n02hw19300.youtulbe.biz Open in urlscan Pro
2606:4700:3032::ac43:88ac  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://w9sqxt3ycw.youtulbe.biz/ Page URL
2. https://2cavw0hdhc.youtulbe.biz/?cnv_id=undefined Page URL
3. https://wd2gb9u3m8.youtulbe.biz/?cnv_id=undefined Page URL
4. https://n02hw19300.youtulbe.biz/?cnv_id=undefined Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response w9sqxt3ycw.youtulbe.biz/	14 KB 6 KB	316ms 257ms	Document text/html	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://w9sqxt3ycw.youtulbe.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3f4ab4c10239bac79566c189c16e434f50bc49fb013cfb0d8bc5010db9546382 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cc787783a60bad0-MXP content-encoding br content-type text/html; charset=UTF-8 date Wed, 24 May 2023 18:16:20 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9sr25%2FqdkG1mYBF7UzT9VDdGAHBZ5GMpDDXIzelkrZ%2FiLvN0UisKkZVIBDUzcxxio9egaSfyhc0bPfW0XsfHrSt7tLB0UytD8gdZRIebYafwTrBieKfLdpIi442S0X5rO74nEXHO%2Fsg6KElg2w3tASTlmcCmYw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	500ms 488ms	Script application/javascript	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Requested by Host: w9sqxt3ycw.youtulbe.biz URL: https://w9sqxt3ycw.youtulbe.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language it-IT,it;q=0.9 Referer https://w9sqxt3ycw.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:21 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BvHgg3QaYLy4YVw7Zp%2BP4R6qOANyqYFnf70YzhAdR88I2SJ0CljDfR7ru7S9r6q3qTYQgxRs%2BTabC%2BOC6dWyvRGWc%2Brvi03Lt9VTusXQywz%2FEanelM48j4yzui4LLfNsNB31QjyNhx27cE%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7cc7877a0df7bad0-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 259 B	105ms 32ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=w9sqxt3ycw.youtulbe.biz&var=null&ymid=null&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://w9sqxt3ycw.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id b88161350d545f759dfc3a31b07f51e4 date Wed, 24 May 2023 18:16:16 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://w9sqxt3ycw.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 550 B	174ms 55ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=null&var=null Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a373c040af4a5fea23bea43e6b8586f371e617528c342f775fade5d18b7f50d1 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://w9sqxt3ycw.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://w9sqxt3ycw.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	912 B 1 KB	208ms 50ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=w9sqxt3ycw.youtulbe.biz&var=null&ymid=null&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=null&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://w9sqxt3ycw.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 4bdef51407716747b0f4b65b5d97a98d date Wed, 24 May 2023 18:16:21 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://w9sqxt3ycw.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 912
GET		InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs gbhzex.com/gosl/	0 0
GET H2	200	/ Show response 2cavw0hdhc.youtulbe.biz/	14 KB 5 KB	493ms 482ms	Document text/html	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://2cavw0hdhc.youtulbe.biz/?cnv_id=undefined Requested by Host: w9sqxt3ycw.youtulbe.biz URL: https://w9sqxt3ycw.youtulbe.biz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f167623b2093ac471fa8de688780f16baea8ad6e229456d5f6b6dcbeb88e7fce Request headers Referer https://w9sqxt3ycw.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cc7877e8e98bad0-MXP content-encoding br content-type text/html; charset=UTF-8 date Wed, 24 May 2023 18:16:21 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6t1BRQ6Kvq2Nw8zih%2Bk1wzae64CBduAqNBvfKuJRSa%2BOXjg4laobSn8hX5nKaOvaTES2v6wqatbGDOSSolDW7KQmk3HXKpH19S4V1Ur7Zi2HcGPK2m8bHRO%2FSj7NcsMMFGyc6jF4bDEQ18Mxw7AS3hU7vSF6w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	703ms 702ms	Script application/javascript	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Requested by Host: 2cavw0hdhc.youtulbe.biz URL: https://2cavw0hdhc.youtulbe.biz/?cnv_id=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language it-IT,it;q=0.9 Referer https://2cavw0hdhc.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:22 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TshsRT3YCArVrJwFNcANb37lgMhYIZKsgLOShxmbOLCtrqPKX6AvT50r7daXjRX407z%2FJctwtwbsw0aL81zZlfsI4CBjidcsu7n8nkxbSnXu1uryEKHk3PpEnhXTLb5kgvrULbuaEnQX5MM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7cc78781ad15bad0-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	34ms 33ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2cavw0hdhc.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://2cavw0hdhc.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 2e2a196fa9c47bba317d7a1a9f1daa64 date Wed, 24 May 2023 18:16:17 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://2cavw0hdhc.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 549 B	40ms 39ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a373c040af4a5fea23bea43e6b8586f371e617528c342f775fade5d18b7f50d1 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://2cavw0hdhc.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:22 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://2cavw0hdhc.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	912 B 1 KB	49ms 48ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=2cavw0hdhc.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://2cavw0hdhc.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 0bd6543d1fb0e5ede14a40b7e7945d2f date Wed, 24 May 2023 18:16:22 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://2cavw0hdhc.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 912
GET		InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs gbhzex.com/gosl/	0 0
