Report - y2meta.tube/convert/?videoId=R1aSQY5DxhM

Report Overview

Visited public
2025-01-31 02:44:21
Tags
Submit Tags
URL
y2meta.tube/convert/?videoId=R1aSQY5DxhM
Finishing URL
y2meta.tube/convert/?videoId=R1aSQY5DxhM
IP / ASN
104.21.69.35
#13335 CLOUDFLARENET
Title
Y2Meta - Free YouTube Downloader (1080p, up to 4k)

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
y2meta.tube	unknown	2024-03-08	2024-03-14	2025-01-21	4.0 kB	128 kB	188.114.96.1
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-01-29	911 B	34 kB	104.17.24.14
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-01-29	430 B	114 kB	142.250.74.168
iframe.y2meta-uk.com	unknown	2024-12-03	2024-12-13	2025-01-26	1.6 kB	79 kB	172.67.150.22
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-01-29	433 B	8.1 kB	151.101.129.229
embroiderynaturalistsfighter.com	unknown	2024-12-10	2024-12-13	2025-01-26	1.4 kB	1.7 kB	172.240.108.76
i.ytimg.com	109	2007-12-11	2012-10-03	2025-01-29	444 B	43 kB	216.58.207.214
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-01-29	500 B	20 kB	104.16.79.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-31	medium	embroiderynaturalistsfighter.com	Sinkholed
2025-01-31	medium	embroiderynaturalistsfighter.com	Sinkholed
2025-01-31	medium	embroiderynaturalistsfighter.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js	ScriptElement	88 kB	2023-08-31	2025-06-28
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-31 16:03 Last Seen2025-06-28 03:54 Times Seen42434 Hash 2c872dbe60f4ba70fb85356113d8b35e ee48592d1fff952fcf06ce0b666ed4785493afdc fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a Loading...

	cdn.jsdelivr.net/npm/@iframe-resizer/child	ScriptElement	19 kB	2024-10-25	2025-02-10
Pretty URL cdn.jsdelivr.net/npm/@iframe-resizer/child IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-25 03:27 Last Seen2025-02-10 23:35 Times Seen37 Hash ee23381cff492c537ab9ca5fbad84b4e 019b1158129142d26741dcaf6a4bed7fc5945101 e6984dbc0b9f91ff4fe4b021258c27a2e467e47543c0e0541069c1d095d51c76 Loading...

	iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM	ScriptElement	235 B	2024-12-28	2025-06-13
Pretty URL iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM IP 172.67.150.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-28 23:41 Last Seen2025-06-13 16:42 Times Seen25 Hash 90714eb5a8cf82869f40ac9634b85398 4efb73171fa56e4f28dfbf621d58139286f7376c 52709c00f258d6617c5020f2afecb809e51ae7c18145b77944947ebe433300b0 Loading...

	iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM	ScriptElement	458 B	2024-12-07	2025-03-21
Pretty URL iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM IP 172.67.150.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-07 17:09 Last Seen2025-03-21 02:50 Times Seen39 Hash eee922c433a74100b3b4f24ef6c50667 767ba8d38d6ca1af582319adc33c9921de69dce2 4f8a5b9c96a857efa1541a2cdb013b016d4eca9f3cc3fe67a8a7b09c97f17fe5 Loading...

	unknown	ScriptElement	7.3 kB	2024-12-10	2025-06-13
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-10 12:29 Last Seen2025-06-13 16:42 Times Seen13 Hash b5c0e42e8a06f9e1228d88f298571593 c75ea561861278f4abe440086dcfc0189d7d8983 81da63b0622135a8a966aeb353a563d75f85f5130194709ba2ff5a9a441872e8 Loading...

	unknown	ScriptElement	164 B	2024-09-18	2025-06-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-18 22:51 Last Seen2025-06-22 17:03 Times Seen25 Hash e0f054fc0aceed9f4b1772d25cd86826 55d2001a64474fd5b8ab1d1e85882e72da340467 ae772882e8355aa7f69d3a9b6213dcf49ff86aec36c4dc5b4aac7dfed669977e Loading...

	y2meta.tube/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	ScriptElement	12 kB	2023-03-07	2025-06-28
Pretty URL y2meta.tube/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-06-28 03:53 Times Seen36555 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-06-28
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-06-28 03:53 Times Seen72472 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM	ScriptElement	15 kB	2025-01-31	2025-01-31
Pretty URL iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM IP 172.67.150.22 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-31 02:44 Last Seen2025-01-31 02:44 Times Seen1 Hash 948814a1856b8134088b73323dd1679f fa1094c4352eeee91ef2e9df02ef7c9f27f15222 bfdb6b1ac97951f8fb562c6f36969a063b6eb7e2d1836aa75d32db52f040bf95 Loading...

	cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js	ScriptElement	14 kB	2024-03-16	2025-06-27
Pretty URL cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-16 20:43 Last Seen2025-06-27 06:51 Times Seen85 Hash 8a83e81d3aea465f720c231cb664c392 d7d93abf4f8933b9dc69771ec435a1380c0509fc 961bba18ba488f2f871ba5f306de32b3a42046bfe951e2ba5a2316d5e01df7c9 Loading...

	unknown	ScriptElement	490 B	2024-12-07	2025-02-24
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 17:09 Last Seen2025-02-24 15:39 Times Seen13 Hash b037ec3268d7c7714b61a88150eba875 6c4e1b029e6c058626369fcdc0dd509971e23ae3 492663094b6c937003fe081dd2cf9d3ea8b57018218c574cda7f810e5a8a3b01 Loading...

	www.googletagmanager.com/gtag/js?id=G-E4K5CKXY28	ScriptElement	340 kB	2025-01-31	2025-01-31
Pretty URL www.googletagmanager.com/gtag/js?id=G-E4K5CKXY28 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-31 02:44 Last Seen2025-01-31 02:44 Times Seen1 Hash 6aa4e3f8ea8d47a44bfb5aac26bd5e5d a841c9bda1d09072af1b50df2d8057127ebb1261 865e481bb5425a85c93e92969ab69876f7a5a07750fad6d3aaadf43f584c2ecb Loading...

HTTP Transactions (20)

URL IP Response Size

GET y2meta.tube/fonts/glyphicons-halflings-regular.woff2

188.114.96.1

200 OK

18 kB

URL GET HTTP/3
y2meta.tube/fonts/glyphicons-halflings-regular.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18028, version 1.589
Size
18 kB (18028 bytes)
Hash
448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

HTTP Headers

GET /fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:50 GMT
content-type: font/woff2
content-length: 18028
last-modified: Tue, 19 Mar 2024 13:27:09 GMT
etag: "65f992ad-466c"
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
expires: Fri, 31 Jan 2025 02:44:32 GMT
cache-control: max-age=60
f9host-cache: HIT
cf-cache-status: HIT
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6R29qs%2B9IU%2BTW06cmTU50RqX2IbFAuXTfW1TbMBE8Fp%2Fx8oj6bod9ilEItbgDACM5lC4UrnVbr0A5LDeO6nFj0fLxdYFuxX%2B9bqLN4K%2BWvIe4cDj3TwsIZ4eEhR3mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90a65b437d50b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10281&min_rtt=1426&rtt_var=8100&sent=19&recv=10&lost=0&retrans=0&sent_bytes=11495&recv_bytes=1855&delivery_rate=921479&cwnd=12000&unsent_bytes=0&cid=9ad8ca9d484b6842&ts=428&x=1", cfExtPri, cfHdrFlush;dur=0

GET cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js

104.17.24.14

200 OK

4.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (13839)
Size
4.9 kB (4942 bytes)
Hash
8a83e81d3aea465f720c231cb664c392
d7d93abf4f8933b9dc69771ec435a1380c0509fc
961bba18ba488f2f871ba5f306de32b3a42046bfe951e2ba5a2316d5e01df7c9

HTTP Headers

GET /ajax/libs/iframe-resizer/4.3.9/iframeResizer.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 4942
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "654e4d26-134e"
last-modified: Fri, 10 Nov 2023 15:32:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 13206
expires: Wed, 21 Jan 2026 02:43:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kjjcPc3QM8ZVgJMmzbAlZphWETRnoch6MLlQ9lDn2KjnodCTmsv1UuO6KiMBoRtsrmG4oIlF%2BcaS3uXfxq9VqTnv2%2B%2F6oIfEgBLt48RSKtKImzy7sqjxk2ryl4TzzAO04Id%2FWioQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90a65b443b2256b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET www.googletagmanager.com/gtag/js?id=G-E4K5CKXY28

142.250.74.168

200 OK

113 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-E4K5CKXY28
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint10:26:0A:38:A4:FD:1E:F0:80:EB:EE:D7:0A:8D:41:1D:CB:DB:54:82
ValidityMon, 06 Jan 2025 08:36:08 GMT - Mon, 31 Mar 2025 08:36:07 GMT

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
113 kB (113041 bytes)
Hash
6aa4e3f8ea8d47a44bfb5aac26bd5e5d
a841c9bda1d09072af1b50df2d8057127ebb1261
865e481bb5425a85c93e92969ab69876f7a5a07750fad6d3aaadf43f584c2ecb

HTTP Headers

GET /gtag/js?id=G-E4K5CKXY28 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 31 Jan 2025 02:43:51 GMT
expires: Fri, 31 Jan 2025 02:43:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:838:0
report-to: {"group":"ascgcycc:838:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 113041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET iframe.y2meta-uk.com/images/loading.gif

172.67.150.22

200 OK

12 kB

URL GET HTTP/3
iframe.y2meta-uk.com/images/loading.gif
IP
172.67.150.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
Fingerprint45:64:E7:A8:65:B0:25:F0:81:25:2D:28:A8:21:A7:FE:B2:82:FC:32
ValidityTue, 03 Dec 2024 11:02:23 GMT - Mon, 03 Mar 2025 11:02:22 GMT

File type
GIF image data, version 89a, 160 x 24
Size
12 kB (11689 bytes)
Hash
046677ff48107680705f654c9250c567
c0cbc0b2c8b84014dcfea943e4582c7bd9e79710
4bf7f8d97e7584aeb2932c7313bb7e6266651a22cad37fe16f4239ed7ea1784c

HTTP Headers

GET /images/loading.gif HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: image/gif
content-length: 11689
last-modified: Wed, 25 Dec 2024 09:53:55 GMT
etag: "2da9-62a153532a8bc"
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 1983
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=36zMuvFb1R4%2BsGP%2BaMZiBdXJzUvU0A%2BZg7%2BKr5XT%2Byn%2BFv2jsiPVtVrBhkx2VzMiO9uYrvfwp5jDYpePFPikpvLwoIH6bFwEVNor5yHfiwd%2BztLE6c2y1SLMnKDqEQHlExHHEwzuIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90a65b467ae57130-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5540&min_rtt=4015&rtt_var=2594&sent=12&recv=6&lost=0&retrans=0&sent_bytes=4063&recv_bytes=1422&delivery_rate=146667&cwnd=12000&unsent_bytes=0&cid=0eb271e3ac0d070f&ts=334&x=1", cfExtPri, cfHdrFlush;dur=0

GET iframe.y2meta-uk.com/images/tip-download-youtube.jpg

172.67.150.22

200 OK

19 kB

URL GET HTTP/3
iframe.y2meta-uk.com/images/tip-download-youtube.jpg
IP
172.67.150.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
Fingerprint45:64:E7:A8:65:B0:25:F0:81:25:2D:28:A8:21:A7:FE:B2:82:FC:32
ValidityTue, 03 Dec 2024 11:02:23 GMT - Mon, 03 Mar 2025 11:02:22 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 944x93, components 3
Size
19 kB (19310 bytes)
Hash
f7b6fb7f6294270b95d8c232d6c0ee4a
b4cee6150377cc465ee786b3e64a9b6ef0e3a431
3e3f2f6af1bbe494aed832f33541b0e411a0045a33b870916d05e9019f2b7e0b

HTTP Headers

GET /images/tip-download-youtube.jpg HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: image/jpeg
content-length: 19310
last-modified: Wed, 25 Dec 2024 09:53:55 GMT
etag: "4b6e-62a153532aca4"
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 1983
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G2erAxMGoH3liD2Gbo79ZP4bK3m8bt1hEW6oobIIJTaRwcvxlDFM4JrkwLcg%2F35Gz8aWvbgjku%2B%2Bt6RH92Ix88ibktIto3bgvw16P8bJEwHfBqSMtpOlPmbNMkJuLLrq4Wp7oIkfOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90a65b467ae67130-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5540&min_rtt=4015&rtt_var=2594&sent=22&recv=6&lost=0&retrans=0&sent_bytes=16063&recv_bytes=1422&delivery_rate=146667&cwnd=12000&unsent_bytes=0&cid=0eb271e3ac0d070f&ts=334&x=1", cfExtPri, cfHdrFlush;dur=2

GET cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js

104.17.24.14

200 OK

27 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint00:0E:39:59:53:CF:68:07:90:75:EB:68:26:B9:04:22:44:7D:9A:32
ValidityFri, 24 Jan 2025 09:16:22 GMT - Thu, 24 Apr 2025 10:16:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65447)
Size
27 kB (27446 bytes)
Hash
2c872dbe60f4ba70fb85356113d8b35e
ee48592d1fff952fcf06ce0b666ed4785493afdc
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

HTTP Headers

GET /ajax/libs/jquery/3.7.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://iframe.y2meta-uk.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 27446
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64ed75bb-6b36"
last-modified: Tue, 29 Aug 2023 04:36:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 270207
expires: Wed, 21 Jan 2026 02:43:51 GMT
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CucdNds2vTYNB4RkjMvB8L7I0Dp6rNP1lxJyyLW%2F0epQxiK8SsV0wLjSSUO61mhhoHlHQziBs%2BH7oJs7p8Apn71OyJtcTE7ZZt7tFMfnbZoK2wSkDeSYc22fsuL3%2F8bktiCDL88e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 90a65b468cd756a8-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

GET cdn.jsdelivr.net/npm/@iframe-resizer/child

151.101.129.229

200 OK

7.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@iframe-resizer/child
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint6C:45:F5:9E:D3:37:60:0B:9C:A8:28:29:A4:E6:41:33:BB:2E:76:5C
ValidityTue, 30 Jul 2024 15:36:05 GMT - Sun, 31 Aug 2025 15:36:04 GMT

File type
JavaScript source, ASCII text, with very long lines (18205), with escape sequences
Size
7.4 kB (7363 bytes)
Hash
ee23381cff492c537ab9ca5fbad84b4e
019b1158129142d26741dcaf6a4bed7fc5945101
e6984dbc0b9f91ff4fe4b021258c27a2e467e47543c0e0541069c1d095d51c76

HTTP Headers

GET /npm/@iframe-resizer/child HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.3.2
x-jsd-version-type: version
etag: W/"4a5c-AZsRWBKRQtJnQdyvakvtf8WUUQE"
content-encoding: br
accept-ranges: bytes
age: 6904
date: Fri, 31 Jan 2025 02:43:51 GMT
x-served-by: cache-fra-etou8220050-FRA, cache-hel1410024-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7363
X-Firefox-Spdy: h2

GET embroiderynaturalistsfighter.com/b97c930e23e1666f2b9a8960a6c62227/invoke.js

172.240.108.76

403 Forbidden

0 B

URL GET HTTP/1.1
embroiderynaturalistsfighter.com/b97c930e23e1666f2b9a8960a6c62227/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerLet's Encrypt
Subjectembroiderynaturalistsfighter.com
FingerprintD1:BE:37:FD:37:D3:50:B7:EE:86:A1:1E:D1:B9:BC:D5:01:B9:F1:43
ValidityTue, 10 Dec 2024 08:27:55 GMT - Mon, 10 Mar 2025 08:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b97c930e23e1666f2b9a8960a6c62227/invoke.js HTTP/1.1
Host: embroiderynaturalistsfighter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 31 Jan 2025 02:43:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: embroiderynaturalistsfighter.com

GET embroiderynaturalistsfighter.com/36c121257645a346bea6b4ffc9e8866b/invoke.js

192.243.59.20

403 Forbidden

0 B

URL GET HTTP/1.1
embroiderynaturalistsfighter.com/36c121257645a346bea6b4ffc9e8866b/invoke.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerLet's Encrypt
Subjectembroiderynaturalistsfighter.com
FingerprintD1:BE:37:FD:37:D3:50:B7:EE:86:A1:1E:D1:B9:BC:D5:01:B9:F1:43
ValidityTue, 10 Dec 2024 08:27:55 GMT - Mon, 10 Mar 2025 08:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /36c121257645a346bea6b4ffc9e8866b/invoke.js HTTP/1.1
Host: embroiderynaturalistsfighter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Fri, 31 Jan 2025 02:43:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: embroiderynaturalistsfighter.com

GET i.ytimg.com/vi/R1aSQY5DxhM/0.jpg

216.58.207.214

200 OK

42 kB

URL GET HTTP/2
i.ytimg.com/vi/R1aSQY5DxhM/0.jpg
IP
216.58.207.214:443
ASN
#15169 GOOGLE

Requested by
https://iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjectedgestatic.com
Fingerprint55:33:E3:06:F2:36:D6:2C:33:6E:30:60:6A:3C:B3:04:36:6F:AB:F0
ValidityMon, 06 Jan 2025 08:36:07 GMT - Mon, 31 Mar 2025 08:36:06 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
42 kB (41927 bytes)
Hash
f650ef938cbb1b8a6b2a41713d523762
c2a991b8d41b9c4fba008f31e4462095ad84007e
95098b040b69c049ecc998d9f4a4a305735bf262e0ace1b8c120467e71322efc

HTTP Headers

GET /vi/R1aSQY5DxhM/0.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://iframe.y2meta-uk.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 41927
date: Fri, 31 Jan 2025 02:43:51 GMT
expires: Fri, 31 Jan 2025 02:48:51 GMT
cache-control: public, max-age=300
etag: "1738108747"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET embroiderynaturalistsfighter.com/b97c930e23e1666f2b9a8960a6c62227/invoke.js

172.240.108.76

403 Forbidden

0 B

URL GET HTTP/1.1
embroiderynaturalistsfighter.com/b97c930e23e1666f2b9a8960a6c62227/invoke.js
IP
172.240.108.76:443
ASN
#7979 SERVERS-COM

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerLet's Encrypt
Subjectembroiderynaturalistsfighter.com
FingerprintD1:BE:37:FD:37:D3:50:B7:EE:86:A1:1E:D1:B9:BC:D5:01:B9:F1:43
ValidityTue, 10 Dec 2024 08:27:55 GMT - Mon, 10 Mar 2025 08:27:54 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b97c930e23e1666f2b9a8960a6c62227/invoke.js HTTP/1.1
Host: embroiderynaturalistsfighter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Server: nginx/1.21.6
Date: Fri, 31 Jan 2025 02:43:52 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: embroiderynaturalistsfighter.com

POST y2meta.tube/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/3
y2meta.tube/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1326
Origin: https://y2meta.tube
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Fri, 31 Jan 2025 02:43:52 GMT
access-control-allow-origin: https://y2meta.tube
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 90a65b4b2a60b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET y2meta.tube/images/favicon-16x16.png

188.114.96.1

200 OK

1.7 kB

URL GET HTTP/3
y2meta.tube/images/favicon-16x16.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type
gzip compressed data, from Unix
Size
1.7 kB (1736 bytes)
Hash
83f5323769f346f89dc0ce1320751c27
2dc8043c8113399d25c003213cf501294167b239
d09d7fb733df51f79cc24ac0d5481057b8f6e07fe1819e39c3128792051fb97f

HTTP Headers

GET /images/favicon-16x16.png HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 19 Mar 2024 13:18:40 GMT
etag: W/"65f990b0-4ed"
expires: Fri, 31 Jan 2025 02:43:58 GMT
cache-control: max-age=60
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
f9host-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byPhhyHft%2BA78TPlBNmqPA%2FQ4Vm7hUC2h7cfCuVAa1dN5An8cHxbMXsFzaxdHmfGlywYPUzTN5ib1dZY3CBao8vT25%2B%2BhG6x6Uwa7lwajRrUEEOUzvhWyIwaAXtJNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90a65b46bfbbb517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8573&min_rtt=1426&rtt_var=7443&sent=48&recv=14&lost=0&retrans=0&sent_bytes=41804&recv_bytes=2553&delivery_rate=1526388&cwnd=24000&unsent_bytes=0&cid=9ad8ca9d484b6842&ts=950&x=1", cfExtPri, cfHdrFlush;dur=0

POST y2meta.tube/cdn-cgi/rum?

188.114.96.1

204 No Content

0 B

URL POST HTTP/3
y2meta.tube/cdn-cgi/rum?
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cdn-cgi/rum? HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 811
Origin: https://y2meta.tube
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/3 204 No Content
date: Fri, 31 Jan 2025 02:44:19 GMT
access-control-allow-origin: https://y2meta.tube
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 90a65bf2dc36b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff

GET iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM

172.67.150.22

200 OK

45 kB

URL GET HTTP/2
iframe.y2meta-uk.com/metaindex.php?videoId=R1aSQY5DxhM
IP
172.67.150.22:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta-uk.com
Fingerprint45:64:E7:A8:65:B0:25:F0:81:25:2D:28:A8:21:A7:FE:B2:82:FC:32
ValidityTue, 03 Dec 2024 11:02:23 GMT - Mon, 03 Mar 2025 11:02:22 GMT

File type

Size
45 kB (44644 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /metaindex.php?videoId=R1aSQY5DxhM HTTP/1.1
Host: iframe.y2meta-uk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
vary: Accept-Encoding
access-control-allow-methods: GET, POST
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pkuW%2F46wch26kKJwcasJ3wYu1ESltLw9ls6HEP29Kc3Bb%2B1fYwJKeJ3ZNMJMUkGkc5v73UbHsn7LyiqYmT%2FzJpOwoB1xRBS9bdpx6oeU5m2UocrRc4cFf49oxFRI2gax7zeerbhVCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90a65b43cdaa568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5851&min_rtt=445&rtt_var=10800&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1303&delivery_rate=6581818&cwnd=240&unsent_bytes=0&cid=c62d0abd6b33e692&ts=98&x=0"
X-Firefox-Spdy: h2

GET y2meta.tube/convert/?videoId=R1aSQY5DxhM

188.114.96.1

200 OK

77 kB

URL User Request GET HTTP/2
y2meta.tube/convert/?videoId=R1aSQY5DxhM
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type

Size
77 kB (77301 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /convert/?videoId=R1aSQY5DxhM HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 31 Jan 2025 02:43:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
f9host-cache: MISS
last-modified: Fri, 31 Jan 2025 02:43:17 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rMK1rP9qtsrXKPZavWhoe85pQrRuPINBiUI%2F0ESOrt3nZoSMTGSJlKil7SYBctpulhILiNCGry1Gt6ngwJSPyTITrBd8mLahYIZhxxLh%2B62qWI8eLOHYzqAr91NFQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90a65b40bfa37127-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=5555&min_rtt=476&rtt_var=10132&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3196&recv_bytes=1144&delivery_rate=6571860&cwnd=254&unsent_bytes=0&cid=4ffca98dcb64cd23&ts=57&x=0"
X-Firefox-Spdy: h2

GET y2meta.tube/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
y2meta.tube/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type
JavaScript source, ASCII text, with very long lines (12331)
Size
12 kB (12332 bytes)
Hash
88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:50 GMT
content-type: application/javascript
last-modified: Fri, 24 Jan 2025 17:54:44 GMT
etag: W/"6793d3e4-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3jk6FvNekFxEp4eXRw%2Bz%2BCSNSwX8ccO8j7srsrQFGr2nya34cAD6AS9pMQN6L650m%2Fv8xQffq6uOiBXSJD5OkmWEnxp5PbseAosFx2m9bFhhOJ8gOwuRs%2FGaeiJoIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90a65b434d29b517-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sun, 02 Feb 2025 02:43:50 GMT
cache-control: max-age=172800, public
content-encoding: gzip

GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET HTTP/2
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
Fingerprint68:D3:62:56:06:F9:32:39:3B:2D:19:7E:B1:45:4B:2C:76:5F:73:C6
ValidityMon, 30 Dec 2024 10:58:15 GMT - Sun, 30 Mar 2025 11:58:10 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://y2meta.tube
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 31 Jan 2025 02:43:50 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 90a65b436ae87131-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

GET y2meta.tube/images/apple-touch-icon.png

188.114.96.1

200 OK

10 kB

URL GET HTTP/3
y2meta.tube/images/apple-touch-icon.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced
Size
10 kB (9958 bytes)
Hash
34fbedf76ef8ff8c0da9df3a1452ad7a
6fc410b177317924609ef049072e05fed3696ae7
9eaa3ad172f8b1df289ad35827f4cf337840a410d1cb4cb7e61d062e7e885ade

HTTP Headers

GET /images/apple-touch-icon.png HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:51 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 19 Mar 2024 13:18:40 GMT
etag: W/"65f990b0-26e6"
expires: Fri, 31 Jan 2025 02:43:58 GMT
cache-control: max-age=60
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
f9host-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jw5XE3fEgmXu0hO%2B7DWGrEw2P2aoIE19aGtVJIQw7sJcdOY9ZOuZ9O%2Fb9Ss7ORysKo6rzKEJIJY4otaIeu5C6QHmL9L06mwqflLamDtQWGKrtPYuVykTeco21lMR%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90a65b46bfb8b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8573&min_rtt=1426&rtt_var=7443&sent=38&recv=14&lost=0&retrans=0&sent_bytes=30804&recv_bytes=2553&delivery_rate=1526388&cwnd=24000&unsent_bytes=0&cid=9ad8ca9d484b6842&ts=950&x=1", cfExtPri, cfHdrFlush;dur=0

GET y2meta.tube/images/logo.png

188.114.96.1

200 OK

2.1 kB

URL GET HTTP/3
y2meta.tube/images/logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Certificate
IssuerGoogle Trust Services
Subjecty2meta.tube
Fingerprint4E:CC:07:22:B6:F0:8F:86:B3:80:A9:C0:FA:08:20:DD:57:87:8C:F7
ValidityFri, 03 Jan 2025 09:15:45 GMT - Thu, 03 Apr 2025 10:14:15 GMT

File type
PNG image data, 96 x 96, 8-bit colormap, non-interlaced
Size
2.1 kB (2058 bytes)
Hash
2755b17e971d55e706f6f7f0952ac726
0a5f46f2841d0e1ba5eb0b21e6f6ea2bb8708eaf
95e4ab2b3c91579bd31e04bcecb3813ee485afe6f2f3c4fb3df5f5857118475c

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: y2meta.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://y2meta.tube/convert/?videoId=R1aSQY5DxhM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 31 Jan 2025 02:43:50 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Tue, 02 Apr 2024 06:50:55 GMT
etag: W/"660baacf-80a"
expires: Fri, 31 Jan 2025 02:44:01 GMT
cache-control: max-age=60
x-powered-by: https://f9host.com
x-frame-options: SAMEORIGIN
f9host-cache: HIT
content-encoding: gzip
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKRBHfTZZT3lbB6hXGYHJJ66ss8Smoz9tnTw8ikBrvhvhsbTJLjjwQ23ShJeilcYs3zU5vrdP9zSigzVp1FIRwewiOzjrTepq5NDVl1k36pq5aEs0T%2FiGf1%2FYQsPTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90a65b434d28b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11353&min_rtt=1426&rtt_var=7940&sent=16&recv=9&lost=0&retrans=0&sent_bytes=8593&recv_bytes=1812&delivery_rate=13084&cwnd=12000&unsent_bytes=0&cid=9ad8ca9d484b6842&ts=395&x=1", cfExtPri, cfHdrFlush;dur=0

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash