urlscan.io logo urlscan.io
SecurityTrails logo

y0utube.live Open in urlscan Pro
2606:4700:3034::6812:22cf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8cc...
Effective URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Submission: On December 29 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 14 domains to perform 21 HTTP transactions. The main IP is 2606:4700:3034::6812:22cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is y0utube.live.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 1st 2020. Valid for: a year.
This is the only time y0utube.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 67.212.184.146 32475 (SINGLEHOP...)
1 1 172.67.183.40 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700:303... 13335 (CLOUDFLAR...)
1 205.185.216.10 20446 (HIGHWINDS3)
1 139.45.196.195 9002 (RETN-AS)
4 213.174.135.1 39572 (ADVANCEDH...)
4 213.174.135.2 39572 (ADVANCEDH...)
1 2 168.119.25.22 24940 (HETZNER-AS)
1 ()
1 1 116.202.204.4 24940 (HETZNER-AS)
21 9
2    67.212.184.146 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
get.bestdeal2060.info
1    172.67.183.40 (United States)

ASN13335 (CLOUDFLARENET, US)
tracking.armorads.com
1    2606:4700:3032::ac43:ddbf (United States)

ASN13335 (CLOUDFLARENET, US)
adtrackingflow.com
8    2606:4700:3034::6812:22cf (United States)

ASN13335 (CLOUDFLARENET, US)
y0utube.live
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
cst.wpu.sh
1    139.45.196.195 (Ascension Island)

ASN9002 (RETN-AS, GB)
ciksolre.net
4    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
na.nawpush.com
sw.wpush.org
cdn18383040.ahacdn.me
4    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
sw.swwpush.com
sw.wpu.sh
vasgenerete.site
2    168.119.25.22 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.22.25.119.168.clients.your-server.de
ntvpwpush.com
ntvpevents.com
1    (None, )

ASN- ()
y0utube.live
1    116.202.204.4 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.4.204.202.116.clients.your-server.de
tcb.pushic.com
Domain Requested by
9 y0utube.live get.bestdeal2060.info
y0utube.live
sw.swwpush.com
2 cdn18383040.ahacdn.me y0utube.live
2 vasgenerete.site sw.wpu.sh
2 get.bestdeal2060.info 1 redirects
1 tcb.pushic.com 1 redirects
1 ntvpevents.com 1 redirects
1 ntvpwpush.com sw.swwpush.com
1 sw.wpu.sh sw.wpush.org
1 sw.swwpush.com cst.wpu.sh
1 sw.wpush.org y0utube.live
1 na.nawpush.com cst.wpu.sh
1 ciksolre.net y0utube.live
1 cst.wpu.sh y0utube.live
1 adtrackingflow.com 1 redirects
1 tracking.armorads.com 1 redirects
21 15

This site contains links to these domains. Also see Links.

Domain
ntvpevents.com
Subject Issuer Validity Valid
get.bestdeal2060.info
R3		 2020-12-28 -
2021-03-28		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-01 -
2021-08-01		 a year crt.sh
wpu.sh
R3		 2020-12-10 -
2021-03-10		 3 months crt.sh
ciksolre.net
R3		 2020-12-13 -
2021-03-13		 3 months crt.sh
na.nawpush.com
R3		 2020-12-23 -
2021-03-23		 3 months crt.sh
sw.wpush.org
Let's Encrypt Authority X3		 2020-11-24 -
2021-02-22		 3 months crt.sh
sw.swwpush.com
R3		 2020-12-22 -
2021-03-22		 3 months crt.sh
sw.wpu.sh
Let's Encrypt Authority X3		 2020-12-01 -
2021-03-01		 3 months crt.sh
notification.tubecup.net
R3		 2020-12-21 -
2021-03-21		 3 months crt.sh
vasgenerete.site
Let's Encrypt Authority X3		 2020-11-02 -
2021-01-31		 3 months crt.sh
*.ahacdn.me
GoGetSSL RSA DV CA		 2020-12-03 -
2022-01-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Frame ID: 2A06F8BCC46EA9603A2581415AB114E7
Requests: 22 HTTP requests in this frame

Frame: blob://https://y0utube.live/2cea07a9-07c6-4cdc-9f61-ed5639b016a6
Frame ID: D2097E6BBF660C560982A0B92E950B23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b91... Page URL
  2. https://get.bestdeal2060.info/proc.php?5dfa01a2ba83298f2d29726167b62f2d117df08e HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6911682271497945599&sub2=1314&sub... HTTP 302
    https://adtrackingflow.com/click.php?key=6y43fijdm5dsc1q8ocm6&cid=5feb3ae0d402c00001676bd2&sid=4 HTTP 302
    https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

21
Requests

100 %
HTTPS

18 %
IPv6

14
Domains

15
Subdomains

9
IPs

3
Countries

624 kB
Transfer

971 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8ccbecabcbd838a8281b68e86848aa6beb98eb88c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7cec6c5cafaf8f1fecfcccd5b Page URL
  2. https://get.bestdeal2060.info/proc.php?5dfa01a2ba83298f2d29726167b62f2d117df08e HTTP 302
    http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6911682271497945599&sub2=1314&sub3=1314-5ecd6faz HTTP 302
    https://adtrackingflow.com/click.php?key=6y43fijdm5dsc1q8ocm6&cid=5feb3ae0d402c00001676bd2&sid=4 HTTP 302
    https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://ntvpevents.com/in/show/?mid=2424134355&pid=0&site=native-push&sc=CH&subid=0&sid=2521894524&cid=1200&price=0.0001&is_cpm=0&cpm=0&ecpm=0.0005700000000000001&crid=&crtid=28b093fbb8001b52054df48affa848d1&tcid=0&out_id=0&ver=2.11.1&ver_c=&refdom=y0utube.live&hostname=auc-inpage-hz-1&site_id=31157&spot_id=157&utm_source=&utm_medium=&utm_campaign=&utm_content=&expirationTimestamp=null&created_at=2020-12-29&is_native=1&auction_queue=1&pop_winurl=&ip=185.156.175.107&testab=0&url=https%3A%2F%2Ftcb.pushic.com%2Fv1%2Ftrack%2Fimpression%3Fdata%3DeyJhbGciOiJIUzI1NiJ9.eyJhbCI6ImVuLVVTIiwiaSI6IjMxMTU3OjE4OjI2MTQ1NDA1OTAwODc2MTgzNTY6NDQ1OjI5MDoxMzMwMzAwMjgzNTM2OTg0Njk0Mzo2OjgyMjA4IiwiaXAiOiIxODUuMTU2LjE3NS4xMDciLCJqdGkiOiJjY2E0NWEzZC05MTdhLTRjNGItYmFmNy02OTU0NGVmYjc1NTQiLCJwIjowLjAwMDEsInQiOiJwdXNoX25hdGl2ZTpjcGMiLCJ1IjoiaHR0cHM6Ly9jZG4xODM4MzA0MC5haGFjZG4ubWUvYXNzZXRzLzQ1N2I4OTIyLTdkYjMtNGU3NC05ODdmLWM2NTkxNDM4MmY4OC5wbmciLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsInVoIjoiYzk5MzQ3ZDkzOGE4ZjEzZjg2ODU2N2Q3YTY0NTAwZGEiLCJ1aSI6Ijg1MTBkOGZjLTFhNDktNTMyMC1iZGRkLTY4ZGNjMDdhMDgyNyIsInVyIjoiMTg6cHVzaF9uYXRpdmU6MzExNTc6OiJ9.zJrPpzhXfOaofLztj9qumtuF-e2QHc2OM21FtK4tXxw%26ap%3D0.0001&cpa=c036ce94-4814-4bc1-8a93-c02f61d1f6db&format=default-r-d HTTP 302
  • https://tcb.pushic.com/v1/track/impression?data=eyJhbGciOiJIUzI1NiJ9.eyJhbCI6ImVuLVVTIiwiaSI6IjMxMTU3OjE4OjI2MTQ1NDA1OTAwODc2MTgzNTY6NDQ1OjI5MDoxMzMwMzAwMjgzNTM2OTg0Njk0Mzo2OjgyMjA4IiwiaXAiOiIxODUuMTU2LjE3NS4xMDciLCJqdGkiOiJjY2E0NWEzZC05MTdhLTRjNGItYmFmNy02OTU0NGVmYjc1NTQiLCJwIjowLjAwMDEsInQiOiJwdXNoX25hdGl2ZTpjcGMiLCJ1IjoiaHR0cHM6Ly9jZG4xODM4MzA0MC5haGFjZG4ubWUvYXNzZXRzLzQ1N2I4OTIyLTdkYjMtNGU3NC05ODdmLWM2NTkxNDM4MmY4OC5wbmciLCJ1YSI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsInVoIjoiYzk5MzQ3ZDkzOGE4ZjEzZjg2ODU2N2Q3YTY0NTAwZGEiLCJ1aSI6Ijg1MTBkOGZjLTFhNDktNTMyMC1iZGRkLTY4ZGNjMDdhMDgyNyIsInVyIjoiMTg6cHVzaF9uYXRpdmU6MzExNTc6OiJ9.zJrPpzhXfOaofLztj9qumtuF-e2QHc2OM21FtK4tXxw&ap=0.0001 HTTP 302
  • https://cdn18383040.ahacdn.me/assets/457b8922-7db3-4e74-987f-c65914382f88.png

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
get.bestdeal2060.info/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8ccbecabcbd838a8281b68e86848aa6beb98eb88c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7cec6c5cafaf8f1fecfcccd5b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.212.184.146 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.4.10
Resource Hash
71dd867b705ec64b6c136a4c7f5f8449b5c136f448a590e79244758efeba3be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
get.bestdeal2060.info
:scheme
https
:path
/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8ccbecabcbd838a8281b68e86848aa6beb98eb88c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7cec6c5cafaf8f1fecfcccd5b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Tue, 29 Dec 2020 14:19:12 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=4dbf1de4b422d54f9dc8d9599594de41; expires=Wed, 29-Dec-2021 14:19:12 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Primary Request /
y0utube.live/arm1/
Redirect Chain
  • https://get.bestdeal2060.info/proc.php?5dfa01a2ba83298f2d29726167b62f2d117df08e
  • http://tracking.armorads.com/sl?id=5faa890a127bd6bcbd27203b&pid=4&sub1=M6911682271497945599&sub2=1314&sub3=1314-5ecd6faz
  • https://adtrackingflow.com/click.php?key=6y43fijdm5dsc1q8ocm6&cid=5feb3ae0d402c00001676bd2&sid=4
  • https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Requested by
Host: get.bestdeal2060.info
URL: https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8ccbecabcbd838a8281b68e86848aa6beb98eb88c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7cec6c5cafaf8f1fecfcccd5b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5529b6337d0f1edbfc8777209bd3f3f0f4907983a871bdcadcc80c07ad9cd21a

Request headers

:method
GET
:authority
y0utube.live
:scheme
https
:path
/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://get.bestdeal2060.info/?utm_term=6911682271497945599&clickverify=1&utm_content=fdc2c69a9cafac9c9b9190a197979095ba88b8ccbecabcbd838a8281b68e86848aa6beb98eb88c8db3838081eae6eae1e9f8f9e9fbb2eceffbfef1e3ef97a595ad84878e828acca48c80cee1d4d3e4d7cefbf8f98a8d8998f2f3c1f1c7cec6c5cafaf8f1fecfcccd5b#

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
content-type
text/html
set-cookie
__cfduid=dcd875923f751b200b01b99efacb183ad1609251552; expires=Thu, 28-Jan-21 14:19:12 GMT; path=/; domain=.y0utube.live; HttpOnly; SameSite=Lax
vary
Accept-Encoding
last-modified
Mon, 16 Nov 2020 08:19:04 GMT
cf-cache-status
DYNAMIC
cf-request-id
07507715c300002c0d24b0f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j3sb8gP62SeCAqg9uhzVIwc2vmaKbU8Qu%2FYfwRZcz8omPwBiHLi27%2BPAPOR%2FrSzLd%2BNcKVhjVWomaoqMQmsj%2BFM62LhmivDPqa068Jamml6iwuM%2BO%2FBM%2B1E%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6094279c6df02c0d-FRA
content-encoding
br

Redirect headers

date
Tue, 29 Dec 2020 14:19:12 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3eaa28ce87971d5e4158b31efc58beb31609251552; expires=Thu, 28-Jan-21 14:19:12 GMT; path=/; domain=.adtrackingflow.com; HttpOnly; SameSite=Lax uclick=fnq5wfzw3z; expires=Wed, 30-Dec-2020 14:19:12 GMT; Max-Age=86400; path=/; SameSite=None; Secure; uclickhash=fnq5wfzw3z-fnq5wfzw3z-fnoc-fnsl-e246-he5m3y-he5m6o-6e9704; expires=Wed, 30-Dec-2020 14:19:12 GMT; Max-Age=86400; path=/; SameSite=None; Secure; __cf_bm=f2f36eae1a9751c685d8151a1d63e93ce61d6b04-1609251552-1800-AcdxHe+1ZFaSOuGytEb8BnRQyIsQJKO4/sPh4OBBv5jgTSdG0LyNRr1e/izqoSyMeIeEeGOu6LqeurRbeCEJZHE=; path=/; expires=Tue, 29-Dec-20 14:49:12 GMT; domain=.adtrackingflow.com; HttpOnly; Secure; SameSite=None
location
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
cf-cache-status
DYNAMIC
cf-request-id
07507715410000dfad8f26e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H3kwawofoFGl8Rr5ElqcfOzj5YxkKvz99LyRidmX2qfKLqIGQILW%2FB5e8XMo39e98xSRqFzzx0d3HyVBB04m5l5Zg7IpdN%2B8fr49uhGk7yJY2p48FE%2BPp2J%2F3YmQxvM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6094279b9d41dfad-FRA
icon1.png
y0utube.live/arm1/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon1.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
7252
cf-request-id
07507715f300002c0dd42ad000000001
last-modified
Sun, 22 Nov 2020 10:50:15 GMT
server
cloudflare
etag
"1c54-5b4afd7c55b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YysmgjL1VbLS5Sfl7Emrfr4%2BAd1NKeGmvH8A0%2FQIw1aIyQrsdLWQvqZEBVsbrfKybXXv223JuasaLbnqJxoMf6xCIdEthPsfNuCSQrl%2BEWiczTvmGW5jY6g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbef82c0d-FRA
icon2.png
y0utube.live/arm1/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon2.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
4576
cf-request-id
07507715f300002c0dbb033000000001
last-modified
Sun, 22 Nov 2020 10:50:15 GMT
server
cloudflare
etag
"11e0-5b4afd7c55b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sr8YLYadLofvR4qLDBMDI2aNndDNSQghJ6KQTMiY8zI4CkY6EZmXsklYpqRHcQTaT0CgQZmktyjbPN95MerJ3JfVXuGnkSUWLPP8w2al0mq%2BoMMKO5imp1c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbefa2c0d-FRA
icon3.png
y0utube.live/arm1/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon3.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
7847
cf-request-id
07507715f500002c0d30120000000001
last-modified
Sun, 22 Nov 2020 10:50:16 GMT
server
cloudflare
etag
"1ea7-5b4afd7c7ad33"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hy3OjRbcHW4wKQQDkvBLKRgFB5bGevVBQCeu8xtDWpC3NAZzEXiLW%2F5C%2FTiHcWd1903Y8LmzLj5x4JPNto3QrvOmdWefP2k8PRbt9sBAFLK3Ycz88KKrxlY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbf012c0d-FRA
icon4.png
y0utube.live/arm1/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon4.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
7032
cf-request-id
07507715f500002c0d24b16000000001
last-modified
Sun, 22 Nov 2020 10:50:16 GMT
server
cloudflare
etag
"1b78-5b4afd7c7bcd3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y4lQNOfM%2FmoXL5D6jg1IOhJVqrV3FKY0jcHCwsox3S6nc9EcHc87K6CksbY%2FX4E%2B0nyeYhwKx3WQqKbNcYnpxZerkrB0R5bJJW387j4XDd0Wu0MzdPXazUc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbf042c0d-FRA
icon5.png
y0utube.live/arm1/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon5.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
3264
cf-request-id
07507715f500002c0dc825b000000001
last-modified
Sun, 22 Nov 2020 10:50:16 GMT
server
cloudflare
etag
"cc0-5b4afd7ca0e8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4DVMYhnIZtVy3fY%2Bvf7ypcivKv7zCvK74CEpC6hMrIBSZXW%2B950IpFT1P0A87iPiAra8Zr9fPoQ5Ac3OwqG59WZ4aeOG3KwfrZ6O2Z%2BxuL2aTD%2BHfv1VbMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbf052c0d-FRA
icon7.png
y0utube.live/arm1/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon7.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
3283
cf-request-id
07507715f500002c0d0419f000000001
last-modified
Sun, 22 Nov 2020 10:50:16 GMT
server
cloudflare
etag
"cd3-5b4afd7ca1e2e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=deVZHCENDFa1S7OaCVDNScZ%2BeP%2FtFtZB5FQNlMJ%2FPj8mmbJKFJh8Hs1dCzE42j0P%2B9OAICNaQCfN3VAu%2F%2BoMZ4Kl%2FJbfzjRzI3vj4rulUpswST8tUoo0%2FN0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbf072c0d-FRA
icon8.png
y0utube.live/arm1/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y0utube.live/arm1/img/icon8.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6812:22cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3741
content-length
4064
cf-request-id
07507715f500002c0d1a213000000001
last-modified
Sun, 22 Nov 2020 10:50:16 GMT
server
cloudflare
etag
"fe0-5b4afd7cc6fe9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JONJsdAi058BJr8kgfmhMNwiZvG8K9YjvSx3pCrplH7HYMX44MIP61mQeYPejFQRo9cyQWZB6TOIhfrlV3JQzwtf%2BTfZ762z5g9E7A66iOo2FCgwI7e1ri4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6094279cbf092c0d-FRA
adManager.js
cst.wpu.sh/static/ 		101 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cst.wpu.sh/static/adManager.js
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
4b32956ea4a46b7ae79e9e9979530980bbdc5f933bb3cc9142a4905f0529b786
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Tue, 29 Dec 2020 14:19:12 GMT
Connection
Keep-Alive
Last-Modified
Thu, 24 Dec 2020 13:24:06 GMT
x-amz-meta-s3cmd-attrs
atime:1608816231/ctime:1608816231/gid:0/gname:root/md5:4c68f79b1df34bf5b87e7cde1517b3e4/mode:33188/mtime:1608816208/uid:0/uname:root
x-amz-request-id
tx0000000000000467f3d7f-005feb3991-604235a-fra1a
ETag
"4c68f79b1df34bf5b87e7cde1517b3e4"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1609251552.dop056.fr8.t,1609251552.cds251.fr8.shn,1609251552.cds251.fr8.c
Content-Type
text/plain
X-Amz-Storage-Class
STANDARD
Cache-Control
max-age=3265
x-rgw-object-type
Normal
Strict-Transport-Security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
103310
micro.tag.min.js
ciksolre.net/pfe/current/ 		129 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ciksolre.net/pfe/current/micro.tag.min.js?z=3176204&ymid=91963fnq5wfzw3z3eb&var=1890
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
139.45.196.195 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Dec 2020 14:19:12 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Dec 2020 13:35:40 GMT
Server
nginx
ETag
W/"5fd2242c-20534"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
408
na.nawpush.com/tags/ 		275 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/408
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
0abaef383501a977b2ae834197f0ce45ef6ffbf342ecaadbe2cc018aa5b18e7d

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Dec 2020 14:19:13 GMT
cache-control
max-age=300, public
server
nginx/1.18.0
content-type
application/json
x-proxy-cache
HIT
main.js
sw.wpush.org/script/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpush.org/script/main.js?promo=24247&tcid=4991&src=479876918
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
e616d7845c979aea81925ab5abce47640f385fc189ac57d29357a818e289c422

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Dec 2020 15:19:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
npush.js
sw.swwpush.com/npc/sdk/wpu/ 		139 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.swwpush.com/npc/sdk/wpu/npush.js
Requested by
Host: cst.wpu.sh
URL: https://cst.wpu.sh/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
aa2432a4ea0d37a3fdec18fbf6630bd012483e62eee5edc2f3ff0bddd03a6843

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Dec 2020 15:19:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
natpsdk.js
sw.wpu.sh/ps/ 		138 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sw.wpu.sh/ps/natpsdk.js
Requested by
Host: sw.wpush.org
URL: https://sw.wpush.org/script/main.js?promo=24247&tcid=4991&src=479876918
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
339602aa2d8d42be3fa31a0b611e843ad501d351781698b6a75b588aa2f5c366

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
content-encoding
gzip
server
nginx/1.16.1
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Dec 2020 15:19:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
multy
ntvpwpush.com/in/ 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ntvpwpush.com/in/multy?sid=2521894524&spot_id=157&subid=0&created_at=2020-12-29&site=native-push&timezone_offset=1&wl=0&is_native=1&ver=2.11.1
Requested by
Host: sw.swwpush.com
URL: https://sw.swwpush.com/npc/sdk/wpu/npush.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
168.119.25.22 , United States, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.22.25.119.168.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
1c29600aa3918403a9dd22a72bd03db0fa06444c6dea3bc49e4b5ab36dd38a12

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Dec 2020 14:19:13 GMT
server
nginx/1.18.0
content-length
3421
vary
Origin
content-type
application/json; charset=utf-8
cis.js
vasgenerete.site/npc/sdk/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vasgenerete.site/npc/sdk/cis.js
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
537ab909e8f26426c823f991694d721d1b191cb1261ac408296d87c1d08ed058

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
content-encoding
gzip
last-modified
Thu, 24 Dec 2020 13:03:33 GMT
server
nginx/1.16.1
etag
W/"5fe491a5-1652"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Tue, 29 Dec 2020 15:19:13 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
4991.php
vasgenerete.site/npc/anpc/ 		4 B
198 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vasgenerete.site/npc/anpc/4991.php
Requested by
Host: sw.wpu.sh
URL: https://sw.wpu.sh/ps/natpsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.16.1 / PHP/7.1.28
Resource Hash
d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
server
nginx/1.16.1
x-powered-by
PHP/7.1.28
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
expires
Tue, 29 Dec 2020 15:19:13 GMT
cache-control
max-age=3600
content-length
4
x-proxy-cache
HIT
2cea07a9-07c6-4cdc-9f61-ed5639b016a6
https://y0utube.live/ Frame D209 		655 B
0 		Document
General
Check archive.org
Download Go to
Full URL
blob:https://y0utube.live/2cea07a9-07c6-4cdc-9f61-ed5639b016a6
Requested by
Host: sw.swwpush.com
URL: https://sw.swwpush.com/npc/sdk/wpu/npush.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c98d9f935e9a7da8e03f1ed62dccd40864e186d919c403aff84069d6f7ece780

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
655
Content-Type
text/html
457b8922-7db3-4e74-987f-c65914382f88.png
cdn18383040.ahacdn.me/assets/ 		154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn18383040.ahacdn.me/assets/457b8922-7db3-4e74-987f-c65914382f88.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ebea4e86143cef5555e1a096d074c7e7a42efb3d00f8a7acc028fce93f73e67b

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:13 GMT
server
nginx/1.18.0
vary
Origin
content-type
image/png
access-control-allow-origin
*
expires
Wed, 29 Dec 2021 12:25:25 GMT
cache-control
max-age=31536000
content-length
157232
x-proxy-cache
HIT
truncated
/ 		692 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c55477bf59eb7492347a8ddf46d0c1fe1d5d3cae02d74e514cca631af3ef65f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		862 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e1ca32c4b05ca52e5b8bd614b431294310129c02f7408808367d5d2b244ddb3

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
457b8922-7db3-4e74-987f-c65914382f88.png
cdn18383040.ahacdn.me/assets/
Redirect Chain
  • https://ntvpevents.com/in/show/?mid=2424134355&pid=0&site=native-push&sc=CH&subid=0&sid=2521894524&cid=1200&price=0.0001&is_cpm=0&cpm=0&ecpm=0.0005700000000000001&crid=&crtid=28b093fbb8001b52054df4...
  • https://tcb.pushic.com/v1/track/impression?data=eyJhbGciOiJIUzI1NiJ9.eyJhbCI6ImVuLVVTIiwiaSI6IjMxMTU3OjE4OjI2MTQ1NDA1OTAwODc2MTgzNTY6NDQ1OjI5MDoxMzMwMzAwMjgzNTM2OTg0Njk0Mzo2OjgyMjA4IiwiaXAiOiIxODUu...
  • https://cdn18383040.ahacdn.me/assets/457b8922-7db3-4e74-987f-c65914382f88.png
154 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn18383040.ahacdn.me/assets/457b8922-7db3-4e74-987f-c65914382f88.png
Requested by
Host: y0utube.live
URL: https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
ebea4e86143cef5555e1a096d074c7e7a42efb3d00f8a7acc028fce93f73e67b