GET H2	200	/ Show response wd2gb9u3m8.youtulbe.biz/	14 KB 5 KB	506ms 483ms	Document text/html	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wd2gb9u3m8.youtulbe.biz/?cnv_id=undefined Requested by Host: 2cavw0hdhc.youtulbe.biz URL: https://2cavw0hdhc.youtulbe.biz/?cnv_id=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f167623b2093ac471fa8de688780f16baea8ad6e229456d5f6b6dcbeb88e7fce Request headers Referer https://2cavw0hdhc.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cc78786bda4bad0-MXP content-encoding br content-type text/html; charset=UTF-8 date Wed, 24 May 2023 18:16:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJTMXHSSKM%2F5yRBQvn4ohIHcoDL8bPBMD%2BRnCsjio%2FQX8fUI9sPz2D5BWd7xzpDGgxg1vSaehswpT22yC8ww0X2N5D2MGj8Evkb81zH%2FP4JL1x%2FLhmmr2RkofXHqX1O%2BVrKSI3WNjrdSEHkrrju3uXPWxKsSyQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	713ms 712ms	Script application/javascript	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Requested by Host: wd2gb9u3m8.youtulbe.biz URL: https://wd2gb9u3m8.youtulbe.biz/?cnv_id=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language it-IT,it;q=0.9 Referer https://wd2gb9u3m8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:24 GMT content-encoding br cf-cache-status MISS last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JG6knbkTP5iPGxhJ8AuPesyMJLWCL7BstP6tgrlTJmND0qWignvxaCrtwalIjRugu5KFeRrMo8QfVAJxN%2B2JhlLMIfqQe2ask7zAptiKqUEyiKnlJwhQIPNhfu23dakgtjhLc4OzXbe5sck%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7cc78789d8390d69-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	40ms 40ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=wd2gb9u3m8.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://wd2gb9u3m8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 2663ce8871c1b1388193f75d545870e0 date Wed, 24 May 2023 18:16:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://wd2gb9u3m8.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 550 B	34ms 34ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a373c040af4a5fea23bea43e6b8586f371e617528c342f775fade5d18b7f50d1 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://wd2gb9u3m8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://wd2gb9u3m8.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	912 B 1 KB	47ms 46ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=wd2gb9u3m8.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://wd2gb9u3m8.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 075be66496ffcb4ecf7fb60c3fcd6668 date Wed, 24 May 2023 18:16:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://wd2gb9u3m8.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 912
GET		InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs gbhzex.com/gosl/	0 0
GET H2	200	Primary Request / Show response n02hw19300.youtulbe.biz/	14 KB 5 KB	269ms 258ms	Document text/html	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://n02hw19300.youtulbe.biz/?cnv_id=undefined Requested by Host: wd2gb9u3m8.youtulbe.biz URL: https://wd2gb9u3m8.youtulbe.biz/?cnv_id=undefined Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f167623b2093ac471fa8de688780f16baea8ad6e229456d5f6b6dcbeb88e7fce Request headers Referer https://wd2gb9u3m8.youtulbe.biz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language it-IT,it;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7cc7878ecc9dbad0-MXP content-encoding br content-type text/html; charset=UTF-8 date Wed, 24 May 2023 18:16:24 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAdf6cGvyej82c0IoRmQFY3sjnHwNowWECtt%2FYvsQ3lw0yweVpAdlCkx8eVVLDd5Pg4w76O8qgni8JCgo0mPEXx6quMFVZoirBQYcDuBuXOpXUYIbuI0D5PsyXSli9Bg%2FWncEwOzVWyBRFfbKB0eQhNXYE3g6w%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	micro.tag.min.js Show response youtulbe.biz/	77 KB 25 KB	37ms 37ms	Script application/javascript	2606:4700:3032::ac43:88ac CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Requested by Host: n02hw19300.youtulbe.biz URL: https://n02hw19300.youtulbe.biz/?cnv_id=undefined Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3032::ac43:88ac , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1 Request headers accept-language it-IT,it;q=0.9 Referer https://n02hw19300.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:24 GMT content-encoding br cf-cache-status HIT last-modified Thu, 14 Jul 2022 15:59:06 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1 etag W/"62d03d4a-133cd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sDXCC%2B9JI9wdJ7w8pnHpFYnqlJI%2Bq54lu2dVQm9bLIbIh%2B6a13AsQWCvDa590bMtM5LSAQ6FOjtH4t%2Bw0NiR8CTm1%2FJ33qy6TLHpcVAa4%2BcCw0C%2B1U6gk0huRPqIH2Y2Yxx8ppCqdb92g8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 cache-control max-age=315360000 cf-ray 7cc78790fe960d69-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	zone ugyplysh.com/	0 258 B	32ms 32ms	Ping text/plain	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=n02hw19300.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=prerequest Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://n02hw19300.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 50bd30231ad237a181853cc3f23762a1 date Wed, 24 May 2023 18:16:19 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-origin https://n02hw19300.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 0
GET H2	200	gid.js Show response my.rtmark.net/	65 B 550 B	37ms 36ms	Fetch application/json	139.45.195.8 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://my.rtmark.net/gid.js?pub=0&userId=&zoneId=5137789&checkDuplicate=true&ymid=undefined&var=null Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash a373c040af4a5fea23bea43e6b8586f371e617528c342f775fade5d18b7f50d1 Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://n02hw19300.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 24 May 2023 18:16:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json; charset=utf-8 access-control-allow-origin https://n02hw19300.youtulbe.biz access-control-expose-headers Authorization access-control-allow-credentials true timing-allow-origin *, * access-control-allow-headers Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token content-length 65
GET H2	200	zone ugyplysh.com/	912 B 1 KB	46ms 46ms	Fetch application/json	139.45.197.253 RETN-AS
General Check archive.org Show headers Download Go to Full URL https://ugyplysh.com/zone?&pub=0&zone_id=5137789&is_mobile=false&domain=n02hw19300.youtulbe.biz&var=null&ymid=undefined&var_3=&dsig=&action=settings Requested by Host: youtulbe.biz URL: https://youtulbe.biz/micro.tag.min.js?z=5137789&cdn=1&ymid=undefined&var=null&sw=/sw-check-permissions-local-5137789.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 139.45.197.253 , United Kingdom, ASN9002 (RETN-AS, GB), Reverse DNS Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=1 X-Content-Type-Options nosniff Request headers accept-language it-IT,it;q=0.9 Referer https://n02hw19300.youtulbe.biz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-trace-id 7e1f8bc132fc3727ecf45e24fcb64eca date Wed, 24 May 2023 18:16:24 GMT strict-transport-security max-age=1 x-content-type-options nosniff server nginx content-type application/json; charset=utf-8 access-control-allow-origin https://n02hw19300.youtulbe.biz access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept content-length 912
GET		InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs gbhzex.com/gosl/	0 0
GET		/ 03ihr3e3u8.youtulbe.biz/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

