rh3th3zp8w.youtulbe.biz Open in urlscan Pro
2606:4700:e0::ac40:6e0d  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://fbcjtbe69c.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Page URL
2. https://tjf2zrla4g.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Page URL
3. https://q1dp7eg0e8.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Page URL
4. https://4zsacbk9wg.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Page URL
5. https://rh3th3zp8w.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	err_303.php Show response fbcjtbe69c.youtulbe.biz/	14 KB 5 KB	570ms 470ms	Document text/html	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fbcjtbe69c.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695e916589751b63d81e554fd7dc85742cc71d39cb69d318508f523d3e380c30 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d259edfdbaa1947-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Jun 2023 04:20:01 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYxocTMkHChU%2BZb3l8cGMpX9oKEnR8p6Na4%2BlxlKyh6B%2BAafBOyqQWZhPHpearIIsc4HrlqxWGUYr4mVIP7x04vkiQcIBWyPnlFSpGpwx4kms9UWRs8axlMqYSw3AeDCeunU%2FhqqZ2f9WHSyU1Jf8yXd1Xy5RQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	698ms 677ms	Script application/javascript	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Requested by Host: fbcjtbe69c.youtulbe.biz URL: https://fbcjtbe69c.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language de-DE,de;q=0.9 Referer https://fbcjtbe69c.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:01 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Boxe6rSiZ%2BbB8X69XTmzr7P2JbyImWrROvykEN7aWf8VN6kr%2FUWTm51JCsUSOvEX1mAza%2BkiYvvFYst7VDIbj3iI0UaiwUO6shZywiTVUi7m%2B1lzlaWws8FXkBo0%2BT4sa%2FEW5X5yu991bMA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7d259ee30e9e1947-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 259 B	158ms 46ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=fbcjtbe69c.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fbcjtbe69c.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 58f476ecb2fdaf7c1579b6452c65d62e date Mon, 05 Jun 2023 04:19:54 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://fbcjtbe69c.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js my.rtmark.net/	65 B 550 B	145ms 46ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=f8cf4qqg61m9z6ob1b&var=2069 Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fbcjtbe69c.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://fbcjtbe69c.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	909 B 1 KB	169ms 62ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=fbcjtbe69c.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://fbcjtbe69c.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id b4102fbb2c2d7b805549f1e151d2b5b8 date Mon, 05 Jun 2023 04:20:01 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://fbcjtbe69c.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 909
GET H2	200	err_303.php Show response tjf2zrla4g.youtulbe.biz/	14 KB 5 KB	475ms 463ms	Document text/html	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tjf2zrla4g.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Requested by Host: fbcjtbe69c.youtulbe.biz URL: https://fbcjtbe69c.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695e916589751b63d81e554fd7dc85742cc71d39cb69d318508f523d3e380c30 Request headers Referer https://fbcjtbe69c.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d259ee89c3e1947-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Jun 2023 04:20:02 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlljcoWhk%2BSSWrsGkEY15qCLmV9qTEQqObOJ4tFkzO5IbSKTramtaw6OFgdILOFXN%2Bm%2BsRDDfmM7fh6etP2pQq5%2FcSVeII7AYj1QPIqFGsRjc3V4u5p8nK9kqrV%2Bqyeuxz%2Bbkf48sceRyYA8bQ1%2BcfB1qmyCJw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	52ms 51ms	Script application/javascript	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Requested by Host: tjf2zrla4g.youtulbe.biz URL: https://tjf2zrla4g.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language de-DE,de;q=0.9 Referer https://tjf2zrla4g.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:02 GMT content-encoding br cf-cache-status HIT last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1 etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La%2BM%2FUmB0nK6LD%2BNcFh6ubXYg85bNJS7T9nGkXNGnwbClVBFH2FpXoG%2Bq6Djzu8uDvS3jai2ihbD8nfrU62B%2FLxJeCeRwKP8sfkorDcLKsTlUhsW0wmKHRljXyzd8GjBtEN6C0T81juKmbI%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7d259eeb9f0f1947-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	46ms 45ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tjf2zrla4g.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tjf2zrla4g.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 18f20268f281276711daf5a725f9590c date Mon, 05 Jun 2023 04:19:55 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://tjf2zrla4g.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 549 B	51ms 50ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=f8cf4qqg61m9z6ob1b&var=2069 Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash 530223aff752648eccb47c6fec4340e500b3b10bfb8dd5db3514957a551f86fa Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tjf2zrla4g.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:02 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://tjf2zrla4g.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	909 B 1 KB	55ms 55ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=tjf2zrla4g.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://tjf2zrla4g.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 38d2ca201a8800dd0d36b51fff5b0874 date Mon, 05 Jun 2023 04:20:02 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://tjf2zrla4g.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 909
GET H2	200	err_303.php Show response q1dp7eg0e8.youtulbe.biz/	14 KB 5 KB	487ms 465ms	Document text/html	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://q1dp7eg0e8.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Requested by Host: tjf2zrla4g.youtulbe.biz URL: https://tjf2zrla4g.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695e916589751b63d81e554fd7dc85742cc71d39cb69d318508f523d3e380c30 Request headers Referer https://tjf2zrla4g.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d259eec9ffb1947-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Jun 2023 04:20:03 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSVQuFMsRoLGgfWknghj0EmCp%2B9PMvh5THbkIzrJxyPSqEk6OGVAwKKVCLpv5y%2Bq3QvcZDIzpvuFlQD%2B3TZT4P4P5i6grJkW3rD5686%2B3FjCDTsgbu7MTt7bKzNwZKfDwo1YdkI8W6hJ6FP45YTQ7%2FcY0Rnpaw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	micro.tag.min.js youtulbe.biz/	77 KB 25 KB	675ms 675ms	Script application/javascript	2606:4700:e0::ac40:6f0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Requested by Host: q1dp7eg0e8.youtulbe.biz URL: https://q1dp7eg0e8.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6f0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://q1dp7eg0e8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:03 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZmLRJU%2FisRw%2BbTNI%2BfDtojWidEp%2B3llWBwMsh32wRjK%2BmWq7xLDO1CkLG3eN6vimdZrbUDzge8N7a6njw5Aj5hOX%2BUeF3AOnJI%2BXx5JK%2FYpOVaMDW6e7%2BdL24qd0ueKNESsB5V3qhJcNIE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7d259eef8f5a691b-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	48ms 48ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=q1dp7eg0e8.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://q1dp7eg0e8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 4ff849253280f779cf5811464664d30a date Mon, 05 Jun 2023 04:19:56 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://q1dp7eg0e8.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js my.rtmark.net/	65 B 550 B	47ms 46ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=f8cf4qqg61m9z6ob1b&var=2069 Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://q1dp7eg0e8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:03 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://q1dp7eg0e8.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	909 B 1 KB	48ms 48ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=q1dp7eg0e8.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://q1dp7eg0e8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 9c6f47623f5dc6bf2768f777a01e8d27 date Mon, 05 Jun 2023 04:20:03 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://q1dp7eg0e8.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 909
GET H2	200	err_303.php Show response 4zsacbk9wg.youtulbe.biz/	14 KB 5 KB	484ms 471ms	Document text/html	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://4zsacbk9wg.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Requested by Host: q1dp7eg0e8.youtulbe.biz URL: https://q1dp7eg0e8.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 695e916589751b63d81e554fd7dc85742cc71d39cb69d318508f523d3e380c30 Request headers Referer https://q1dp7eg0e8.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d259ef488561947-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Jun 2023 04:20:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YksPijMbRzuy6edk7kHDurIBs1D1RRdZ0LjbudVFS0YTUmrs4aVj%2F3F0LjOD%2F%2BDx5EkGWUBlFK7dfuiKXzjep9Yf5GVFsbTgb22edrGZZ1eCtZN7EsAxSbLyRiaqagv%2Ff7I5c4mgF%2FMk%2Bm%2F%2FsfkXL5Xc7XzDQA%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	micro.tag.min.js youtulbe.biz/	77 KB 25 KB	49ms 48ms	Script application/javascript	2606:4700:e0::ac40:6f0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Requested by Host: 4zsacbk9wg.youtulbe.biz URL: https://4zsacbk9wg.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:6f0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://4zsacbk9wg.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:04 GMT content-encoding br cf-cache-status HIT last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1 etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZPIGZ2tJrcgvI1QyMt8GGlYzTM6m9%2B9hSUie5%2FuknX6XrnVpdOLXjUi5x4NndLnFaxqM5uE5zICAvCl2ojKcCVtO9XHXsIslqNaI2oLAeOYsxB4SLP%2BFlwQhEarFIOx9fGbgCdbLQNSVt8s%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7d259ef79d74691b-FRA alt-svc h3=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	46ms 46ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=4zsacbk9wg.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://4zsacbk9wg.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id b3ff793d34dce4a27a148dd4724a3f50 date Mon, 05 Jun 2023 04:19:57 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://4zsacbk9wg.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js my.rtmark.net/	65 B 550 B	47ms 46ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=f8cf4qqg61m9z6ob1b&var=2069 Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://4zsacbk9wg.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers date Mon, 05 Jun 2023 04:20:04 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://4zsacbk9wg.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	909 B 1 KB	48ms 47ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=4zsacbk9wg.youtulbe.biz&var=2069&ymid=f8cf4qqg61m9z6ob1b&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://4zsacbk9wg.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 Response headers x-trace-id 55dd5b6a6ef1612d171a5e80b00b1a3e date Mon, 05 Jun 2023 04:20:04 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://4zsacbk9wg.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 909
GET H2	200	Primary Request err_303.php rh3th3zp8w.youtulbe.biz/	14 KB 5 KB	482ms 462ms	Document text/html	2606:4700:e0::ac40:6e0d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rh3th3zp8w.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Requested by Host: 4zsacbk9wg.youtulbe.biz URL: https://4zsacbk9wg.youtulbe.biz/err_303.php?cnv_id=f8cf4qqg61m9z6ob1b&sourceid=2069 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:6e0d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://4zsacbk9wg.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7d259ef8bcc01947-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 05 Jun 2023 04:20:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tQtUvrwfB05koBW18iT3yKXKeZOOO%2Bcn9B22LXsoq6vGTbcggamsiILINO5vIH3u9rXyWeP3z6xn45yoqxnXtHuJIB%2B%2FcIrpW%2BTUQxnIsLXHNxHYMIADxJroBCgTEjwCeTLbD5sQlc6flIl6CohDA1fXhY9VTg%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET		micro.tag.min.js youtulbe.biz/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

youtulbe.biz

URL

https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=f8cf4qqg61m9z6ob1b&var=2069&sw=/sw-check-permissions-local-5137789.js

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 21:04:34	Name: ID Value: 482e198ff9da4b3a99ae3da3866fc28d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4zsacbk9wg.youtulbe.biz
fbcjtbe69c.youtulbe.biz
my.rtmark.net
q1dp7eg0e8.youtulbe.biz
rh3th3zp8w.youtulbe.biz
tjf2zrla4g.youtulbe.biz
ugyplysh.com
youtulbe.biz
youtulbe.biz
139.45.195.8
139.45.197.253
2606:4700:e0::ac40:6e0d
2606:4700:e0::ac40:6f0d
0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1
530223aff752648eccb47c6fec4340e500b3b10bfb8dd5db3514957a551f86fa
695e916589751b63d81e554fd7dc85742cc71d39cb69d318508f523d3e380c30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855