Request headers

Referer
https://y0utube.live/arm1/?clickid=91963fnq5wfzw3z3eb&trafficsource=1890
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 29 Dec 2020 14:19:14 GMT
server
nginx/1.18.0
vary
Origin
content-type
image/png
access-control-allow-origin
*
expires
Wed, 29 Dec 2021 12:25:25 GMT
cache-control
max-age=31536000
content-length
157232
x-proxy-cache
HIT

Redirect headers

date
Tue, 29 Dec 2020 14:19:14 GMT
server
nginx/1.16.0
access-control-allow-origin
*
vary
Origin
content-type
text/plain; charset=utf-8
location
https://cdn18383040.ahacdn.me/assets/457b8922-7db3-4e74-987f-c65914382f88.png
access-control-expose-headers
Content-Range
content-length
0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| event object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| pci string| ppi object| _0x1f04 function| _0x5c2b object| ntfcSDK function| setImmediate function| clearImmediate function| _ object| button object| edPushSDK object| regeneratorRuntime function| tcpusher object| __core-js_shared__ object| core function| __fp-init

1 Cookies

Domain/Path Name / Value
.y0utube.live/ Name: __cfduid
Value: dcd875923f751b200b01b99efacb183ad1609251552

1 Console Messages

Source Level URL
Text
console-api info URL: https://cst.wpu.sh/static/adManager.js(Line 1)
Message:
initEvent [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adtrackingflow.com
cdn18383040.ahacdn.me
ciksolre.net
cst.wpu.sh
get.bestdeal2060.info
na.nawpush.com
ntvpevents.com
ntvpwpush.com
sw.swwpush.com
sw.wpu.sh
sw.wpush.org
tcb.pushic.com
tracking.armorads.com
vasgenerete.site
y0utube.live

116.202.204.4
139.45.196.195
168.119.25.22
172.67.183.40
205.185.216.10
213.174.135.1
213.174.135.2
2606:4700:3032::ac43:ddbf
2606:4700:3034::6812:22cf
67.212.184.146
0515ddd9185d263874e7b66bb6d521fcd63b857aac5fed51c08df98026dafe27
0abaef383501a977b2ae834197f0ce45ef6ffbf342ecaadbe2cc018aa5b18e7d
196083352a09a19cf2d4364e3ad406606fedb562f2096c1bef373ff2c485b503
1c29600aa3918403a9dd22a72bd03db0fa06444c6dea3bc49e4b5ab36dd38a12
1e1ca32c4b05ca52e5b8bd614b431294310129c02f7408808367d5d2b244ddb3
339602aa2d8d42be3fa31a0b611e843ad501d351781698b6a75b588aa2f5c366
3a7abff293d71fd8c5a58deacb964b50fe074a6f458575d37abbd367a3a930a1
4b32956ea4a46b7ae79e9e9979530980bbdc5f933bb3cc9142a4905f0529b786
537ab909e8f26426c823f991694d721d1b191cb1261ac408296d87c1d08ed058
5529b6337d0f1edbfc8777209bd3f3f0f4907983a871bdcadcc80c07ad9cd21a
71dd867b705ec64b6c136a4c7f5f8449b5c136f448a590e79244758efeba3be8
9c55477bf59eb7492347a8ddf46d0c1fe1d5d3cae02d74e514cca631af3ef65f
aa2432a4ea0d37a3fdec18fbf6630bd012483e62eee5edc2f3ff0bddd03a6843
aab564e67c47df65ddcb9c4eaa62cd798a51624a3fded9f9b3a1197b460a79c2
b1eec11bfd7416de218bd79a078e2d340e782aa6ceeec530fad0871ab8091474
c0af6cb2280bba97d235dfad7c72d22353a0d2cf277733ce9fc4701df7ed1d5f
c98d9f935e9a7da8e03f1ed62dccd40864e186d919c403aff84069d6f7ece780
d7793d4cf596bc12fd217b5ab3e8a9e7d0266c65c7a1154bd22cebf405ffb582
e616d7845c979aea81925ab5abce47640f385fc189ac57d29357a818e289c422
e9c661cc8adbaa1b9cd4cf65f0ba93a1c24211cb5f94ed0950e0fbc973781718
ea3698c32039a115b03c2528cbb29c3ff97bbd49ad1345d5095e98d1fd0ea8ba
ebea4e86143cef5555e1a096d074c7e7a42efb3d00f8a7acc028fce93f73e67b