gbhzex.com

URL

https://gbhzex.com/gosl/InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs?si1=&click_id=

Domain

gbhzex.com

URL

https://gbhzex.com/gosl/InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs?si1=&click_id=undefined

Domain

gbhzex.com

URL

https://gbhzex.com/gosl/InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs?si1=&click_id=undefined

Domain

gbhzex.com

URL

https://gbhzex.com/gosl/InNpZCI6MTE1MjE1Niwic21hcnRsaW5rIjp0cnVlfQ==eyJwaWQiOjEwMjAzNTUs?si1=&click_id=undefined

Domain

03ihr3e3u8.youtulbe.biz

URL

https://03ihr3e3u8.youtulbe.biz/?cnv_id=undefined

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			my.rtmark.net/	1970-01-20 20:48:08	Name: ID Value: 6192c764b5d84aaf9310e2b4d8261077

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03ihr3e3u8.youtulbe.biz
2cavw0hdhc.youtulbe.biz
gbhzex.com
my.rtmark.net
n02hw19300.youtulbe.biz
ugyplysh.com
w9sqxt3ycw.youtulbe.biz
wd2gb9u3m8.youtulbe.biz
youtulbe.biz
03ihr3e3u8.youtulbe.biz
gbhzex.com
139.45.195.8
139.45.197.253
2606:4700:3032::ac43:88ac
0b5b28e6ae35f80268f88464e3a380338becd3d9d0cf0c9b3807a9ceb9cc89f1
3f4ab4c10239bac79566c189c16e434f50bc49fb013cfb0d8bc5010db9546382
a373c040af4a5fea23bea43e6b8586f371e617528c342f775fade5d18b7f50d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f167623b2093ac471fa8de688780f16baea8ad6e229456d5f6b6dcbeb88e7fce