Report - rtfy.link/youtuber

Report Overview

Visited public
2023-12-05 07:59:20
Tags
URL
rtfy.link/youtuber
Finishing URL
youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==#1701763149782
IP / ASN
199.192.18.103
#22612 NAMECHEAP-NET
Title
Paid video viewing

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
youtuber-cash.life	unknown	2023-04-13	2023-04-13 20:27:25	2023-12-01 11:30:50	21 kB	1.2 MB	172.67.145.179
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-05 06:24:59	437 B	92 kB	142.250.74.168
img.youtube.com	3087	2005-02-15	2012-05-30 09:03:49	2023-12-04 05:12:58	3.7 kB	240 kB	142.250.74.142
youtuber-cash.autos	unknown	2023-04-13	2023-04-13 16:57:45	2023-11-15 01:48:35	456 B	40 kB	188.114.97.1
hm.baidu.com	8254	1999-10-11	2012-05-26 10:38:45	2023-12-04 07:51:07	1.2 kB	12 kB	103.235.46.191
globvisit.ru	unknown	2023-09-05	2023-09-06 01:07:52	2023-11-29 08:33:16	408 B	95 kB	82.146.62.11
rtfy.link	unknown	2021-09-21	2021-09-24 01:51:33	2023-08-17 11:25:41	400 B	1.5 kB	199.192.18.103
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-05 08:15:49	447 B	34 kB	142.250.74.74
ulogin.ru	167418	2011-08-16	2012-05-21 20:56:43	2023-12-03 15:57:30	2.1 kB	32 kB	95.163.118.168
youtuber-cash.buzz	unknown	2023-04-13	2023-04-13 16:53:14	2023-11-13 12:12:44	455 B	18 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-05 07:59:07	low	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (e .vg)
2023-12-05 07:59:07	low	Client IP	Internal IP	ET INFO URL Shortening Service Domain in DNS Lookup (e .vg)
2023-12-05 07:59:07	low	Client IP	188.114.97.1	ET INFO Observed URL Shortening Service Domain (e .vg in TLS SNI)
2023-12-05 07:59:08	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-12-05 07:59:08	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD
2023-12-05 07:59:08	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .life TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.buzz	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.autos	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed
2023-12-05	medium	youtuber-cash.life	Sinkholed

ThreatFox

No alerts detected

JavaScript (25)

	URL	From	Size	First Seen	Last Seen
	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	258 B	2023-03-07	2024-08-21
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2024-08-21 08:00 Times Seen12 Hash 2dc03e7a67563c3bcb66bae1d2a6066b 81e457925ff8ceb41b5c91292fa3af2ecf5d9302 d66fa0e95adabc0589398225d628595ab9dc0a43bd523d33ec32a6851f9dc4e2 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-09
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 11:25 Times Seen54729 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	153 B	2023-05-06	2024-10-13
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-06 11:02 Last Seen2024-10-13 12:17 Times Seen173 Hash 30ee3cc1beca0025f0f64be1cb28d31c 34a89a8839a0b3a115ee2436673caae40d06dd51 0cb08f9108a49933666be18f58239c20c1efddada89991a10335a7fce36c16e6 Loading...

	youtuber-cash.life/js/lan/lan.php	ScriptElement	628 B	2023-03-07	2024-10-13
Pretty URL youtuber-cash.life/js/lan/lan.php IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2024-10-13 12:17 Times Seen173 Hash 9e9e628fdce32452755dad2e4f388f7f f2a02a1aa82445126727d61b8e0e314a862c816a ab709d86df679c39e2e41fa6297812b44469462e11ce61532e36ce812921e879 Loading...

	unknown	DomTimer	140 B	2023-05-06	2024-10-13
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2023-05-06 11:02 Last Seen2024-10-13 12:17 Times Seen73 Hash d27177b680d8056835ed1345dc9b53ab efe9ac9096e0a799f6a4b9b3700e9cb2c207b6cf 51ce1d424b5f31a1d634dec99b7274a67340da612008c5a8bbd2551ce64bb8ff Loading...

	unknown	Function	393 B	2024-08-20	2024-08-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-08-20 16:43 Last Seen2024-08-20 16:43 Times Seen1 Hash 2c9fbc3908c8204e7eaf313471063c37 ac072979ff011adc259a285e19821c8bfa6babc4 261321967bb10a687eb026184f2bf3da254b249b1298bce74163cb8a05aa7c7e Loading...

	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	1.3 kB	2023-03-07	2024-10-13
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2024-10-13 12:17 Times Seen73 Hash df094ed3712ef2f5b7b956602389f547 b01cd227810318959a8d14cbbc1da5162643a33b cc0d766f6aa27ef12c60faf8e8f50f714aad537a8622a7024fc9919577bc9611 Loading...

	ulogin.ru/js/easyXDM.min.js?version=js.2.0.0	ScriptElement	20 kB	2023-04-09	2025-05-08
Pretty URL ulogin.ru/js/easyXDM.min.js?version=js.2.0.0 IP 95.163.118.168 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 00:17 Last Seen2025-05-08 17:09 Times Seen387 Hash 6fa48ec324dbccca80f14910397e60e8 1c97fc64b6cc2f10ad5ce55a4fe8e62d47fea8ee c84b8c0bc98026b6fee19c1b5c15588ac5446be3d78bb63eeb21068edaa3f79f Loading...

	connect.facebook.net/en_US/sdk.js	ScriptElement	17 kB	2023-05-05	2025-05-09
Pretty URL connect.facebook.net/en_US/sdk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-09 11:25 Times Seen54129 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	youtuber-cash.life/js/commonscripts.js	ScriptElement	8.4 kB	2023-03-07	2025-02-01
Pretty URL youtuber-cash.life/js/commonscripts.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-02-01 18:14 Times Seen196 Hash 220adf9ab310605e97c481423117cea7 582f4fadaf1d063b7adda22cbb5e69edade4dfa8 bfebf68864e9544eabe13976ba8a5689524fa8359d44646fdb4e9bae224e29b3 Loading...

	youtuber-cash.life/js/toastr.min.js	ScriptElement	6.1 kB	2023-03-07	2025-05-06
Pretty URL youtuber-cash.life/js/toastr.min.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 13:10 Times Seen221 Hash 4822c7d98e89e261b45df416647295ec 957833ae299746075a067de43c71ac21532f48b9 18274a4028a196c65140384e38867f2b5609e5a0074beadfac39529764199b18 Loading...

	www.googletagmanager.com/gtag/js?id=G-4474Z9PLQE	ScriptElement	274 kB	2023-12-05	2023-12-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-4474Z9PLQE IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 08:59 Last Seen2023-12-05 08:59 Times Seen1 Hash 686a4d79dd8257a565b8d732639dd091 8ee7803a7a77a8559c7bec062652d5b23442eaaa 4a5fcea31fb9aacd052ba0799d19f1ade8ee336d55a089da6ba8731558eda44a Loading...

	globvisit.ru/one/	ScriptElement	94 kB	2023-12-05	2023-12-05
Pretty URL globvisit.ru/one/ IP 82.146.62.11 ASN #29182 JSC IOT Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 08:59 Last Seen2023-12-05 08:59 Times Seen1 Hash a517ac695367ca6fd097690687989b45 7ac00e8792a3389731a67f5d354c0c2f3bd6dbea f778f4649bec29fc6d138691ae6b31e32d745d3bd5e1ddc90f9a5dda01ce9076 Loading...

	ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1 IP 95.163.118.168 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 12:25 Times Seen4635852 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	Function	37 B	2023-04-11	2025-05-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:49 Last Seen2025-05-09 12:24 Times Seen34482 Hash 1c5c9160600df2d96d69a4ea16cec7ed 3cf678c9135cc952ba6970ef545035bb757a443f a3520fe88e248d2b6c9c6db93309a037ef969fe297208e5bd7e49a55bb32c808 Loading...

	youtuber-cash.life/js/geterrorcodes.js?new	ScriptElement	4.8 kB	2023-03-07	2025-02-01
Pretty URL youtuber-cash.life/js/geterrorcodes.js?new IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-02-01 18:14 Times Seen196 Hash c5d18789f0812ccdaaa453fc9335a6a9 a4910a4302a3e1b6aeb89144f8af60b0438fbff8 2e4c579c2dac40753f691af41796d05f998c0bccffff0ebf43f28bfed3ebe3d6 Loading...

	ulogin.ru/js/ulogin.js	ScriptElement	56 kB	2023-10-21	2023-12-12
Pretty URL ulogin.ru/js/ulogin.js IP 95.163.118.168 ASN #12695 LLC Digital Network Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-21 21:04 Last Seen2023-12-12 16:59 Times Seen43 Hash 1941cecced0807e4cac9d4943a1903fa 1a9f9773386b1c2ab3d1b981366644644eee9689 32f8480a6fce7dccb9cee093825d5e8a4258cbca0cc770baa898ab68d80aeca8 Loading...

	youtuber-cash.life/js/jquery.min.js	ScriptElement	87 kB	2023-03-07	2025-05-07
Pretty URL youtuber-cash.life/js/jquery.min.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-07 22:52 Times Seen59048 Hash a46fb81762396b7bf2020774a2fb4d9e fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7 d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d Loading...

	youtuber-cash.life/js/vendors.min.js	ScriptElement	377 kB	2023-03-07	2024-12-10
Pretty URL youtuber-cash.life/js/vendors.min.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10 Last Seen2024-12-10 12:33 Times Seen188 Hash bdeea825879f27c70e9ff0c6d966f814 b4c79c2a6a1fd38e32129cdacfab37c90442d6ce b2ec3e8748a7f7e4225e3639059d19b2af8d3abf4c869935b9ea716f87285cf4 Loading...

	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	1.2 kB	2023-03-07	2024-10-13
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2024-10-13 12:17 Times Seen173 Hash e5f6dca750f4833c2baa360e1a16d5a5 b1082ae28af676794aff5403bc2538e001528a8b e261c09c1483dacdc6a535c1b86c7b25f3ffe717b060f3e47f0195a7c8eb0526 Loading...

	hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166	ScriptElement	30 kB	2023-12-05	2023-12-05
Pretty URL hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 08:59 Last Seen2023-12-05 08:59 Times Seen1 Hash f05050575c8ee7f8b10c3ed89d8f0bb5 1cc1cdf1684554519e960c747a3421c62f96c980 078e78ca4e48cad445a06ab00a61a4daf9c776b2854c8b55627d5aa0d3c1a96b Loading...

	youtuber-cash.life/js/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-02-01
Pretty URL youtuber-cash.life/js/popper.min.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-02-01 18:14 Times Seen196 Hash 13e3c08dd1d2f77233ad869472663004 793ae7cdd5c83b032839ad389bb60f6d0f576485 ccdb0d76bc64c3c03c56926547f9dc157ebc06bc3faa5c76e72b14b6227e1e41 Loading...

	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	2.4 kB	2023-03-07	2024-10-13
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2024-10-13 12:17 Times Seen173 Hash 0e07f045b0d4daa16a1aab16da69c214 f185ba3e8decbef237b354ce922e922584ef6a17 dafa927b878a1506eb68896ee8179595a0c6c4723d04c95f44a0b370b03b7a23 Loading...

	youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==	ScriptElement	2.0 kB	2023-03-07	2025-02-01
Pretty URL youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-02-01 18:14 Times Seen185 Hash 356dd2cd7e9c2938b65cc751eae7730b b96b07ad5013b2eed3521d8485bfab311c165bf8 f7a3854d0319eec1044ff0665d90231ba7846825495c3700e412446ddff78f33 Loading...

	youtuber-cash.life/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-07	2025-02-01
Pretty URL youtuber-cash.life/js/bootstrap.min.js IP 172.67.145.179 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02 Last Seen2025-02-01 18:14 Times Seen204 Hash 7ea576594a2272604943b19eed3f65dd cf0363ed7c98a2223de587f86442c754823ff167 43c3c4b6cca3da44ba9b3e1eaffafea84098bfe213b26a416b72acfca769d59e Loading...

HTTP Transactions (54)

URL IP Response Size

rtfy.link/youtuber

199.192.18.103

330 B

URL
rtfy.link/youtuber
IP
199.192.18.103:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
330 B (330 bytes)
Hash
c7e1c585bb1a9a6679c08619f48f5275
1a4638552eea2b18ed7f9c69a295bdd1b2164601
6b6d4cb8be94f310833d7748e2fff0123ccc6e7585d63534941f9e97b4bc5637

HTTP Headers

GET /youtuber HTTP/1.1
Host: rtfy.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Tue, 05 Dec 2023 07:59:01 GMT
Server: Apache
Cache-Control: must-revalidate, no-cache, no-store, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjQ3ZWkwRTF6MXJMcnZBOEp5d1E2OWc9PSIsInZhbHVlIjoiZW9VZ2h6ckhIVllCZ0RDT0h3cHAvalpsRlRiUUxMSzJaVDc5aFNyZ0Y4MjNkK1RxNEZvZjc1a280dXlyZUdIVlZiUTB5elc5ZEk1R2k3eVNjVjdvK2pweWdaSmJCaWFGYlBWbExxVEtLNXBDKzk5dE9HaVRUU05qajVFL1N3TFoiLCJtYWMiOiJhMjkwNWRlYTAwNmJmNTMzYTcxOTdjZGNjYWY2NjFkNTliOGE4ZDY3ZmVlYzZkZDc2N2IyMjFmMjQxOWRlMTY1IiwidGFnIjoiIn0%3D; expires=Tue, 05-Dec-2023 09:59:01 GMT; Max-Age=7200; path=/
phpshort_session=eyJpdiI6InhrL2FCenUwbGtrdDYxZm90ZUVxOHc9PSIsInZhbHVlIjoidG90ZVNoeXNqeXQ3WURZK2ZXNmpORDVMZ1UyNE9EWXducDNoeG9QeWVuTE1mVFNlWUJvSVdmQUFmSm9ndWJMaTVjVkFocjdLOGZOMzlDU3YvRTRVVDdRbTJNWCtnTFFVdFZSaVp6bk9SMXY5c3g2dDdCQmVGM3RKRkJaUUxZMEYiLCJtYWMiOiI1NDFiODFmMWNlYTQ1MWZhMzFiYzBkMGVjYWVkNWM1NDI3MzE1MzU0NGNjMTZhZGY1OWQzMTNlNDVkZmU4MDdlIiwidGFnIjoiIn0%3D; expires=Tue, 05-Dec-2023 09:59:01 GMT; Max-Age=7200; path=/; httponly
Location: https://e.vg/VWMbGCDc
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

142.250.74.74

33 kB

URL
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32086)
Size
33 kB (33434 bytes)
Hash
8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

HTTP Headers

GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.boats/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:46:24 GMT
expires: Fri, 29 Nov 2024 04:46:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 443558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youtuber-cash.life/images/cash.png

172.67.145.179

200 OK

6.9 kB

URL GET HTTP/3
youtuber-cash.life/images/cash.png
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
PNG image data, 120 x 48, 8-bit/color RGB, non-interlaced\012- data
Size
6.9 kB (6949 bytes)
Hash
6907d175d114a6f449ebb5c11d9cffe5
65a0b1fb266df7c7bd822ed2c5ef241ec9b9d5a2
5b2024830a620f4eb1cdda3a5a0bcb9a873fd119ba3023d6eb6363ee41eb5538

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/cash.png HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/png
content-length: 6949
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-1b25"
expires: Tue, 26 Dec 2023 10:31:55 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 768219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9ThO%2BVfYLe57yO3fM5ZuBN26PH10uyw47iHmIk3pgq3zwfgY%2FOGGRLt8BzEDTLCxvyplEmIPNOvAAKAthB3lfSyJF3yPLyOk0Owt%2FWtOddZYRP87Jss%2Fh3OakEIdC%2BI8D6It%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5c9c7456a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/wa.jpg

172.67.145.179

200 OK

16 kB

URL GET HTTP/3
youtuber-cash.life/images/wa.jpg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=225, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=225], progressive, precision 8, 100x100, components 3\012- data
Size
16 kB (16336 bytes)
Hash
07ef3c50cf2905b3f0a3da683ac7d76b
383755f965269fcc9a42c47e759a4b953fab8e9b
04b43d2ded159249f8de72e72debc94f7e80aef23149be49ef7fb489f3430375

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/wa.jpg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/jpeg
content-length: 16336
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-3fd0"
expires: Thu, 28 Dec 2023 09:11:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 600272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fysm%2F7ZnRGY8mF6%2B6HPUJ9A94ZXvCnfnzUaAN%2BP05M8IgFt9IxqhhhYLDqtWTngj7RaNWMl9ue8vx34qvwTWcUYula0Z%2BMS2dwfWWeQB96SOk%2Bfp1lAG7pY7soDJKnTwBwmlgOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcc356a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/fb.jpg

172.67.145.179

200 OK

16 kB

URL GET HTTP/3
youtuber-cash.life/images/fb.jpg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=232, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=217], progressive, precision 8, 100x100, components 3\012- data
Size
16 kB (15481 bytes)
Hash
da7ba50455e216f348ea611a4bde3aa5
0d716d9c0b9ee8d4c0554ea287e838a648942f34
83f39aa462ae8b8276cc3e9a46fe6e38e5510f97048e738902727b158d70d64b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/fb.jpg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/jpeg
content-length: 15481
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-3c79"
expires: Mon, 25 Dec 2023 10:13:12 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 855744
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owQL1zmPjTmjun0lvYYN22hPGlRGguiYsgg6n6UzC2GUHCzFUMhrtHUlsBeu6YCqXyAsO%2FNqbcWGMDdjObyhulGvDjRisx0%2BBrNLXjU0CrFRmliy1jkPP06t2pcEsdwpx7bOfTc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcc456a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/ms.jpg

172.67.145.179

200 OK

22 kB

URL GET HTTP/3
youtuber-cash.life/images/ms.jpg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=247, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=204], progressive, precision 8, 100x100, components 3\012- data
Size
22 kB (22008 bytes)
Hash
0eda1811135611b9ef023826887b76a4
b515a4ba1ae389c346a1f8d3c3b40552899085fc
878b91556e630a7bc724443bcd6e992351ea55d75818c97d764080509f480aa5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/ms.jpg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/jpeg
content-length: 22008
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-55f8"
expires: Tue, 26 Dec 2023 10:31:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 768219
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOsh041NDJUO5KpKoHuaw7p6NMtuXKjt8hY3Alh1svi9ASI0G9RCyas065JS7PkptLIh6PQr84ARLu6PcFL7ZIZyi%2Fc3pLcG5XaCgIvsqXqccWjCrAE1gSQz0bZ2yLqlMBAvODw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcca56a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/tg.jpg

172.67.145.179

200 OK

16 kB

URL GET HTTP/3
youtuber-cash.life/images/tg.jpg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=216, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=233], progressive, precision 8, 100x100, components 3\012- data
Size
16 kB (15607 bytes)
Hash
290f3d71651cd6db71f0e1f08b360a02
8acc9145abc9c71978032edcbf0dd5e364bca8b8
0c56fb343b35317edbb0921e3d207e26bd5c0b41921ccb1e71155965dac5e4d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/tg.jpg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/jpeg
content-length: 15607
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-3cf7"
expires: Fri, 22 Dec 2023 14:07:51 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1100867
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hBwKDcSMxPK7qlRUzrH4dTkWsk7zgO5JQ%2F78nNEi%2FB1YHlYK6YNfRy5B8GDWUt4PdHRxtfONHZLDtXSqaSTZeksbvf4DOOf08JbHLc2ZBQgJZ%2FwvyQK13TLKah5fFo6uFuZyYk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcd756a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/twitter.png

172.67.145.179

200 OK

5.3 kB

URL GET HTTP/3
youtuber-cash.life/images/twitter.png
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
5.3 kB (5302 bytes)
Hash
602333f53faa534162f6298ecd776141
1725c8d37b2fff81487749aba924c6d042b26fc0
b831001126ca98f8b42d393d0c8c72ddb7bdb26ca2b702d429e01378135f81c8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/twitter.png HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/png
content-length: 5302
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-14b6"
expires: Thu, 28 Dec 2023 09:11:01 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 600272
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIf2j9ED0ClX9iPZU2QftnvbgP5PE36v%2FhpXMp2qbcEDn%2BZBI%2Bf6VqYBnmoMoBtmT1OvktlZHEcMJT%2FJKp50OoKpQQAYBNEz3Lx0R1%2FLJ3dCeawugcJ%2FgFliltprC06SMCKPHk8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcda56a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/line.jpg

172.67.145.179

200 OK

8.2 kB

URL GET HTTP/3
youtuber-cash.life/images/line.jpg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 100x100, components 3\012- data
Size
8.2 kB (8249 bytes)
Hash
e026e719a323672571f99165d1da693c
7c5d60dadd39a3211872fb5e7f7bc6928ed2f678
074bd4fdd36b56b6ad79b9183d9cf10c23827559abd2b59f985f97b03ac72428

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/line.jpg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/jpeg
content-length: 8249
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-2039"
expires: Fri, 29 Dec 2023 15:50:16 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 489916
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNrBJKh13Fuzk7myqSwdwvXmYvh05rD7LNaZjvjamtM3O%2B4nu7%2FzGzL69VdGby76A5yyaHw926QBxsdumcjN86FETBAtAe91C0l19lnGmWx2sPuK2ZQjOOomnzk8SjIuPHDlRLU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cdcdf56a4-OSL
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/apk.png

172.67.145.179

200 OK

4.5 kB

URL GET HTTP/3
youtuber-cash.life/images/apk.png
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
PNG image data, 413 x 122, 8-bit colormap, non-interlaced\012- data
Size
4.5 kB (4459 bytes)
Hash
418a3039ac4ce7feeec9ff34754e0f0d
100bc639ccc30bb32fcbc6147b8394b17a87b72b
1396051ae6a8a15234660b10cd48493118c2c807767bc42f42b2ccec37cb32c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/apk.png HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/png
content-length: 4459
last-modified: Fri, 28 Apr 2023 11:09:02 GMT
etag: "644ba94e-116b"
expires: Tue, 26 Dec 2023 10:31:56 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 768218
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stmOn2kVA3SWaG9AXr1rGXCOZcGAgTzB2upojP0%2B9KB69NB0USI7xvI6BZhzj8isUTfdodP0ore9HzOTvHwpl3XTJJuyZz%2FSprQ9E82bQrzEsVyuFLu4ntXSRROCM0NW%2FUHRP3M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cecf856a4-OSL
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-4474Z9PLQE

142.250.74.168

200 OK

92 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-4474Z9PLQE
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
92 kB (91653 bytes)
Hash
686a4d79dd8257a565b8d732639dd091
8ee7803a7a77a8559c7bec062652d5b23442eaaa
4a5fcea31fb9aacd052ba0799d19f1ade8ee336d55a089da6ba8731558eda44a

HTTP Headers

GET /gtag/js?id=G-4474Z9PLQE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 05 Dec 2023 07:59:03 GMT
expires: Tue, 05 Dec 2023 07:59:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91653
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ulogin.ru/js/ulogin.js

95.163.118.168

200 OK

19 kB

URL GET HTTP/1.1
ulogin.ru/js/ulogin.js
IP
95.163.118.168:443
ASN
#12695 LLC Digital Network

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectulogin.ru
FingerprintB7:3E:DD:78:0B:08:1E:A1:A9:46:CB:46:C6:AC:10:A4:64:F1:3A:5B
ValidityThu, 26 Oct 2023 22:02:59 GMT - Wed, 24 Jan 2024 22:02:58 GMT

File type
ASCII text, with very long lines (580)
Size
19 kB (19289 bytes)
Hash
1941cecced0807e4cac9d4943a1903fa
1a9f9773386b1c2ab3d1b981366644644eee9689
32f8480a6fce7dccb9cee093825d5e8a4258cbca0cc770baa898ab68d80aeca8

HTTP Headers

GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 07:59:04 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 19 Oct 2023 08:44:04 GMT
Set-Cookie: ulogin_token=u170f31eb530950d1052e2a8f373f675c; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Fri, 08 Dec 2023 07:59:04 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip

youtuber-cash.life/fonts/fontawesome-webfont.woff2?v=4.7.0

172.67.145.179

200 OK

77 kB

URL GET HTTP/3
youtuber-cash.life/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/css/font.css
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: font/woff2
content-length: 77160
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: "63ee2544-12d68"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42ekIqIGofyw%2F2yf5rFAK4j1f1S7aksg51sY1YyEJNa0zqwzxlQooVVXT7Yvb7Fq8RWD4DaR2cDyNe1sePA4eYLxYFay5IGNe9DPzZuScppibC8Qerr2%2BKHz396tjJm8pLaF%2FOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5eff0556a4-OSL
alt-svc: h3=":443"; ma=86400

ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1

95.163.118.168

200 OK

1.1 kB

URL GET HTTP/1.1
ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1
IP
95.163.118.168:443
ASN
#12695 LLC Digital Network

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectulogin.ru
FingerprintB7:3E:DD:78:0B:08:1E:A1:A9:46:CB:46:C6:AC:10:A4:64:F1:3A:5B
ValidityThu, 26 Oct 2023 22:02:59 GMT - Wed, 24 Jan 2024 22:02:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1113 bytes)
Hash
172c9de95b5e09f3f3fb6788dc85e618
a0af500d47d229611d00a78a0bfbcdefedc6d519
0d35a0dfc59effaee55acbe08ff749792d5c5dee22ac7969a297bdbd3fc5b00b

HTTP Headers

GET /stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 07:59:04 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

youtuber-cash.life/css/toastr.min.css

172.67.145.179

200 OK

4.0 kB

URL GET HTTP/3
youtuber-cash.life/css/toastr.min.css
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (6455)
Size
4.0 kB (4045 bytes)
Hash
f46a48664f1939d7e48333cbee25172e
7c94abd15a09fb50f361c87d850b806dbee1d3bf
76282d6677e839577d76e3e7e9d42bd27d08fb186cb005aad85e2eb1becb7021

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/toastr.min.css HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-1a6a"
expires: Tue, 05 Dec 2023 19:55:28 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AWxufQBwFOVU9NFga4JlTM9UwKa%2BlWhkSJ9yxr17%2F8EJmdZPx4KlTBO0DAyWwN7YMcyRUqdEiUh7RwMPvcb7xkohjkqU4TGn20kf1%2BgpgmW5TvqHL23EPSre2BF3XKR4cHVNxsw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5ced0556a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ulogin.ru/js/easyXDM.min.js?version=js.2.0.0

95.163.118.168

200 OK

7.0 kB

URL GET HTTP/1.1
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP
95.163.118.168:443
ASN
#12695 LLC Digital Network

Requested by
https://ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1
Certificate
IssuerLet's Encrypt
Subjectulogin.ru
FingerprintB7:3E:DD:78:0B:08:1E:A1:A9:46:CB:46:C6:AC:10:A4:64:F1:3A:5B
ValidityThu, 26 Oct 2023 22:02:59 GMT - Wed, 24 Jan 2024 22:02:58 GMT

File type
Unicode text, UTF-8 text, with very long lines (19804)
Size
7.0 kB (6980 bytes)
Hash
0cc34325f9c69f544cb67247c57fc48e
c6b3bf80233dcb3340e217fb16849eef4bf6e238
d00c673032c1444178a7cebc6cf988440d2e1ead769aea9470806bba9beab8a8

HTTP Headers

GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=3294&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9849&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 07:59:04 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Fri, 08 Dec 2023 07:59:04 GMT
Cache-Control: max-age=259200, public

youtuber-cash.life/js/popper.min.js

172.67.145.179

200 OK

8.2 kB

URL GET HTTP/3
youtuber-cash.life/js/popper.min.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (21060), with CRLF line terminators
Size
8.2 kB (8174 bytes)
Hash
13e3c08dd1d2f77233ad869472663004
793ae7cdd5c83b032839ad389bb60f6d0f576485
ccdb0d76bc64c3c03c56926547f9dc157ebc06bc3faa5c76e72b14b6227e1e41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/popper.min.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-52fb"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTBQoxk%2FiygQgvxoM2%2BrhOGdHyeV3Ly1djx%2BS5%2Bww%2BE38YjkgYTyr418tKjdvZeGhxfqDmWTxcryZRCSEudpfhdSp46TKbRvaAWqChSM1r0UYuIk4lln6bOt22EAszEA50nEUPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c9c6756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.buzz/js/bootstrap.min.js?1701762926&_=1701763148153

188.114.96.1

17 kB

URL
youtuber-cash.buzz/js/bootstrap.min.js?1701762926&_=1701763148153
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (59765), with CRLF line terminators
Size
17 kB (16876 bytes)
Hash
7ea576594a2272604943b19eed3f65dd
cf0363ed7c98a2223de587f86442c754823ff167
43c3c4b6cca3da44ba9b3e1eaffafea84098bfe213b26a416b72acfca769d59e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js?1701762926&_=1701763148153 HTTP/1.1
Host: youtuber-cash.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.boats/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 07:59:02 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-ea69"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Ax0879Bxy%2Fj6FFi5yglZkI%2FIApr8ztZkX9yiCdo3yULX1dj3l6Q5ifNP5YlcZVYQw235jDMRwlmufjg9m3PT%2BRpmOC5kDzIkfsgaSDRiq5in2LJWKxXQBx3V6qPpyHAgGX%2F%2BiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf582db25691-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==

172.67.145.179

200 OK

43 kB

URL User Request GET HTTP/2
youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (456), with CRLF line terminators
Size
43 kB (42963 bytes)
Hash
8c4c66f56dbf6b02758a508455e51185
8cf18e4d4f2690cae5d0a95ab3572c96e65c6852
be1d14c9fc2c374dd0aa32483be776624f534ed9c4b95b3cfcb62669d8639e28

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw== HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.boats/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 07:59:02 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; path=/
pid=9174381762038842; expires=Fri, 08-Dec-2023 07:55:27 GMT; Max-Age=259200; path=/
dldomain=youtuber-cash.boats; expires=Fri, 08-Dec-2023 07:55:27 GMT; Max-Age=259200; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gzmX7Ogqyz9hOyu4vN366qNu3XPaHJSaN9bpg%2BltILoEDS16hPqxIX%2FRknTb8FdpO19d6qlf7C25qen6YxmWPW8TUja%2FvXQBt2nm%2FW7UvPx5XhIv5iiYsZbjmtPYbVJ5EHnarXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5a7d1e56cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

youtuber-cash.life/images/flag/pf.svg

172.67.145.179

200 OK

30 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/pf.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1117)
Size
30 kB (30267 bytes)
Hash
8e525621c88b974fb4ce23ad5eaf26ef
198f0f3ce4d37edca8d3b9d216804a2153dfbd7f
625d984bf15cd464fe778ad943dffafeb446094747388d030214ef91c618149c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/pf.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-10c0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHgYEN1LKDf4owCLhqRnEKeGFPwlij0GlLbpxOCUILnUxjM9BbwnMQ6v%2BCoKcVK9P4yRtoEKQjUpywrnrCa4F3gDg6WHf%2FGed%2Bpj%2B6qs%2FRhXXFFJ%2Brc4z%2Fvn%2FFn5tLLW6epaWaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc9256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/css/font.css

172.67.145.179

200 OK

19 kB

URL GET HTTP/3
youtuber-cash.life/css/font.css
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (388), with CRLF line terminators
Size
19 kB (18769 bytes)
Hash
0d10fc7efd5d6f3227d16e665b5fe3cf
106ba8cb158bbe5c843c31fe7ad124283cad4c5a
62ebcf488b229e3715f8c5f7a0405ec76b846911c6d6a6685609cd46906c86e6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/font.css HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-121f3"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWbXbxJ6LfcLs6VGTp6FClB7NMATyaFG9vzSpVRPN3u1EZJZ8atmSxwazn2BJW4ZrqxGrXmqJPSxWR4MSRI4ZZuGaKEFh2GAlQ%2BcifHMpZjhgxIlB6AD8aNEZ0fzbbFvRktB5y8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c8c5e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.youtube.com/vi/uj58bz6-XYM/hqdefault.jpg

142.250.74.142

200 OK

14 kB

URL GET HTTP/2
img.youtube.com/vi/uj58bz6-XYM/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
14 kB (13786 bytes)
Hash
b3bd2bb29783f0f3f4e9e822aa61596b
95921c1f880c79ec55dc8390aa3444fa12e3332e
e3c9e27ece83b37ee72015a31716e7dab84ff7457cd86f35446c751d50b77171

HTTP Headers

GET /vi/uj58bz6-XYM/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 13786
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/f2yuuhg8cbk/hqdefault.jpg

142.250.74.142

200 OK

32 kB

URL GET HTTP/2
img.youtube.com/vi/f2yuuhg8cbk/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
32 kB (31795 bytes)
Hash
6816e8437cb7d163ac3b99fc1918ec7e
6356586581bbd2d3c374ffa59b455c44490968aa
ee502e7bab08b08643ada14aeec636e1ff8c8c12ddabf813ea610808dfc5248b

HTTP Headers

GET /vi/f2yuuhg8cbk/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31795
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1668303095"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

img.youtube.com/vi/rtbWMViBBUM/hqdefault.jpg

142.250.74.142

200 OK

32 kB

URL GET HTTP/2
img.youtube.com/vi/rtbWMViBBUM/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
32 kB (31910 bytes)
Hash
2e874de6373a8e5e164ca8afc68bceca
a3e035bd2f529f99a2ccb89fd3c4980c7c632a5a
42b07643daf4abe3acd789ee8144c58bd37a03b6eeb3143d92556472331053ee

HTTP Headers

GET /vi/rtbWMViBBUM/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31910
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1668524250"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youtuber-cash.life/images/flag/gr.svg

172.67.145.179

200 OK

41 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/gr.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
41 kB (41402 bytes)
Hash
db77f48c7f332561c119c5b644c2247a
adbaeb7309ddf60d227c4902d766e31d95e798ba
2251a31588f5613220ce722e874c664a706921b09a099077d325965d57593712

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/gr.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-32f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAD7IhzpQOZg1byFmWR4Fi993Z1VouRl0jiLMxeL0YWtqcvFYCG%2BR8XPPKLPWVczNk7HusXEb25N1GSGk5Hhu0QsnfgIFwLm03VI9Iie%2BqzwxDdzl6f9Mv4Z2CoSGF1gf6n66Dg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc9456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.youtube.com/vi/zLR2s2uR4Qo/hqdefault.jpg

142.250.74.142

200 OK

36 kB

URL GET HTTP/2
img.youtube.com/vi/zLR2s2uR4Qo/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
36 kB (36264 bytes)
Hash
feeea30ed87f7c135b76ea85e97bfbeb
a595e0fd9b330c3147e172674fecacc5f5727c98
881ac456aa2c0511110ccf1b15e53f743cc3c816d9acfb35e231387ed93db6b5

HTTP Headers

GET /vi/zLR2s2uR4Qo/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 36264
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1668541660"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youtuber-cash.autos/js/bootstrap.min.js?1701762926&_=1701763148155

188.114.97.1

39 kB

URL
youtuber-cash.autos/js/bootstrap.min.js?1701762926&_=1701763148155
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (59765), with CRLF line terminators
Size
39 kB (39374 bytes)
Hash
7ea576594a2272604943b19eed3f65dd
cf0363ed7c98a2223de587f86442c754823ff167
43c3c4b6cca3da44ba9b3e1eaffafea84098bfe213b26a416b72acfca769d59e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js?1701762926&_=1701763148155 HTTP/1.1
Host: youtuber-cash.autos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.boats/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 05 Dec 2023 07:59:02 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-ea69"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtAsZJAX1Ady8yLK9qGcP5fvdmTJO1%2BZo5urSuAMT13oqC1Pp%2BHt8WXqam6OJbKRFKnnZpJ25mUnpO3%2BV2WSXlJBo2T6KRNChjurJYElPQ6lUXQJ98b3YtgLu8OTvA4J10gllZsx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf586e3656c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

img.youtube.com/vi/phwk_U5U_jg/hqdefault.jpg

142.250.74.142

200 OK

34 kB

URL GET HTTP/2
img.youtube.com/vi/phwk_U5U_jg/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
34 kB (33899 bytes)
Hash
5e2b5f9379377d99f809e8c8b8af020b
4a4dc8f9547d6b914a1d5323bfa07f3373e898cb
21b444a73e3684f4bbeb5304cce92cabe62da701a9d8b3b64e071f1a8f64ce56

HTTP Headers

GET /vi/phwk_U5U_jg/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 33899
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1669034748"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166

103.235.46.191

200 OK

11 kB

URL GET HTTP/1.1
hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
ASCII text, with very long lines (623)
Size
11 kB (11261 bytes)
Hash
f05050575c8ee7f8b10c3ed89d8f0bb5
1cc1cdf1684554519e960c747a3421c62f96c980
078e78ca4e48cad445a06ab00a61a4daf9c776b2854c8b55627d5aa0d3c1a96b

HTTP Headers

GET /hm.js?ca39fa08836e125f6ea13e25b34bd166 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11261
Content-Type: application/javascript
Date: Tue, 05 Dec 2023 07:59:04 GMT
Etag: f24dfb8b069b72f807958e854c52acf2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A0D76F5BE474E384; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=164729683&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Fyoutuber-cash.boats%2F&v=1.3.0&lv=1&sn=15806&r=0&ww=1280&u=https%3A%2F%2Fyoutuber-cash.life%2F%3Fcode%3DOTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw%3D%3D%231701763149782&tt=Paid%20video%20viewing

103.235.46.191

200 OK

43 B

URL GET HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=164729683&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Fyoutuber-cash.boats%2F&v=1.3.0&lv=1&sn=15806&r=0&ww=1280&u=https%3A%2F%2Fyoutuber-cash.life%2F%3Fcode%3DOTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw%3D%3D%231701763149782&tt=Paid%20video%20viewing
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=164729683&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Fyoutuber-cash.boats%2F&v=1.3.0&lv=1&sn=15806&r=0&ww=1280&u=https%3A%2F%2Fyoutuber-cash.life%2F%3Fcode%3DOTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw%3D%3D%231701763149782&tt=Paid%20video%20viewing HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 05 Dec 2023 07:59:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4107E75DB2E1D012; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

youtuber-cash.life/images/flag/py.svg

172.67.145.179

200 OK

17 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/py.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3319)
Size
17 kB (17301 bytes)
Hash
13233f64e8bc61551916a3ba4e2c710c
ab62f0c79528f4d4fb725df643b307a413685c4d
3a478eb06f7e63ad044d026b4a65aa19bc1b9de9fb8c753d11b9c9f4edca412b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/py.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-4395"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFP%2FgXSl%2BHlt1fEFEHBfNwIvcDIZKBGV07%2FrT1Ba01w1hXzX9pD6NyIxWVceEvE1x7GxcrrbqUAiHnTvfeEtY0E05%2Fo5nLhmYFZigZemAG4A8h5ApN%2FyM90lQ1%2FO0aLrvUlpYi4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc9c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/om.svg

172.67.145.179

200 OK

23 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/om.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1376)
Size
23 kB (22841 bytes)
Hash
7332c94cc6d893097dd3ff6d962a9520
974591b035e1cef7c32a6ad7cc5617489eed1837
c96ecf52ccd41a813bf73f6aee0ef4712b7b5e46165a091613bfaa6ae821d7d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/om.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-5939"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bD30KAr4teLNFogcmVaM3KNR261dl1Ao4TTsWDUq69cyyOSXNjuGP1pqQOO%2Be%2BICMmMMqt45zXi8B5lE8SPcGPU9BvbX%2F%2BxTxvCVjRFVrlHUckJ%2BZWb3aaqrcjQznkYiJkguZtc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc8e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/mf.svg

172.67.145.179

200 OK

292 B

URL GET HTTP/3
youtuber-cash.life/images/flag/mf.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (321), with no line terminators
Size
292 B (292 bytes)
Hash
117039d4cffb56ded871868375fca028
003b342951a91d3766278c5d761a8ce91b939ca7
8b2137055414140d366488965c5383862828a6f4a5713879c3d07f4f0a04926e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/mf.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-124"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdmhMADzcV4q0GeQdrfLVcumaEmVhLPKhwfCxIebBv3sQox%2BrrgbWW3gCD78MMR1ZFllJ6L2yei%2FGCBS6fdvFvzKesL1hjPry5%2F5HjYyNjNNg6nafqAT9nvuaYv8hN%2FkWrSvx4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc9156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/css/bootstrap.css

172.67.145.179

200 OK

208 kB

URL GET HTTP/3
youtuber-cash.life/css/bootstrap.css
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (629), with CRLF line terminators
Size
208 kB (208370 bytes)
Hash
fdb5fd9d72649f80e2a4dee94fa3c59b
ff58dd1e1c64a17f092243d997a952b67b0a3b4f
16039e1a6f9cab1a79d1f620a6e5678b410e97ba542f1771717292e659938dfb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/bootstrap.css HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-32df2"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAWY55i4lESVV3pVkVhhB2%2F1CK1wp6hzWMP4KkEM%2Bd6q7U8NQuF%2FL8pKtgTTs%2Bodln1%2Fh%2Bhf1YKn%2Br8b%2FljOG0wCHLHYV5HqTV%2BcCiRcl9DShj%2Fq9npwf7IxPDSCzzUIH8K3%2FTM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c8c5b56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/css/ext-component-toastr.css

172.67.145.179

200 OK

5.5 kB

URL GET HTTP/3
youtuber-cash.life/css/ext-component-toastr.css
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (5767), with no line terminators
Size
5.5 kB (5535 bytes)
Hash
6cdc3d2698006e7a2a72c7a9805a35d8
c7953438083f7f5f0c52151acadf3170351482b2
fd7298443ed8a85b05e1c954f01f584888f4a8bb1ec551f475d430e41a4b1d23

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/ext-component-toastr.css HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-159f"
expires: Tue, 05 Dec 2023 19:55:28 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWicCbLJQ7p4n0BF1TtgkwS4x61GdaME0Xp1tkrCDxciI5oN8A695KCj5e8QV3eTKwoFhQecL0hQ1%2Bp1Z%2Fm1%2F%2B3g%2B4gguXUza26XYP9BI%2BBx%2Bi9jWelou8scuWudqg5IhZlKBWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5ced0756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/lan/lan.php

172.67.145.179

200 OK

628 B

URL GET HTTP/3
youtuber-cash.life/js/lan/lan.php
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (647), with no line terminators
Size
628 B (628 bytes)
Hash
221f623943e5b106306a2faa6119caa2
64ed01b03a192d307a58118aafc2e37d754d6f1d
cf75a79e78833f27eae3a50a6acc5b34853e5a4565eea6d7d7f75bb40da4df74

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/lan/lan.php HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O5m2XGHJLZFAJQOkOBiVPblbPAYAQRSOgUUfLlp26g795qIbS%2FRdm3MtvR%2F5j45sTiNXPlFZ1YhDd2XnvD%2BF5jalCRV315IDiTfzDEQzIW%2BS3hNMiOHXAVfmrFMFKRZj5Tqk%2FjE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5ced0b56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/bootstrap.min.js

172.67.145.179

200 OK

60 kB

URL GET HTTP/3
youtuber-cash.life/js/bootstrap.min.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (59765), with CRLF line terminators
Size
60 kB (60009 bytes)
Hash
7ea576594a2272604943b19eed3f65dd
cf0363ed7c98a2223de587f86442c754823ff167
43c3c4b6cca3da44ba9b3e1eaffafea84098bfe213b26a416b72acfca769d59e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-ea69"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygjB406B2y5r9%2BdZhnHsftC8kudFx4vQaATjeiNPbez5g2GEG1sBtdSaGvLVwFTXXe9u5M96boHAi%2FxERi3EOvKf0pT2glEynIhAwiioQBEiDZEe8YrHa4bn%2BjHktjZTbwubKpI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c9c6656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/gb.svg

172.67.145.179

200 OK

837 B

URL GET HTTP/3
youtuber-cash.life/images/flag/gb.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (886), with no line terminators
Size
837 B (837 bytes)
Hash
26da30e33a11a9a9120607a0a04c12bd
2868ee3b35a4a7d0b5a3fba67fd5f2aa86097e12
dddca43ae36a5303ca29d0a2405506dc56b9c0178aee83d911c8a6cca3f7bd8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/gb.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-345"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ue3mUk4doM1e9WG29f8CU1S1ZXvNlvS%2Fvgwfr9ClEX%2FJEVjUCuERPitEn3i6ZrbzUGpirbsq4%2Fkg5qZ97hzk6Hb%2FCpmCMpXUAYhrtt3PLfrcFCOqSmNs8U8ZgFdEp6hVXZus6So%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cccc256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/css/business-frontpage.css?rstr=532909801696

172.67.145.179

200 OK

343 B

URL GET HTTP/3
youtuber-cash.life/css/business-frontpage.css?rstr=532909801696
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (356), with no line terminators
Size
343 B (343 bytes)
Hash
3807a6f20879fe23e46aaec6bb21b12f
182fbdf4871e38da3a98702270dc9efaf49f89f8
a61461203bea5983812d245c38143de2c597ba30ecce8b7276d6b3ea6e80ea8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/business-frontpage.css?rstr=532909801696 HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-157"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BaL7cjGFa%2FLeyOuPpg8S5zl8HqxQHX5SwwkMo1z9qFnMxzczZ4nya%2Bw%2FodtFpmKrNMmDrN9T6nh0CjPtx5JXQ%2BehZ%2Fd6DW%2BR69b46U%2BNGZHxvqdqE9XiSnmmbIYFpQtg2fQVeUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5c8c6256a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.youtube.com/vi/AB7fjoTVems/hqdefault.jpg

142.250.74.142

200 OK

28 kB

URL GET HTTP/2
img.youtube.com/vi/AB7fjoTVems/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
28 kB (28476 bytes)
Hash
0c2810d6a89ab152c04295c23ae34c45
c8c3df7b4b412711ed324a7d4cd2a4e72289fcd7
0f2b1e3eebcba98ee79c60a1422cc14d0beded3ae643282aa0e69af838cd6875

HTTP Headers

GET /vi/AB7fjoTVems/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 28476
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 06:58:39 GMT
expires: Tue, 05 Dec 2023 08:58:39 GMT
cache-control: public, max-age=7200
etag: "1668839698"
content-type: image/jpeg
vary: Origin
age: 3625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

youtuber-cash.life/css/main.css?rstr=532909801696

172.67.145.179

200 OK

1.7 kB

URL GET HTTP/3
youtuber-cash.life/css/main.css?rstr=532909801696
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (1857), with no line terminators
Size
1.7 kB (1705 bytes)
Hash
a1c6f85ecd76e9f3c2da3cb9fba312eb
a89b97b189d18d17b23f4e20ddf418aafdd95571
a21f8d89f9f5e52eea9380f9bc148b962fdfa48d2b2202ed57563b02991e7c48

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/main.css?rstr=532909801696 HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: text/css
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-6a9"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jol7NyoP0m6whU5Ky30bnsXmC9KhdavVM7gpnpbP7nvc2AG58pv%2FReZKRir90%2FZ6HxJlNCdwYgyI25tYCqfSdHqxgXnzOT2k1I3mO0ZDcqEjiFC%2F%2FJD4pmLSSu3waP%2FpEMVIfSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c8c6056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/toastr.min.js

172.67.145.179

200 OK

6.1 kB

URL GET HTTP/3
youtuber-cash.life/js/toastr.min.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (6200), with no line terminators
Size
6.1 kB (6078 bytes)
Hash
76b7516ea088e9919781ed51660fc717
219b23a07dd85e63336950c2fbab7fb2ef7dd82a
22f577cd9fc50adf64051dfccd8ad280dd80ccdc47cf5cb95ee0ecf6f3b62a11

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/toastr.min.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-17be"
expires: Tue, 05 Dec 2023 19:55:28 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRa5h9kPcGHb69bsujnCA8N%2BBeZ5ALQsff5yaXWIc8b51%2FX8KTj3PRM1Zk2tVU%2BOmZ84lbTNT29xX2JuzTRlLUFalttZlg3CrFCR711w4I8vEyXlWD%2BJnivDBr8MVbTzfsz%2FJck%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5ced0a56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/zw.svg

172.67.145.179

200 OK

6.8 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/zw.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6879), with no line terminators
Size
6.8 kB (6780 bytes)
Hash
9b127eda969ea13392ebf3acbf5279da
53567e1352e0d12d39d5160dea591c2845c3bcf6
8a195bdf24e110f7adc54e7aab054e5eea521ead45d0a48792966e05d8fccc77

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/zw.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-1a7c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQqFAuASoHmprGUWnPD9qYLc%2BwZl1l9PMiOl22E97L3y6bEDz%2FdjXRXrFlrCqb9CJmc3bK7AF5qPMqisPmPo%2B00IMLvRXT%2FAw7JYJbB58df2rnA%2FGRu3pFDcpZ2p2F8zs2lHMOI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cccc056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/commonscripts.js

172.67.145.179

200 OK

8.4 kB

URL GET HTTP/3
youtuber-cash.life/js/commonscripts.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (9356), with no line terminators
Size
8.4 kB (8406 bytes)
Hash
7158dea0b2a8031f1e7814211a697319
aa8a82264e5727625b3994f15f0b3a02b7e8d178
e66f30c3c956b3557dbea39e9d180c71d03c4d7f60b1e51e9c957f5d0e5f7552

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/commonscripts.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-20d6"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lioNXMGz6AtIEbGDyAIFqhefQPtoJVH56eq%2B94Ky6mAqRaKzo6b8xwp%2FK%2FCc5pP9eMh5NpDTqZ2StAzqjQDFdWn39zaaMIFbVAp%2BAvC%2BwJg1dMLVIkoaXGZnAV4%2F9dhG3JcEipk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c9c6c56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/bi.svg

172.67.145.179

200 OK

1.1 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/bi.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1132), with no line terminators
Size
1.1 kB (1071 bytes)
Hash
297af9fac0f70ae37500a4b636dd9a3a
b71158885ec1c8f5a0c6094a9fa8e1d0fd1c21bc
884fb194fa959e710fff11b6989a02bc11c0f3bf72855bd619497609f0d9c4ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/bi.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-42f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Uw7R3rOXeZGQeVuJxmLQnrHJdGvbHM1M2fxSe1clbk0%2Fqin90fb5NANM6OHZrH0SmRbs1%2F%2FI6rFX5uVpePz0wwQxUoKxmm%2FAat%2Bs%2BpVhAETggRejouEnKfwyx%2Fb4K%2BgLbT4AsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cccbf56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/vendors.min.js

172.67.145.179

200 OK

377 kB

URL GET HTTP/3
youtuber-cash.life/js/vendors.min.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type

Size
377 kB (376771 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/vendors.min.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-5bfc3"
expires: Tue, 05 Dec 2023 19:55:28 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOPoU9AFRscibb3Us%2B%2Bv95JrwT%2Fnuaxen6ykNAf7IQD1yZGkEILkD2nj7cv86TDJKRCEcCy7nfaXCvlNALBaOsKYNrtzP2jDm9DjoJklNq9CeSNZjmcpZK0OIR5cRmvbwbcJoig%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5ced0856a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/images/flag/va.svg

172.67.145.179

200 OK

91 kB

URL GET HTTP/3
youtuber-cash.life/images/flag/va.svg
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (508)
Size
91 kB (91211 bytes)
Hash
0e3b3cc1a9ecdad8993aa9068279c25b
19ef4f3dead17c7b651cd1a6397ff7f027b4c893
a492e1e0ae2d4aaf713beab0ef3b314ced07b9b8478461cd8454d39b419c442d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/flag/va.svg HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: image/svg+xml
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-1644b"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZznVvvoCD9Hxh7pSGrw3%2BrJhqgx%2BFL%2FGxuwBejoBRybpgaMNoX33fo%2FtYMC88I6x7cbVpyZa4Gayo5OUTRFYMlEdd0wS%2BNGfEM8n5fHsoKsRIHrVPlYCFgC5iKH6wuGvJL90bA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf5cbc9056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

img.youtube.com/vi/X1PuJ0Yg1VM/hqdefault.jpg

142.250.74.142

200 OK

18 kB

URL GET HTTP/2
img.youtube.com/vi/X1PuJ0Yg1VM/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
18 kB (17757 bytes)
Hash
91b5da20e45e784a4dd5dd7d79254ee2
07a52f38044a4098b1020e2496f5785161d97aed
08ec3f5b9ac464bd3e83d5f4878efb62c08f98d42ad3ec1d551052c286d6606a

HTTP Headers

GET /vi/X1PuJ0Yg1VM/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 17757
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1667489161"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

globvisit.ru/one/

82.146.62.11

200 OK

94 kB

URL GET HTTP/1.1
globvisit.ru/one/
IP
82.146.62.11:443
ASN
#29182 JSC IOT

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectglobvisit.ru
FingerprintBD:3B:5F:84:D0:BA:D5:29:AE:FE:34:26:96:D3:37:77:A1:E1:6F:56
ValiditySun, 05 Nov 2023 00:54:56 GMT - Sat, 03 Feb 2024 00:54:55 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
94 kB (94202 bytes)
Hash
a517ac695367ca6fd097690687989b45
7ac00e8792a3389731a67f5d354c0c2f3bd6dbea
f778f4649bec29fc6d138691ae6b31e32d745d3bd5e1ddc90f9a5dda01ce9076

HTTP Headers

GET /one/ HTTP/1.1
Host: globvisit.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.2
Date: Tue, 05 Dec 2023 07:59:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: utm1=1:174892b3-7534-4585-ba18-0afded296906; expires=Wed, 04 Dec 2024 07:59:04 GMT; Max-Age=31536000; Path=/
ttl_eW91dHViZXItY2FzaC5saWZl=0; Path=/
Last-Modified: Tuesday, 05-Dec-2023 07:59:04 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip

youtuber-cash.life/js/jquery.min.js

172.67.145.179

200 OK

87 kB

URL GET HTTP/3
youtuber-cash.life/js/jquery.min.js
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
87 kB (86927 bytes)
Hash
a46fb81762396b7bf2020774a2fb4d9e
fb5edd7a663dc8dda7ec10815a7cd82a30fc98a7
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-1538f"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXWgYP0CC%2B7t%2FdY8k6oswUHiI5PkaNvKbKdv9uW0OWDFtEqcvTmQtpMYqsDjgDWP38Bhy1xbb1EYGR2v%2BeynNBcIiSSAo%2BY4I5mSESym5jkBjjfY9OpJGWKmH0ulNAGWS1owJa8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c8c5956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/js/geterrorcodes.js?new

172.67.145.179

200 OK

4.8 kB

URL GET HTTP/3
youtuber-cash.life/js/geterrorcodes.js?new
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
ASCII text, with very long lines (5905), with no line terminators
Size
4.8 kB (4783 bytes)
Hash
b6f022c51c23380fb1657af3b9380793
35d5d93703dc52dbed3c766a04259df37df80aa5
ac02f7f35cd433faf71d6295976096642d2601683b12d0cc074a51395990ec5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/geterrorcodes.js?new HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:03 GMT
content-type: application/javascript
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
vary: Accept-Encoding
etag: W/"63ee2544-12af"
expires: Tue, 05 Dec 2023 19:55:27 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pptpgQ33kUeTM%2BiFWPLNS6n17%2BOuC8IBJH67YTY8qBxXgPOeKdwABP31Rs4%2BKud41CBBP8rV6z91PzuFczuD8QUTm6evveWQe8wCBUHaIU5l731ag8l%2FUoWRXE3HQxWrdAkOotU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 830abf5c9c6d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youtuber-cash.life/favicon.ico

172.67.145.179

200 OK

3.0 kB

URL GET HTTP/3
youtuber-cash.life/favicon.ico
IP
172.67.145.179:443
ASN
#13335 CLOUDFLARENET

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectyoutuber-cash.life
FingerprintF4:5A:B3:F6:26:77:90:09:48:58:FF:90:D4:F3:EB:ED:ED:38:F1:ED
ValiditySat, 07 Oct 2023 18:03:18 GMT - Fri, 05 Jan 2024 18:03:17 GMT

File type
PNG image data, 45 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
3.0 kB (3033 bytes)
Hash
96fc0028ce91ea7b2e91d87974259945
1742fc26af8ab843da510495ec74ffdb213d5bd0
70f4b8cb8399a370263c003b18266a4f16eab2d40d32ec92726d741d71e3870a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: youtuber-cash.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Cookie: PHPSESSID=l2eb20ukva1v8t92ki9nbaok20; pid=9174381762038842; dldomain=youtuber-cash.boats; video=video; _ga_4474Z9PLQE=GS1.1.1701763149.1.0.1701763149.0.0.0; _ga=GA1.1.1125884451.1701763150
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Tue, 05 Dec 2023 07:59:04 GMT
content-type: image/x-icon
last-modified: Thu, 16 Feb 2023 12:44:52 GMT
etag: W/"63ee2544-bd9"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBbYhVyw7qDhzf7EcRm8W77mMHCav3LB586mwakEbZYF8iUYU%2Fdabi1Zp1fjMkmPkGKwQ6wSiRVLMy4mmmFYzw2bDdMe80Khd1tedvROPQ0bKk2miY3S0hZi1zxaUaOQZO9MpWI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 830abf626a1e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ulogin.ru/stats.html?r=29413&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9850&xdm_p=1

95.163.118.168

200 OK

3.0 kB

URL GET HTTP/1.1
ulogin.ru/stats.html?r=29413&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9850&xdm_p=1
IP
95.163.118.168:443
ASN
#12695 LLC Digital Network

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerLet's Encrypt
Subjectulogin.ru
FingerprintB7:3E:DD:78:0B:08:1E:A1:A9:46:CB:46:C6:AC:10:A4:64:F1:3A:5B
ValidityThu, 26 Oct 2023 22:02:59 GMT - Wed, 24 Jan 2024 22:02:58 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3156), with no line terminators
Size
3.0 kB (2999 bytes)
Hash
27a2c158afed79b1e5fd6a2d19b0ccca
db4b4ebb8a8e537dc170a290a0ca43c3aef9f7ef
4e47bcfcf7e843e79f905ba43fbb6d5cb3b63834655f12148a9819014074d500

HTTP Headers

GET /stats.html?r=29413&type=panel&xdm_e=https%3A%2F%2Fyoutuber-cash.life&xdm_c=default9850&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 07:59:04 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

img.youtube.com/vi/ZVMsFOeYwic/hqdefault.jpg

142.250.74.142

200 OK

41 kB

URL GET HTTP/2
img.youtube.com/vi/ZVMsFOeYwic/hqdefault.jpg
IP
142.250.74.142:443
ASN
#15169 GOOGLE

Requested by
https://youtuber-cash.life/?code=OTE3NDM4MTc2MjAzODg0Mnx8eW91dHViZXItY2FzaC5ib2F0cw==
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Size
41 kB (41094 bytes)
Hash
0c0fd767bfd4f452f90ce3a3530a0eba
b26a69ec214f449002c3a5ea007d707b32a5dd86
c7f5d56a17de01563fdcf9a6e9f8cfa457a6039c60f9ac872964e5db9fba5ed3

HTTP Headers

GET /vi/ZVMsFOeYwic/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youtuber-cash.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 41094
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 07:59:04 GMT
expires: Tue, 05 Dec 2023 09:59:04 GMT
cache-control: public, max-age=7200
etag: "1669499571"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (25)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN