urlscan.io logo urlscan.io
SecurityTrails logo

byxzz.earthheartsmith.top Open in urlscan Pro
172.64.196.37  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lniphatyo.online/new/vjovulhjwvklnpg
Effective URL: https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome...
Submission: On January 15 via manual from ES — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 9 domains to perform 14 HTTP transactions. The main IP is 172.64.196.37, located in United States and belongs to CLOUDFLARENET, US. The main domain is byxzz.earthheartsmith.top.
TLS certificate: Issued by GTS CA 1P5 on January 8th 2024. Valid for: 3 months.
This is the only time byxzz.earthheartsmith.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 172.67.172.132 13335 (CLOUDFLAR...)
1 104.20.80.99 13335 (CLOUDFLAR...)
1 2 192.243.59.20 39572 (ADVANCEDH...)
1 1 192.64.81.118 19318 (IS-AS-1)
1 1 172.67.142.37 13335 (CLOUDFLAR...)
6 172.64.196.37 13335 (CLOUDFLAR...)
1 172.217.18.3 ()
14 6
1    172.67.172.132 (United States)

ASN13335 (CLOUDFLARENET, US)
lniphatyo.online
1    104.20.80.99 (None, )

ASN13335 (CLOUDFLARENET, US)
s10.histats.com
2    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
agitationfourthplug.com
1    192.64.81.118 (United States)

ASN19318 (IS-AS-1, US)
PTR: dist.regisswitch.net
afre.guru
1    172.67.142.37 (United States)

ASN13335 (CLOUDFLARENET, US)
byxzz.altairaquilae.top
6    172.64.196.37 (United States)

ASN13335 (CLOUDFLARENET, US)
byxzz.earthheartsmith.top
cdnstatic.earthheartsmith.top
1    172.217.18.3 (None, )

ASN- ()
www.gstatic.com
Domain Requested by
4 byxzz.earthheartsmith.top byxzz.earthheartsmith.top
2 cdnstatic.earthheartsmith.top byxzz.earthheartsmith.top
cdnstatic.earthheartsmith.top
2 agitationfourthplug.com 1 redirects lniphatyo.online
1 www.gstatic.com cdnstatic.earthheartsmith.top
1 byxzz.altairaquilae.top 1 redirects
1 afre.guru 1 redirects
1 s10.histats.com lniphatyo.online
1 lniphatyo.online
0 proftrafficcounter.com Failed agitationfourthplug.com
0 s4.histats.com Failed s10.histats.com
0 www.googletagmanager.com Failed lniphatyo.online
14 11

This site contains no links.

Subject Issuer Validity Valid
lniphatyo.online
E1		 2024-01-10 -
2024-04-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-13 -
2024-05-11		 a year crt.sh
agitationfourthplug.com
R3		 2023-12-06 -
2024-03-05		 3 months crt.sh
earthheartsmith.top
GTS CA 1P5		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
Frame ID: 67A6D5FD709CC9F86646DDDE8076AB4A
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Play

Page URL History Show full URLs

  1. https://lniphatyo.online/new/vjovulhjwvklnpg Page URL
  2. https://agitationfourthplug.com/ij6sk7s1?key=55f17a9fee68ea1b6f4ccfa2d96ecf6e Page URL
  3. https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2... HTTP 302
    https://afre.guru/c9b2l0k.php?key=htvvsvtbfeomt8u5820h&SUB_ID_SHORT=32bd328c3d874645cd16793429... HTTP 302
    https://byxzz.altairaquilae.top/?pl=Yyo1IAH5aE2Q4g9YuOImuw&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrom... HTTP 302
    https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&su... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase

Page Statistics

14
Requests

71 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

6
IPs

2
Countries

52 kB
Transfer

131 kB
Size

21
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lniphatyo.online/new/vjovulhjwvklnpg Page URL
  2. https://agitationfourthplug.com/ij6sk7s1?key=55f17a9fee68ea1b6f4ccfa2d96ecf6e Page URL
  3. https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcwNTM0MjkyNiZyZWZlcj1odHRwcyUzQSUyRiUyRmxuaXBoYXR5by5vbmxpbmUlMkYmcm10Yz10JnNodT04ZmZlMDQwYTlhMjFhODM4OWZmOWRjM2ViNDJlM2UwMTNjYWNjMzhhMGQ0ZjAxODRlNWFiMTQ3YjdlNGVlMTA2OWIzZTdlMjBiMmYzNjNiZWE4ODUzNTkyOTExNjE3M2Y1YmI2NmYyOWE2ZGFhMTkwNDE2MTJiZWIyZjQyY2IxMjczNWU4YmMyYzQ1YWVhNTg0ZTQ2OWVkYzRlYTEzY2YyNThmMmVl&uuid=&pii=&in=false HTTP 302
    https://afre.guru/c9b2l0k.php?key=htvvsvtbfeomt8u5820h&SUB_ID_SHORT=32bd328c3d874645cd16793429d2a582&COST_CPA=0.050000&PLACEMENT_ID=18974811&CAMPAIGN_ID=931985&DEVICE_BRAND=Unknown&BROWSER_NAME=Chrome&USER_OS=Windows&USER_CARRIER=Telefonica%20de%20Espana&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F120.0.6099.216%20Safari%2F537.36&REMOTE_LANGUAGE=40&BANNER_ID=2686858&COUNTRY_CODE=ES HTTP 302
    https://byxzz.altairaquilae.top/?pl=Yyo1IAH5aE2Q4g9YuOImuw&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows HTTP 302
    https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
vjovulhjwvklnpg
lniphatyo.online/new/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lniphatyo.online/new/vjovulhjwvklnpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.172.132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3523ba883d9acfd6b54fc65d525e6630a32b24de390db59658d451dedc6631
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
846022ecab6186cc-MAD
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 15 Jan 2024 18:21:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gm5IUNHXZkIaFGzV36r0SD77UlbnkUzK7gAdX6z7ajyV6U4ODqn3UpT0JRIRirfamhsbsc4oN%2BqkdaSfy02DLPhR%2BFvUlCWCp%2BfIPESVlmcYDnrFFDIpD6C4lKHal2LLfxRU"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		0
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: lniphatyo.online
URL: https://lniphatyo.online/new/vjovulhjwvklnpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.80.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://lniphatyo.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:06 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
server
cloudflare
age
36273
etag
"-375139978"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
846022f13eff1bc4-MAD
content-length
4547
ij6sk7s1
agitationfourthplug.com/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://agitationfourthplug.com/ij6sk7s1?key=55f17a9fee68ea1b6f4ccfa2d96ecf6e
Requested by
Host: lniphatyo.online
URL: https://lniphatyo.online/new/vjovulhjwvklnpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash
c9df0e90078b191f684710669933b90aa7e238d64effcf53cd094688a8f1e278
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubdomains

Request headers

Referer
https://lniphatyo.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 15 Jan 2024 18:21:06 GMT
Expires
Thu, 01 Jan 1970 00:00:01 GMT
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Server
nginx/1.19.5
Strict-Transport-Security
max-age=0; includeSubdomains
Transfer-Encoding
chunked
X-Request-ID
f6bffa0ffff702bca98369907db62550
0.php
s4.histats.com/stats/ 		0
0
stats
proftrafficcounter.com/ 		0
0
Primary Request /
byxzz.earthheartsmith.top/youtube/
Redirect Chain
  • https://agitationfourthplug.com/api/users?token=L2lqNnNrN3MxP2tleT01NWYxN2E5ZmVlNjhlYTFiNmY0Y2NmYTJkOTZlY2Y2ZSZwc3Q9MTcwNTM0MjkyNiZyZWZlcj1odHRwcyUzQSUyRiUyRmxuaXBoYXR5by5vbmxpbmUlMkYmcm10Yz10JnNod...
  • https://afre.guru/c9b2l0k.php?key=htvvsvtbfeomt8u5820h&SUB_ID_SHORT=32bd328c3d874645cd16793429d2a582&COST_CPA=0.050000&PLACEMENT_ID=18974811&CAMPAIGN_ID=931985&DEVICE_BRAND=Unknown&BROWSER_NAME=Chr...
  • https://byxzz.altairaquilae.top/?pl=Yyo1IAH5aE2Q4g9YuOImuw&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows
  • https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9a...
26 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c134a426f134ff6d4998efd9df045f3b359d37bc92beaf7c90e7a81a3dc96779

Request headers

Referer
https://agitationfourthplug.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
es-ES,es;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
846022fe0ef25e1e-MAD
content-encoding
br
content-type
text/html
date
Mon, 15 Jan 2024 18:21:08 GMT
last-modified
Tue, 19 Dec 2023 12:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cID%2FBvuDgTi9Bqry58NXCXOxAiRRAlwFTc%2Fsw58Q9lnHNJnWeUPSYAD1t1opf9eYOYQeFF6FjOZRf0AXsVF%2BRmGRgF1d%2B6dCkbvjiPq%2BoKaHA%2BQdtEgz%2B2atp%2BBWxxvvpw86MamGypO1MRSK"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
846022faf8ff7910-CDG
content-length
0
date
Mon, 15 Jan 2024 18:21:07 GMT
location
https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=svtD72n1J6oARhXmO8wtbVeFcFqWet7DKd%2Bj4Vt2qO2g6%2FoHQrmGolJsPFS0vhxkBMiU%2BOedfmnoJ9aHG8tQFm2KtmFgKrjd0DGAFmHI6XILVlIU9eTf49SAKPP%2BTDL333xYiNLs5YnnOA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
trls.js
byxzz.earthheartsmith.top/youtube/assets/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byxzz.earthheartsmith.top/youtube/assets/trls.js
Requested by
Host: byxzz.earthheartsmith.top
URL: https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dafebe85a2439f7bdb03df03df905b7d2f1ec99d8cd9c1cb1808541a7498ea99

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 12:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4941
etag
W/"658189e0-1bbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9rvu26VMbEryDeiBCmp2qsom17Xp0cDBzVzdUyXv41KWuvVDSIIT6FWQ1AqYJOchqBSpExJH3fA314SQ39ooVxpduYke23ehcBneasSzRkrDhXkHUqTYGO7DcfkUXbkGLjo5Cj0ulCgEqzK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
846022fef89a5e1e-MAD
alt-svc
h3=":443"; ma=86400
style.css
byxzz.earthheartsmith.top/youtube/assets/ 		2 KB
925 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://byxzz.earthheartsmith.top/youtube/assets/style.css
Requested by
Host: byxzz.earthheartsmith.top
URL: https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2fd86d9cd7b3b71a8d0ed916d23606cdb1283845477aa076db98b3dea88b9f

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 12:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4941
etag
W/"658189e0-6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2BtVyK1vv%2FX2G04XKKW%2Fdf1rV1b2rANNRyKkWntGX7qtBiKRQvSvKbD3BP2UiZf6RQkAX0u0%2B6YjHXoR8HyOzqlqiG3%2BU5nGHrmhvAzE%2F5pQzlr7e7iRlfkc8OHWb0m4tNdKen3QAXWG4C6V"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
846022fef8775e1e-MAD
alt-svc
h3=":443"; ma=86400
static-pl.js
byxzz.earthheartsmith.top/shared-js/assets/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://byxzz.earthheartsmith.top/shared-js/assets/static-pl.js?v=2
Requested by
Host: byxzz.earthheartsmith.top
URL: https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/youtube/?pl=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&nrid=5a0ea6880fb24ff486751be947f7719b&hash=h4cWj7X1x9Xnj9aiiJEGMg&exp=1705343167
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Dec 2023 12:17:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6422
etag
W/"658189e0-dee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhmd6FwMmMtsjtV6xB0pt5bqggF13%2BLtcjsgb7GYYl69YdzdEfsXIRtmtYoW0cZsqYpoC97NHFGZS4mNZS%2FWRKiNMRPwKnL%2BwPDMh0fiQfNhY%2BjRajhxLFxYSCGOIyqSEieCjT9frlQlamHi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
846022ff28e85e1e-MAD
alt-svc
h3=":443"; ma=86400
truncated
/ 		15 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d124980feada063410783226ccda3d08fb449900fd910e54b9daab6a5e8402b0

Request headers

accept-language
es-ES,es;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
ps.js
cdnstatic.earthheartsmith.top/ps/ 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.earthheartsmith.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&appspot=&d=https%3A%2F%2Fcdnstatic.earthheartsmith.top&timeout=30&tb=true&nrid=5a0ea6880fb24ff486751be947f7719b
Requested by
Host: byxzz.earthheartsmith.top
URL: https://byxzz.earthheartsmith.top/shared-js/assets/static-pl.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43a03b12ea454f04df95dd30c7d5b81013e78dec2b14c0dabce962b526ee0cb1

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:08 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vXezpiVKm2jKm4VOn7wFCNSaqv1e%2FIqekzIYBjWsnt6FV1iaMVN4lIdiiEnzRY7XXUWJv%2BpZtvklkKpFfVUfJv4fpU2UXcZTqBPwWZyUKXQjfCVadJG%2B2Y5pcihAh2LUv69Y2bF9JQbYidH9hh%2BZTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
846023001ab45e1e-MAD
alt-svc
h3=":443"; ma=86400
config.js
cdnstatic.earthheartsmith.top/ps/ 		360 B
717 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnstatic.earthheartsmith.top/ps/config.js?id=Yyo1IAH5aE2Q4g9YuOImuw
Requested by
Host: cdnstatic.earthheartsmith.top
URL: https://cdnstatic.earthheartsmith.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&appspot=&d=https%3A%2F%2Fcdnstatic.earthheartsmith.top&timeout=30&tb=true&nrid=5a0ea6880fb24ff486751be947f7719b
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.196.37 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Mon, 15 Jan 2024 18:21:08 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wy9YnCCOH4M3U0SqPC2WFclJtWJvsoDyLeXCGGPmoIetQ0TnmUnfVGW3DZZ1E0ilkWixod5otZq%2BwdAnqVbv1aZoEmd4Y9aTYHX8enk8DlYODVEDm2bEIBQW%2FLL5tUYllnI%2BhI%2FNDeGT8MohgRI76A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate
cf-ray
84602301281537df-MAD
alt-svc
h3=":443"; ma=86400
firebase-app-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
Requested by
Host: cdnstatic.earthheartsmith.top
URL: https://cdnstatic.earthheartsmith.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=Yyo1IAH5aE2Q4g9YuOImuw&sm=youtube&click_id=adf07q5k23vqqa0ca7&sub_id=18974811-Chrome-Windows&appspot=&d=https%3A%2F%2Fcdnstatic.earthheartsmith.top&timeout=30&tb=true&nrid=5a0ea6880fb24ff486751be947f7719b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.3 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
es-ES,es;q=0.9
Referer
https://byxzz.earthheartsmith.top/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 18:13:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
259653
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9308
x-xss-protection
0
last-modified
Thu, 31 Aug 2023 15:20:38 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Jan 2025 18:13:36 GMT
firebase-messaging-compat.js
www.gstatic.com/firebasejs/10.3.1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=UA-51273128-1
Domain
s4.histats.com
URL
https://s4.histats.com/stats/0.php?4764170&@f16&@g1&@h1&@i1&@j1705342866179&@k0&@l1&@mlniphatyo.online%20-%20We%20apologize%20for%20the%20inconvenience%2C%20but%20we%27re%20performing%20some%20maintenance.&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:29815998&@b3:1705342866&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Flniphatyo.online%2Fnew%2Fvjovulhjwvklnpg&@w
Domain
proftrafficcounter.com
URL
https://proftrafficcounter.com/stats
Domain
www.gstatic.com
URL
https://www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| translation object| rtlLangs string| browserLang string| siteLang number| extTpl function| detect_language function| replace_text function| translation_available function| translate function| getParameterByName function| docReady function| a5_0x1ad6 object| config

21 Cookies

Domain/Path Name / Value
agitationfourthplug.com/api Name: iprc579badb042a1c41c8b767e202da77df2
Value: 4832228
agitationfourthplug.com/api Name: pdhtkv
Value: true
agitationfourthplug.com/api Name: uncs
Value: 1
agitationfourthplug.com/api Name: pdhtkv28
Value: true
agitationfourthplug.com/api Name: uncs28
Value: 1
lniphatyo.online/ Name: HstCfa4764170
Value: 1705342866179
lniphatyo.online/ Name: HstCla4764170
Value: 1705342866179
lniphatyo.online/ Name: HstCmu4764170
Value: 1705342866179
lniphatyo.online/ Name: HstPn4764170
Value: 1
lniphatyo.online/ Name: HstPt4764170
Value: 1
lniphatyo.online/ Name: HstCnv4764170
Value: 1
lniphatyo.online/ Name: HstCns4764170
Value: 1
agitationfourthplug.com/ Name: u_pl
Value: 18974811
agitationfourthplug.com/ Name: ain
Value: eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxODk3NDgxMSwiayI6IjU1ZjE3YTlmZWU2OGVhMWI2ZjRjY2ZhMmQ5NmVjZjZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyMzk3OTA2LCJwaWQiOjE2NDUzNCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozOCwiYWlkIjoyOCwicHQiOjQsInBrIjoiaWo2c2s3czEiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MjE0NTA3NzIwLCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTMwMzY2LCJibiI6IkNocm9tZSIsImJ2IjoiMTIwIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6NjgsImMiOiJFUyIsIm4iOiJTcGFpbiJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IlRlbGVmb25pY2EgZGUgRXNwYW5hIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9sbmlwaGF0eW8ub25saW5lLyIsImFyIjpbXX19.oXqVC0nkBLHUglH5Pz2blOM575sv9BHHT3fjTTOLEhU
agitationfourthplug.com/ Name: cjs
Value: t
afre.guru/ Name: uclick
Value: q5k23vqqa0
afre.guru/ Name: uclickhash
Value: q5k23vqqa0-q5k23vqqa0-9lm7-0-gxydfe-vca0dz-7socfe-570d27
byxzz.altairaquilae.top/ Name: Yyo1IAH5aE2Q4g9YuOImuw
Value: 7
byxzz.altairaquilae.top/ Name: __pl
Value: ab4be1c6-7606-4f3f-b4e0-d01ffc8afa03
byxzz.altairaquilae.top/ Name: __cap
Value: 1
cdnstatic.earthheartsmith.top/ Name: __psu
Value: 5a807c37-edb9-4938-bb8a-d16bfbd13fd8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block