25 GMT
etag: W/"66310c39-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2%2BBkgT3ryGxWwXl42XKRaWfFmX4NOAk4%2BoAQ%2FeogdsRPSk9c952QMjVP3fsVryiv2m1bJG4XVgMc4FS885RX7lC8gxif%2FtJFdcNe8ijY7YHUgvmzP0ugD%2FFvj6LFJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d0d28205688-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 05 May 2024 06:14:54 GMT
cache-control: max-age=172800, public
content-encoding: gzip
|
|
| duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico | 0.0.0.0 | | 0 B |
URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico IP0.0.0.0:0
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| younetu.org/ad/top/popunder.js | 188.114.97.1 | 200 OK | 21 B |
URL GET HTTP/3younetu.org/ad/top/popunder.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeASCII text, with no line terminators Hash533a813ddb8f84d7e018bf8e6296c44d 8c95af23d5dc502f1bc3395a6d2e339e696c0d3e a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/top/popunder.js HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 218731
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cF6lYjnYz58dQaKDMThNtahkNO44TppdrbYqViRW0NRTer6Co9%2FRuWb6p%2FtowB%2FacPGRV%2FPthNOLagDvhRYt5pLO%2B%2FU%2BACqaURnH4iERjWIIh0QxuIIIg5S2w%2B9XgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d0d483f5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/player/get_player_image.php | 188.114.97.1 | 200 OK | 37 kB |
URL POST HTTP/3younetu.org/player/get_player_image.php IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Hash2457056ea5e421d7b40f725906e003a8 bc9e379e81db474be51273c6fa88b87853a58263 33018a55f235fd849619256366f86e28b3fa1020d1908f51e4aff223e9595435
POST /player/get_player_image.php HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 75
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-image-colors-src: 0
x-file-located: temp, filename:../files/temp/video_images/d/0/1634456482cku0d-1.jpg
x-clickarr-add-e: 1
x-image-size: 26097
x-image-colors: 0
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ekoze6iRthSm%2Fz3cMSdlL4LRNiZFe1rV8JK55w8rhQ9AY%2BsvxU7Vii7cC31hZQ1tEsncubPRhJdVup1EMzkSVze16QcwziGt%2BBLE%2FDOvTg7%2FwA3oIVM3mIEGPy0DIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0f79aa5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| disablepovertyhers.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js | 172.240.253.132 | 200 OK | 82 kB |
URL GET HTTP/1.1disablepovertyhers.com/f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js IP172.240.253.132:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdisablepovertyhers.com Fingerprint0A:69:39:81:7E:C8:02:63:21:26:95:6A:6A:3F:CC:AA:B4:4E:C8:07 ValidityMon, 29 Apr 2024 08:17:06 GMT - Sun, 28 Jul 2024 08:17:05 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hasha74eb501d84da533b20d58ed605aeed3 27e67ebcfb4884714f94af9b29de645e5874966b 318b3e4d32f6b26164ce9b540f78e48e7c95a99340ff76196f83d4d2f17c2d52
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /f9/f0/4e/f9f04e429487bb9ba54c1aa49ea7bed4.js HTTP/1.1
Host: disablepovertyhers.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 03 May 2024 06:14:57 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5bfab38cda7940235c90456ed893248f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 03 May 2024 06:14:58 GMT
date: Fri, 03 May 2024 06:14:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| sadjklq.com/netu.php | 104.21.11.97 | 200 OK | 1.2 kB |
IP104.21.11.97:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectsadjklq.com FingerprintD1:33:E5:F4:20:D9:7B:29:27:B0:2B:A2:35:84:EC:89:C3:5E:27:1A ValidityWed, 20 Mar 2024 03:32:35 GMT - Tue, 18 Jun 2024 03:32:34 GMT
File typeASCII text, with very long lines (1195), with no line terminators Hashf671c192794346df3bb843c79776585b c456fa2f8338ad4b94718fbe2da1588ff7c5cb23 29dc14fdc930ddd035b093a503aad2632c230e9affcd54427d5920d1487e01de
GET /netu.php HTTP/1.1
Host: sadjklq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PPOqdz0MLZ9I56fZ%2B8SQoefUuU%2BfeNQKigHSE2UI5gAXWIlH9%2FdPMpMXXcbOlD%2B3KB7qIT3Er1ACY5wH%2FDxItqVuS57vYZiTz7mu9CZvxrzXd6pO3jMA00rHNlkL8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d10b908b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (3229), with no line terminators Hash0b579b1f5697d55d3bc0856975d08243 e68a8e8bc08f86086744aba736df40ca7bea6d01 8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 03 May 2024 07:14:58 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| xml.popmansion.com/sub/ED05GzY | 188.114.97.1 | 200 OK | 233 B |
URL GET HTTP/2xml.popmansion.com/sub/ED05GzY IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
File typeHTML document, ASCII text, with no line terminators Hash6495b73f0e0a22250eaad408c3a4ff54 152c11e78181209d086b1f655d72a9a038a80298 0e181548ece072dba69b7488f4e47b46d0e0bb319c0f5654d0ca38c83c4c168c
GET /sub/ED05GzY HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CyyaQZA%2B47%2F92H0iVTHSeCEJRNVXMyyiSPlG9AQqGRML8Ca5TEbD5d9WTO6A6ff63GFitMUD4hRxo5fnsQk%2BIokWKbFrCBZAYemNwXD4hXD2D7OvM12djs%2Fg8%2BcjDRcqV8tuUHo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d1d081c712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js | 104.17.247.203 | 200 OK | 30 kB |
URL GET HTTP/2unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js IP104.17.247.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (29325) Hash013916ab61482481d8de9742a0f95bee 546bb742502faa36f8c2bb954c2f028187660404 73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: "7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01HWR0PQM08SRQ1T3DGM73EQSZ-arn
cf-cache-status: HIT
age: 218892
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87de1d0d7ce956bd-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/jquery@2.2.4/dist/jquery.min.js | 104.17.247.203 | 200 OK | 86 kB |
URL GET HTTP/2unpkg.com/jquery@2.2.4/dist/jquery.min.js IP104.17.247.203:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectunpkg.com Fingerprint2E:F1:F6:31:28:EC:29:20:41:F4:58:4B:B1:CF:51:16:77:7E:BF:E3 ValidityMon, 01 Apr 2024 02:40:24 GMT - Sun, 30 Jun 2024 02:40:23 GMT
File typeJavaScript source, ASCII text, with very long lines (32065) Hash2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: br
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: "14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HWR0PQW4S28HPX7SXS45MBKH-arn
cf-cache-status: HIT
age: 218892
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 87de1d0d7cee56bd-OSL
X-Firefox-Spdy: h2
|
|
| younetu.org/js/d_check.js?35 | 188.114.97.1 | 200 OK | 3.5 kB |
URL GET HTTP/3younetu.org/js/d_check.js?35 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (3599), with no line terminators Hash47dd2e972f0059419379ce10022af024 664d680f87701f4aa0b32f6bee82ed57ab992afc 41ac5f66afda4f18ce3423349e6a070dab8cbcd99ed9ad1101f82fbc6b24f5fa
GET /js/d_check.js?35 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
etag: W/"65190d56-d80"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 208969
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LrTz3FxvNvz0S7ZiCKcyoulUgVqwicY0ic7MudEawQzhLznCVGXpN9Pc57DRlDBOohthw0PJVRTOt3XPmmMgWgMEAsFH2Wrdxj%2BSu5x6s0YMPWO0YkyctL3To2LlzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d38385688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/js/script_33.11.js?16 | 188.114.97.1 | 200 OK | 7.0 kB |
URL GET HTTP/3younetu.org/js/script_33.11.js?16 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (7103), with no line terminators Hash98cd73beea886c747a13cf869d64398f 9b0c0062c7863a1df27f8b563732f72f5f38a176 720e4b5e774911a3fde9a12e1d37d170132b204e1b0e79c84cc9339ed15be88c
GET /js/script_33.11.js?16 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Dec 2023 20:09:58 GMT
etag: W/"6585ed16-1b3e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 214583
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lALi3acmQB0SA7sFkaLHWeTeb6Xo7SAhAKss0Z3lkD5huiba24MjQbb9Bgfl1P%2B82t4zmrElixWjWi0m0fW0uDd8FaGlvIu1uxupyLWL9Z8olBYkeAPl22rIa3P3mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0f29665688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| younetu.org/cdn-cgi/trace | 188.114.97.1 | 200 OK | 255 B |
URL GET HTTP/3younetu.org/cdn-cgi/trace IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeASCII text, with no line terminators Hash47afdd7cafb6f07c7827e4c8a4d8503c b836e7183d2738f6485e7b34e64cb65115a19fcd 4ec8f91125e4ee1c0be22a6976e6339565d38d194d5dc8bbf0befd7cf53dcdee
GET /cdn-cgi/trace HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: text/plain
access-control-allow-origin: *
server: cloudflare
cf-ray: 87de1d0f296f5688-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
content-encoding: gzip
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 188.114.96.1 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 223042
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wIHlWNozugujUcS67M415uPTNfJSfkYdaHVgfohiz4u8znDqNNGyBxjCQpcFHTPM%2BWtrI0iORxVHEZXHf8gMcD3s0%2B3g0GIU4J4yQiHYf5Ms1fl59CYAhXrIm7MDB0a1oY0edsXz%2FTuB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d2679e456c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no | 188.114.97.1 | 200 OK | 155 kB |
URL GET HTTP/2younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no IP188.114.97.1:443
Requested byhttps://younetu.cc/player/embed_player.php?vid=vfuTQKn1RA7Q CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
Size155 kB (154618 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//younetu.org>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hVpQGQkDxH7H%2FCRonSTOf4VhNc3ql1daPpQcy3vlH6OQZFJFiktxc1TEQCsgnVoz5syQ306F5LA%2FiPcE%2BSjl3nfhNJhBgZlq3cXMIYWL%2FtSfmrDticePu8d5Dco9Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0bd8fa7129-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:57 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 93d691b8216b89a3101081734fe62071
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 06:14:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5fukrCMzSMKrR1CUgvwtPR9CMdWKuYNbQ6flIO9MgImGXLENH16U6vM%2FDTF1jQlcjgXebX%2B8%2BNOVsCjgBLsZlka2BC2VQWndyB%2FfTRjq2MsX%2BxSTyA8GsjH6oE2xzQHlV1hZEqwFGmLKNANihKroA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d1f6f62b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP188.114.96.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://younetu.org
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 163708
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nKdfjnV1w5dFR6UotQ7UB95qgbjMwx7IbaCxy4ESfYizNO5lnDKbUrryuztMxm6qWQWCdnaisrxDWnD99EJt0ct8HVT%2FTpKiHq2UDeTEKTjTRLcbamo1HZi%2F%2BUq8h3BVfSj4jO4A0e24"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d25e98056c5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| younetu.org/styles/global/embed_player.3.css?130 | 188.114.97.1 | 200 OK | 5.9 kB |
URL GET HTTP/3younetu.org/styles/global/embed_player.3.css?130 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeASCII text, with very long lines (6369), with no line terminators Hashbc995c4e34d124e4f1330abec4dc9176 3fdcc0a0237651e355f041a96172a6197dcb4e20 9f4a684b3812d61066c54737adb2be3a628d76ac32978f224fce028ad0c6eb92
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 222886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YTQRaQqFuC4Rx1GpLtuOVXee86ZGFpPx3KRgP0%2B3F1GylTjw0jQmV5yqOzZnY%2F9rRFVCeHkyHzU7Vx1uM5B46XCJKef6zexxlaRA5PKMTUbXRxcRzR2VKSNhwAj4Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d0d28215688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092 | 174.137.133.17 | 200 OK | 0 B |
URL GET HTTP/1.1xml.xmlwiz.com/redirect?feed=598894&auth=FqgVMV&pubid=196092 IP174.137.133.17:443 ASN#27257 WEBAIR-INTERNET
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerSectigo Limited Subject*.xmlwiz.com FingerprintB7:42:FA:31:6C:A5:92:E5:B3:3F:EA:6A:F5:D0:20:0A:27:15:6B:4B ValidityTue, 05 Sep 2023 00:00:00 GMT - Thu, 05 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=598894&auth=FqgVMV&pubid=196092 HTTP/1.1
Host: xml.xmlwiz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xml.popmansion.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 May 2024 06:14:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:58 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9162f9f7e2ca7f6f56c875758fa55cf0
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 03 May 2024 06:14:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Idj6efj45%2Btdkkg%2FDN7dlUp3M7zrBRld%2BpCseacRcYfgZTcFE%2FqbwaDHhCDyFz%2Bz0bDXPaFGUOedusABvd4WV9L%2FJEAhIh%2BjsDDFYu42zYG8KG18IGNYNFfApFSze2F4P7CB2S21gPOocgqfhpnacQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87de1d229f55b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| videocdnshop.com/f.php?sid=212040&ra=18492 | 104.21.52.135 | 200 OK | 0 B |
URL GET HTTP/2videocdnshop.com/f.php?sid=212040&ra=18492 IP104.21.52.135:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectvideocdnshop.com Fingerprint74:9D:ED:06:94:27:D9:68:6B:80:01:DB:DA:26:F9:71:18:03:CE:37 ValidityMon, 18 Mar 2024 01:33:21 GMT - Sun, 16 Jun 2024 01:33:20 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212040&ra=18492 HTTP/1.1
Host: videocdnshop.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GB7uiUDLokujLFXi3CHbxZlfbk79nMakU3G8s8okdf3VwquI6zJOmeKuVSQq2PUZ4ph4Ueskv0%2B3ivVs4be3fvyc4ZrduPZu3lnyWOVzUNSiFHz6lyM8rQw7uihu2xAZo7KY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d125db0b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| xml.popmansion.com/sub/KpEzn38 | 188.114.97.1 | 200 OK | 239 B |
URL GET HTTP/2xml.popmansion.com/sub/KpEzn38 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerLet's Encrypt Subjectpopmansion.com Fingerprint0D:C1:F3:27:BF:11:E1:A8:75:84:34:E1:82:23:6B:B6:8D:80:2C:5D ValidityTue, 30 Apr 2024 05:42:48 GMT - Mon, 29 Jul 2024 05:42:47 GMT
File typeHTML document, ASCII text, with no line terminators Hash7293adfc4dc475f52752e8ffbbc56b09 3666e8afe301c2c7716bb0cade34ae51bc01a780 bd6a2cfe50408ad9ca6a6c4abb664835336a8c9194e7a7072389016df3224d00
GET /sub/KpEzn38 HTTP/1.1
Host: xml.popmansion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 03 May 2024 06:14:56 GMT
content-type: text/html; charset=utf-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pQdOzQkuwknxZvfRivhmILEnci%2FpUetgFmZSBYB6ws%2FkHaF7kz40CcjcPgN1FK5NtQgMW1dmL4actHGOjrtPnFrRm%2FZmrUM%2BPtNQgZYMenPhEsFiaKXKLc9dQM7p6SPU70jdX7E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d1cf80f712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico | 0.0.0.0 | | 0 B |
URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico IP0.0.0.0:0
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| younetu.org/js/video.counters.2.js?117 | 188.114.97.1 | 200 OK | 696 B |
URL GET HTTP/3younetu.org/js/video.counters.2.js?117 IP188.114.97.1:443
Requested byhttps://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no CertificateIssuerGoogle Trust Services LLC Subjectyounetu.org FingerprintA2:22:A3:17:72:65:9D:08:97:9D:DE:E6:F2:A8:91:9A:6E:EF:23:85 ValidityThu, 21 Mar 2024 03:22:45 GMT - Wed, 19 Jun 2024 03:22:44 GMT
File typeJavaScript source, ASCII text, with very long lines (739), with no line terminators Hasha2a4921aacb2a8988a0c0af96088c0ae 876de6826a45c1520fc16d1d7a0fd68c9dfb7040 a322d95809eef61e82cc313c84a7d76d1ec4c7c90e24a47d2197d229a4d45395
GET /js/video.counters.2.js?117 HTTP/1.1
Host: younetu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://younetu.org/player/embed_player.php?vid=RBuVY0bp2uej&autoplay=no
Cookie: uid=GzNVxztG5X3bRcDJW1lFw3jG3vmJGq0B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 03 May 2024 06:14:54 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 218730
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlPCqY7CiAq%2BpsQd%2FEB1FIotPfJ1SECKvlt75VM1g87XQzqzzUhLuOH87DB2C2D6oZTgI6%2BcbHZANUVSQtDm%2FVOs2JuABVpDCdDAme256JuQqt1F1OrZqUwdeCQ9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87de1d105a655688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
0.0.0.0