urlscan.io logo urlscan.io
SecurityTrails logo

yt1s.skin Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
URL: https://yt1s.skin/enj1kpo
Submission: On September 12 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is yt1s.skin.
TLS certificate: Issued by GTS CA 1P5 on July 22nd 2023. Valid for: 3 months.
This is the only time yt1s.skin was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 13 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 139.45.197.245 9002 (RETN-AS)
1 139.45.195.8 9002 (RETN-AS)
1 13.32.99.34 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
1 3.65.224.49 16509 (AMAZON-02)
1 13.32.121.81 16509 (AMAZON-02)
14 2600:9000:209... 16509 (AMAZON-02)
45 11
14    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
yt1s.skin
13    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2606:4700:3037::6815:5b3f (United States)

ASN13335 (CLOUDFLARENET, US)
inklinkor.com
2    139.45.197.245 (United Kingdom)

ASN9002 (RETN-AS, GB)
dubzenom.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
1    13.32.99.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-34.fra60.r.cloudfront.net
platform-api.sharethis.com
2    2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
1    2600:9000:20eb:f200:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
1    3.65.224.49 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-224-49.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    13.32.121.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-81.fra60.r.cloudfront.net
count-server.sharethis.com
14    2600:9000:2090:0:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
Apex Domain
Subdomains		 Transfer
18 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 4575
buttons-config.sharethis.com — Cisco Umbrella Rank: 5337
l.sharethis.com — Cisco Umbrella Rank: 4999
count-server.sharethis.com — Cisco Umbrella Rank: 11177
platform-cdn.sharethis.com — Cisco Umbrella Rank: 10552
64 KB
14 yt1s.skin
yt1s.skin
74 KB
10 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 8136
3 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3674
70 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 16019
widgets.amung.us — Cisco Umbrella Rank: 27546
658 B
2 dubzenom.com
dubzenom.com
5 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10532
540 B
1 inklinkor.com
inklinkor.com — Cisco Umbrella Rank: 81876
27 KB
45 8
Domain Requested by
14 platform-cdn.sharethis.com
14 yt1s.skin yt1s.skin
10 mc.yandex.com 3 redirects yt1s.skin
mc.yandex.ru
3 mc.yandex.ru 2 redirects yt1s.skin
2 dubzenom.com inklinkor.com
1 count-server.sharethis.com platform-api.sharethis.com
1 l.sharethis.com platform-api.sharethis.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 widgets.amung.us
1 whos.amung.us 1 redirects
1 platform-api.sharethis.com yt1s.skin
1 my.rtmark.net inklinkor.com
1 inklinkor.com yt1s.skin
45 13

This site contains links to these domains. Also see Links.

Domain
ssnaptik.app
Subject Issuer Validity Valid
yt1s.skin
GTS CA 1P5		 2023-07-22 -
2023-10-20		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-08-14 -
2024-01-24		 5 months crt.sh
inklinkor.com
GTS CA 1P5		 2023-08-25 -
2023-11-23		 3 months crt.sh
dubzenom.com
R3		 2023-09-05 -
2023-12-04		 3 months crt.sh
rtmark.net
R3		 2023-07-25 -
2023-10-23		 3 months crt.sh
sharethis.com
Amazon RSA 2048 M02		 2023-05-20 -
2024-06-17		 a year crt.sh

This page contains 1 frames:

Primary Page: https://yt1s.skin/enj1kpo
Frame ID: E64F45940805BF33D191F8619A091F05
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Youtube Downloader - Online Youtube Video Downloader | Yt1s

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

91 %
HTTPS

55 %
IPv6

8
Domains

13
Subdomains

11
IPs

4
Countries

241 kB
Transfer

698 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10124.8isddley2R8mDfP5WBVB4K2iBct0QwRpeSgxSgwASj1UeA9KmxruGFLY87EkqcPR.72QXAvaxRKDbGzN8wu_PBmqAtok%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10124.F4HjhjTRqbG88ncmadOUsxMPmit4W9OmiHE-xDH68o03DYpSpNR402fGYDqbKnuKQmmedgzGG8VGmEwdc8Rg1z6Paht7fyTXBCstOWpLil4%2C.JNae7WOXmQc5pgWUeaxWH9tf2XU%2C
Request Chain 20
  • https://mc.yandex.com/watch/94315107?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1402479401576%3Ahid%3A265722578%3Az%3A120%3Ai%3A20230912125612%3Aet%3A1694516172%3Ac%3A1%3Arn%3A323354577%3Arqn%3A1%3Au%3A1694516172868714172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C59%2C71%2C1%2C%2C0%2C%2C66%2C0%2C%2C%2C%2C198%3Aco%3A0%3Acpf%3A1%3Ans%3A1694516171648%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694516172%3At%3AYoutube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader%20%7C%20Yt1s&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/94315107/1?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1402479401576%3Ahid%3A265722578%3Az%3A120%3Ai%3A20230912125612%3Aet%3A1694516172%3Ac%3A1%3Arn%3A323354577%3Arqn%3A1%3Au%3A1694516172868714172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C59%2C71%2C1%2C%2C0%2C%2C66%2C0%2C%2C%2C%2C198%3Aco%3A0%3Acpf%3A1%3Ans%3A1694516171648%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694516172%3At%3AYoutube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader%20%7C%20Yt1s&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Request Chain 21
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10124.Thx9IN-2IMtvJ8vdPQ5CT83c5weUtllqtV4BbcZkL0q1DyoFutzuw7DP5Edc_-BS.Tmpy3fsxyP9XJiIqcsO_bNOHIa4%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10124.j1ik9Do_R7gzN2CCKXn0nuxUAj6jE6-cSPSajI-9WEaG_K6h11FqBCUamtV4y3N6djZk-OFWzsLAgzOFd3LmLF5ZVOXC58Zx48nk2y_Tkkk%2C.SimOw67uE6hKuNZ92ztxzIR2n70%2C
Request Chain 23
  • https://whos.amung.us/swidget/yt1ssnet HTTP 307
  • https://widgets.amung.us/small/00/30.png

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request enj1kpo
yt1s.skin/ 		20 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
910054800dc617e576fd8b8775ec1a93a66d00f3ba01e930b34d0aa272cb8420

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80579f594f3e0c75-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 12 Sep 2023 10:56:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j1mE7N8UuZWuu%2BN5GLFjwmMUUlwLGCRZzoyeApbKYWuv4XIbfTLYbwfgC6idlgaYk7r8OwsN09REoe19goSwYl4mW5vU10PuG9k8BhLDEyODOr%2BlG7HMZWOGhaVCEcLLQ0kCofF7jxA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
style.css
yt1s.skin/statics/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yt1s.skin/statics/css/style.css?v=2.2
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8232acc51a9607e02a385bcc27175f91c37f8facb789dbfe931a9760ff1dc51d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8025
cf-polished
origSize=19173
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Oct 2022 13:16:36 GMT
server
cloudflare
etag
W/"63569034-4ae5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqTv9iGguMQme5by7N2Ss0AB9uyYOxMGP9WThxNCj3Z7nLCjj%2BuLRuNmVmhFvhBHMq0pJUjSTjLsLQriEyWCp54pR5s8%2BndfDaTIEIgoTHDifPVVmjoSMtEBXUhAccQ83SIVP1PZfEE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
80579f59cf7d0c75-AMS
expires
Tue, 12 Sep 2023 20:42:26 GMT
clock.svg
yt1s.skin/statics/image/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/clock.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1185
etag
W/"60d87e0a-15b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbk985H%2Fja5gS937vtW6iPXYC2O%2F9Um62IGJnHNng%2Fsc8RtFN0nbaTSQ7KpgaEPxSA2OpoghvYSrc5b2YhKbd%2FaKo83N4fPko52y%2FQh6jVgDD0GYqtBZXGn%2FTYhbKcII3GVvctvYU%2F0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f59cf7e0c75-AMS
alt-svc
h3=":443"; ma=86400
limit.svg
yt1s.skin/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/limit.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1185
etag
W/"60d87e0a-985"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmK465c5C7O8AddFF7wqXGr6Fd51p0wRG%2Bu3INnrqlPhItO1Y0cMht1VifzvSDkldQPpOrfywjVEsjmMi2FhqNFpf8E96kzyQH5UgtdrNh1R%2Bo9pyFcDCyl%2BNmoTJlRNcIxhgsT71HU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a0fa70c75-AMS
alt-svc
h3=":443"; ma=86400
safe.svg
yt1s.skin/statics/image/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/safe.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1184
etag
W/"60d87e0a-ad0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VblQYf1ZUGWF3Z9ShgPQVfDJRNBoX%2F7DKfNUIQL5LVV7E%2F44O4AvgokOsIf%2FOdzeR5Jxo2qPW%2FOb4JWHPsz%2Budy92%2Fab%2B6JTEYWanAwA%2BprLDzgLw8nH6znti0oTw1CKYWDk2BQY5Do%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a0fa90c75-AMS
alt-svc
h3=":443"; ma=86400
platform.svg
yt1s.skin/statics/image/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/platform.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5336
etag
W/"60d87e0a-3762"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2FsHc3q%2FhRumcBK50XQZMFNkLVG1D4xvUXIqGUjZSL%2BWtq55VclJ93fpr3bVlCVIzAdaDS4IZTgMfvB1x7gGo9owTB2GNvsPxUQLEcb4qVhfUOQ%2FaYL2KnfqadWj8iQBSeFv9DeC9eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2eaf1c88-AMS
alt-svc
h3=":443"; ma=86400
support.svg
yt1s.skin/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/support.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5336
etag
W/"60d87e0a-7cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWasJXfYr%2BUhnlepZ1tbrbFNel6OmEuLLbAg71KS8jVfiQD7f%2F5RKBMXELYWcwZCXDZrbhxt2w4HrLeGk%2B86jEN18ijmN%2BZxNCE1dln3kWt4J3PqT2v8ooeFaDq7LFevTDXrjkBn%2FkY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2eb51c88-AMS
alt-svc
h3=":443"; ma=86400
cloud.svg
yt1s.skin/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/cloud.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5C4gAVaKYhVuVDEhNZj83PUCc0Pwm%2Fi797Djl%2FH%2ByhSFX%2BZDdLK0ugrYQONvyxEWOiTwWxvHCuP4ZxkrwOrfxktlWzqhAS9%2Bj7TVusyvaWsC0hnaafcLMvO%2BCbaY7xXk%2BNu6IGi36w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2eb91c88-AMS
alt-svc
h3=":443"; ma=86400
icon1.svg
yt1s.skin/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/icon1.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-16ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAohAw80%2F1pmH8zj5aXBnYkMgQtyLBT2KqZgh7yMfowb58SP8Qa0uf4xOJ3KIAoQlcVVAjc%2FawKlNoR5ppzn6MQ7CYFFhI%2ByLfRbTPaB8a0Nfg41YOaglQHntSEsISIHCeSUJzQ%2Bzv0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2ebc1c88-AMS
alt-svc
h3=":443"; ma=86400
icon2.svg
yt1s.skin/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/icon2.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-19a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ydVwPpcMUYebnEgM7J%2BfLwfK368prAgJupMPN%2FRBET11wIIZChFDJqCwFwfSFk%2BjqJ2ohfPFpQiqkiXvoeT2hTOq7e1VlT6jaPfKQe8cEgCey6mEckxbZYiYszsS%2Fy%2BkkCxsnZ7yp8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2ebf1c88-AMS
alt-svc
h3=":443"; ma=86400
icon3.svg
yt1s.skin/statics/image/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/icon3.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-1b30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FKI0%2B2ku4ezgarjRmu625zS%2BCVwHYhnSRm0o5xzTzimRo15tXSdpBA6pfKBvvkwbBkJkN4GHP%2FR247VHhn0Vo%2F4LkDs%2F%2B4qrGGuf%2BVMZIMSwctK1HD7%2FWwSmWD9cBgldkgDrRK93EY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2ec11c88-AMS
alt-svc
h3=":443"; ma=86400
icon4.svg
yt1s.skin/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/icon4.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-19f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsVxDX02TWrk%2BtMwgi5FMwYyaijN3eBA99R5etU8V6cVsvALsFYDIIoB%2BG8rNtVXi7cBm%2BvjOd6DB8nV4YKtASPSYKbb%2B4wK0lZsTzeo9WrtXKlj92PoP%2FgXJ%2FhZCLwn9Y3vgLWZEFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2ec31c88-AMS
alt-svc
h3=":443"; ma=86400
icon5.svg
yt1s.skin/statics/image/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt1s.skin/statics/image/icon5.svg
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 27 Jun 2021 13:32:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5335
etag
W/"60d87e0a-15e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzfCo1RSyM7MJ8n2KIBqlisskBaD8ylKKnIp4KWgwu%2FFd2t0%2BYmAnIs%2FyM6ZJ%2Fdf7r3IEuh8bkoHk3My4h1aDOZoO5KQFm912IAUEAkp915Nx%2BXkFuxmrN%2FvKD6SckWIkLVPcDTcZtM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
80579f5a2ec41c88-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
yt1s.skin/statics/js/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yt1s.skin/statics/js/jquery.min.js?1694516171
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
973c19bbaaa69428773410bb687e2af1b6ada9a3191dbafa6698e71b280b3f4a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/enj1kpo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 09 Jun 2023 19:25:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64837ca6-19164"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCiX%2B32s4oruGziNmdlfSUCrSiiQgRfQbJYtbsTzW0REsn16e86VOV1GP7V4rQ8fZey6bYuopwvg8Nw9MnEfXElFUaqkif6al9Fs%2FyCy9oUlXGXs7uHj3RhYuGqPgZsHipn5qxD6Ujg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
80579f5a2ec61c88-AMS
alt-svc
h3=":443"; ma=86400
expires
Tue, 12 Sep 2023 22:56:11 GMT
tag.js
mc.yandex.ru/metrika/ 		202 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Sep 2023 11:49:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64f98ea1-11420"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
70688
expires
Tue, 12 Sep 2023 11:56:12 GMT
tag.min.js
inklinkor.com/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inklinkor.com/tag.min.js
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:5b3f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c7ffff003f51d9b82e0132a6eb03e0b2c676048ed8c23e96df5c62e413be6a3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6569
alt-svc
h3=":443"; ma=86400
x-trace-id
441e6e925ec8f18d7780a13706ee0175
pragma
no-cache
last-modified
Mon, 11 Sep 2023 11:42:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
server
cloudflare
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1AQ0LL2WVkWVy%2Bgji2b9mxW%2FQXlSeuNeRqKo03731ymGV%2BYyZm%2Ft8%2BNLV13XgkPC55i2mi6WPx4kETYVnAdBDuy0nGOVbqtTWJIrbPUSOfe2Bx7jfmim79JpMuN3OsXeH0BI2Pr7ZDW91YWM"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
cf-ray
80579f5a99bd0e80-AMS
expires
Wed, 13 Sep 2023 09:06:42 GMT
/
dubzenom.com/5/6009929/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dubzenom.com/5/6009929/?oo=1&js_build=iclick-v1.599.0
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
698afbfd1215c0d829e4862a1fd30d1f880e0005f5d2dccb0969957a61add5a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
content-encoding
gzip
x-trace-id
3f8116400e48f0fc2f3d8d2e804c0fb8
pragma
no-cache, no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://yt1s.skin
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
link
<https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=ca0410ea3b2844a482125d4506787dc9
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
90e927fab9fbf07642b6445e3dfe4017b9ef2d0cac50aa928fed6fac46c76c22
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yt1s.skin
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10124.8isddley2R8mDfP5WBVB4K2iBct0QwRpeSgxSgwASj1UeA9KmxruGFLY87EkqcPR.72QXAvaxRKDbGzN8wu_PBmqAtok%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10124.F4HjhjTRqbG88ncmadOUsxMPmit4W9OmiHE-xDH68o03DYpSpNR402fGYDqbKnuKQmmedgzGG8VGmEwdc8Rg1z6Paht7fyTXBCstOWpLil4%2C.JNae7WOXmQc5pgWUeaxWH9tf2XU%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10124.F4HjhjTRqbG88ncmadOUsxMPmit4W9OmiHE-xDH68o03DYpSpNR402fGYDqbKnuKQmmedgzGG8VGmEwdc8Rg1z6Paht7fyTXBCstOWpLil4%2C.JNae7WOXmQc5pgWUeaxWH9tf2XU%2C
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10124.F4HjhjTRqbG88ncmadOUsxMPmit4W9OmiHE-xDH68o03DYpSpNR402fGYDqbKnuKQmmedgzGG8VGmEwdc8Rg1z6Paht7fyTXBCstOWpLil4%2C.JNae7WOXmQc5pgWUeaxWH9tf2XU%2C
date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 07 Sep 2023 11:49:37 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"64f98ea1-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 12 Sep 2023 11:56:12 GMT
/
dubzenom.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://dubzenom.com/?rb=FOFKmeJnF0PYW9SBK9AyInon19r7XzfpIT9d8t-HuTuRr256LlnOgM_UBY1A1QA-fz4xqU0qd1prqgqt8Zocsi6-ZThJVuySetfCGIIKA4zrdlCcyRG2aWfD9pzInyFvIlDIlSQazeMlq4J3TPN5P6Vbn61Mdc_2cxrxJHbLecJLmvRfrNp7hCH-kOhrSdV-FCqSWKqzEI4zDp_KRtb33-kmrT1VQSSYiwRgzOsTmVViqC5by5CBOBEC8cmlSb_l6HX_meid8QyoMwM4zAUfnQ%3D%3D&request_ab2=0&zoneid=6009929&js_build=iclick-v1.599.0&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wih=1200&wiw=1600&wfc=0&pl=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=Intel%20Iris%20OpenGL%20Engine&js_build=iclick-v1.599.0&bs=99badeb0-838e-4052-8555-a497e4597a31&userId=ca0410ea3b2844a482125d4506787dc9&m=link
Requested by
Host: inklinkor.com
URL: https://inklinkor.com/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.245 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
1b73b8b06c949073f066fdd4dc038de714d637d557e5fb2c8431359f98a5961d
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
13ed15c377d9dc80fc2325c9c3db41ee
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-max-age
86400
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://yt1s.skin
cache-control
no-transform, no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
expires
Tue, 11 Jan 1994 10:00:00 GMT
1
mc.yandex.com/watch/94315107/
Redirect Chain
  • https://mc.yandex.com/watch/94315107?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3Aut...
  • https://mc.yandex.com/watch/94315107/1?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3A...
435 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/94315107/1?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1402479401576%3Ahid%3A265722578%3Az%3A120%3Ai%3A20230912125612%3Aet%3A1694516172%3Ac%3A1%3Arn%3A323354577%3Arqn%3A1%3Au%3A1694516172868714172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C59%2C71%2C1%2C%2C0%2C%2C66%2C0%2C%2C%2C%2C198%3Aco%3A0%3Acpf%3A1%3Ans%3A1694516171648%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694516172%3At%3AYoutube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader%20%7C%20Yt1s&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
d3b8d6398aee272504d133a24630b4a370fa8b5d9d11301cbb8dfdd5c76a302c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Tue, 12-Sep-2023 10:56:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yt1s.skin
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
435
x-xss-protection
1; mode=block
expires
Tue, 12-Sep-2023 10:56:12 GMT

Redirect headers

pragma
no-cache
date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12-Sep-2023 10:56:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/94315107/1?wmode=7&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Afp%3A242%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1111%3Acn%3A1%3Adp%3A0%3Als%3A1402479401576%3Ahid%3A265722578%3Az%3A120%3Ai%3A20230912125612%3Aet%3A1694516172%3Ac%3A1%3Arn%3A323354577%3Arqn%3A1%3Au%3A1694516172868714172%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C59%2C71%2C1%2C%2C0%2C%2C66%2C0%2C%2C%2C%2C198%3Aco%3A0%3Acpf%3A1%3Ans%3A1694516171648%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1694516172%3At%3AYoutube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader%20%7C%20Yt1s&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29&redirnss=1
access-control-allow-origin
https://yt1s.skin
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 12-Sep-2023 10:56:12 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10124.Thx9IN-2IMtvJ8vdPQ5CT83c5weUtllqtV4BbcZkL0q1DyoFutzuw7DP5Edc_-BS.Tmpy3fsxyP9XJiIqcsO_bNOHIa4%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10124.j1ik9Do_R7gzN2CCKXn0nuxUAj6jE6-cSPSajI-9WEaG_K6h11FqBCUamtV4y3N6djZk-OFWzsLAgzOFd3LmLF5ZVOXC58Zx48nk2y_Tkkk%2C.SimOw67uE6hKuNZ92...
43 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10124.j1ik9Do_R7gzN2CCKXn0nuxUAj6jE6-cSPSajI-9WEaG_K6h11FqBCUamtV4y3N6djZk-OFWzsLAgzOFd3LmLF5ZVOXC58Zx48nk2y_Tkkk%2C.SimOw67uE6hKuNZ92ztxzIR2n70%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10124.j1ik9Do_R7gzN2CCKXn0nuxUAj6jE6-cSPSajI-9WEaG_K6h11FqBCUamtV4y3N6djZk-OFWzsLAgzOFd3LmLF5ZVOXC58Zx48nk2y_Tkkk%2C.SimOw67uE6hKuNZ92ztxzIR2n70%2C
date
Tue, 12 Sep 2023 10:56:12 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
sharethis.js
platform-api.sharethis.com/js/ 		203 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: yt1s.skin
URL: https://yt1s.skin/enj1kpo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-34.fra60.r.cloudfront.net
Software
/
Resource Hash
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:49:07 GMT
content-encoding
gzip
via
1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P3
age
426
etag
W/"32bd5-ML7JuoX3RQAdwjY+/7SzPPb0+Vo"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
YA93EROgdWLMV3LpjSJ3_x1dUs2km4wZgVPD2TkHk69eoKM78OcF5w==
30.png
widgets.amung.us/small/00/
Redirect Chain
  • https://whos.amung.us/swidget/yt1ssnet
  • https://widgets.amung.us/small/00/30.png
317 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/small/00/30.png
Protocol
H2
Server
2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0283889fe286220713788817189283f3901bf83a2731bd78b8a9c676d8b9cc66

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:14 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:48:29 GMT
server
cloudflare
age
2325751
etag
"4c14a96d-13d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
80579f689e3bb7b4-AMS
content-length
317
expires
Thu, 17 Aug 2023 12:53:43 GMT

Redirect headers

location
https://widgets.amung.us/small/00/30.png
date
Tue, 12 Sep 2023 10:56:14 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
80579f672cd1b7b4-AMS
content-type
text/html; charset=UTF-8
5c8abf84200ac0001700c04e.js
buttons-config.sharethis.com/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5c8abf84200ac0001700c04e.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f200:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e720e223a5b40eb08c9e6e5546ef71b765c5c008c769231ce1f8aaf129a08295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:55:56 GMT
content-encoding
gzip
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Sat, 03 Jun 2023 14:25:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
18
x-amz-server-side-encryption
AES256
etag
W/"9f22ce5f3f9efb0def6863eee2eb94ab"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=60
x-amz-cf-id
h2pG3_HS0MMsMOyFJgVN_WJlF6UOdxveyhx7520S2UJB9hkZ-7DwEA==
pview
l.sharethis.com/ 		0
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&hostname=yt1s.skin&location=%2Fenj1kpo&product=inline-share-buttons&url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Youtube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader%20%7C%20Yt1s&cms=unknown&publisher=5c8abf84200ac0001700c04e&sop=true&version=st_sop.js&lang=en&description=Convert%20and%20download%20Youtube%20videos%20to%20MP3%2C%20MP4%2C%203GP%20for%20free%20with%20our%20Youtube%20Downloader.%20The%20downloading%20is%20very%20quick%20and%20simple%2C%20just%20wait%20a%20few%20seconds%20for%20the%20file%20to%20be%20ready%20on%20your%20device.&ua=&ua_mobile=false&ua_full_version_list=
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.65.224.49 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-65-224-49.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date
Tue, 12 Sep 2023 10:56:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://yt1s.skin
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
get_counts
count-server.sharethis.com/v2.0/ 		275 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-81.fra60.r.cloudfront.net
Software
/
Resource Hash
900fd87132a251c6fab14568b2fee0d7af6d3caa1abe3dd1245e3fe23a559d86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:56:14 GMT
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA60-P1
age
191
etag
977ec41781de588a4e3de8e15a0c195d
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=900
content-length
275
apigw-requestid
LIuqjjhkIAMEJxA=
x-amz-cf-id
dw_bxz6FVXDWSO-5oo-X7d1njVMlpkLhZAejH12M29ms7ZxzEbN7ag==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
816 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 10:16:04 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
AMS58-P1
age
1557611
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
372
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
etag
"a5aa43fa302867d3e888ac2f69b7b288"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
lHMc3U7usKE29b6eyHVAwqhe3HWDxT0VGFwv9kblSwC-_Z3dstGYzQ==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 06:38:55 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
2002640
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
d5nKxw7-ofidDUC5UV9tEbmwnC_VmWz1p_EI30K3kmXOPp_bcAtJUw==
skype.svg
platform-cdn.sharethis.com/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/skype.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b69939c41abddbdc9d22db67942f31cf93466284be6024b7b98b789f5caffb58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 18:16:00 GMT
content-encoding
gzip
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1356015
etag
W/"3ad64213faff48f430c034efaff27544"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
6MC2x5LsmeIGqnkVf3Yyl0E1lf_XRrkYVfmIoYMjMNz3yk_tKFgj-A==
telegram.svg
platform-cdn.sharethis.com/img/ 		858 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/telegram.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 10:55:54 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 12 Aug 2022 01:07:51 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
26
x-amz-server-side-encryption
AES256
etag
"e3f5e90fa57764cd951db1b1bc688edd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
accept-ranges
bytes
content-length
858
x-amz-cf-id
ljc_oZn7TlH1D4hHm8kG6UBN6aUOD78bhcExexeLS_is1aRVTDC1Bg==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 16:46:28 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1188586
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301
x-amz-cf-id
EuCUJbn0mqrPQsn5vrNpTdWAJZhhs05IVNDiiEaRcu05kuRbVH4cFA==
twitter.svg
platform-cdn.sharethis.com/img/ 		731 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/twitter.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 03:54:52 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1580483
etag
"0af2fb38987598376c99e21af17ade45"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
731
x-amz-cf-id
fL5kOUEYbzNefTydPfFfL0BNe0JqRn54VAfMofRBp7GCHMpiPGPodg==
sharethis.svg
platform-cdn.sharethis.com/img/ 		514 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/sharethis.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Tue, 29 Aug 2023 12:15:47 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1204828
etag
"deecdaa377907db5cc1722fc831670a1"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
514
x-amz-cf-id
-uOus5_AWkdq1YZx6zD23dC_50pKPOCv8xZSbVruYtWcZR2PjmQ3lQ==
linkedin.svg
platform-cdn.sharethis.com/img/ 		456 B
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/linkedin.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:46:02 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
2218213
etag
"fa43b4ede18498b114fc7185993f6da7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
456
x-amz-cf-id
JIa52DUyn1ICaDu8YEr4vPQCGcJ-OFiScXt2gLEKgAoylIOm7FC-Zw==
odnoklassniki.svg
platform-cdn.sharethis.com/img/ 		808 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/odnoklassniki.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9815fd90529b64be433499fdf1d1ba06aa1d1ec31ed86ef7a50641568350fda5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 10:17:35 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1298320
etag
"818d25af149279ba62acf8856a46772d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
808
x-amz-cf-id
kYoPLROLq5tT62NvKUCqyr9dXgbieJ27e8aCwx91F8bn8LLqdwPiUg==
reddit.svg
platform-cdn.sharethis.com/img/ 		910 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/reddit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Thu, 24 Aug 2023 21:42:10 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1602845
etag
"78d796ca648d8a5e665b48ed0217c56a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
910
x-amz-cf-id
IVCQANqyHzH54GZSfW9LBoE3fkCM7Ikh3mXiVuZVwbSV063aU1ESvw==
vk.svg
platform-cdn.sharethis.com/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/vk.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 00:09:35 GMT
content-encoding
gzip
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
2026000
etag
W/"f238e4028c98d372f31a02eebee35a6f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
gsWgb3Ml05_TfJf2BD7d3bAKX-mP-XJ091Z1WSzqDXcbmX6VOzGgag==
douban.svg
platform-cdn.sharethis.com/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/douban.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c362d80a2fced75576d3b3c1302d8bf5ae5c94f74071475241b955be87282aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 22:03:52 GMT
content-encoding
gzip
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1515143
etag
W/"f34a5017fe387e8495e067ba865b84d9"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
x-amz-cf-id
spuxinb4QbLDcXljGGr42_NWWPW3Vh-UtcY-rSrWDOqHDcSJ5nHTXQ==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 02:36:41 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1412374
etag
"b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
565
x-amz-cf-id
bOzYigleMDwjF6qmsKnY9guvEfJ10XqgjKpewPWlnfk0aEYMYpnkrA==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2090:0:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://yt1s.skin/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 09:16:40 GMT
via
1.1 95ff0d830848b741160e24f658d880e8.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
1561175
etag
"9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
565
x-amz-cf-id
1Qom8QGr2sqSrj7HYmIlz_TI5pSQQGFG3U5x9vchNFoc5TNzuiyoNg==
94315107
mc.yandex.com/webvisor/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94315107?wv-part=1&wmode=0&wv-hit=265722578&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&rn=673672799&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1694516175%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912125615%3Au%3A1694516172868714172%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694516175&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yt1s.skin/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 10:56:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12-Sep-2023 10:56:15 GMT
content-type
image/gif
access-control-allow-origin
https://yt1s.skin
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Sep-2023 10:56:15 GMT
94315107
mc.yandex.com/webvisor/ 		43 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94315107?wv-part=1&wmode=0&wv-hit=265722578&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&rn=442972856&wv-type=3&browser-info=we%3A1%3Aet%3A1694516176%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912125615%3Au%3A1694516172868714172%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694516176&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yt1s.skin/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 10:56:15 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12-Sep-2023 10:56:15 GMT
content-type
image/gif
access-control-allow-origin
https://yt1s.skin
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Sep-2023 10:56:15 GMT
94315107
mc.yandex.com/webvisor/ 		43 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/94315107?wv-part=2&wmode=0&wv-hit=265722578&page-url=https%3A%2F%2Fyt1s.skin%2Fenj1kpo&rn=1061778678&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1694516177%3Aw%3A1600x1200%3Av%3A1111%3Az%3A120%3Ai%3A20230912125617%3Au%3A1694516172868714172%3Avf%3A3qm6qq812ez2u52y4wzrnbv%3Ast%3A1694516177&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yt1s.skin/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 12 Sep 2023 10:56:17 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 12-Sep-2023 10:56:17 GMT
content-type
image/gif
access-control-allow-origin
https://yt1s.skin
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 12-Sep-2023 10:56:17 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| ym string| c_url_tmp string| yt_tmp string| k_url_next string| k_url_check_task string| k_url_convert string| k_url_search string| txt_processing string| txt_download string| k_page boolean| k_is_mini function| addWhosImage function| k_parseDuration function| matchYoutubeUrl function| KHtmlEncode function| fancyTimeFormat function| renderFail function| renderListVideo function| convertSuccess function| convertFailed function| checkTask function| convertFile function| randomIntFromInterval function| renderDetail function| selectFileQuality function| renderFacebook function| renderSelectQuality function| ksearchvideo boolean| da_load_qc function| load_qc function| parse_query_string function| $ function| jQuery object| zfgstorage object| 84o8kwi7vpa object| zfgformats function| onClickTrigger boolean| zfgloadedpopup boolean| zfgonclickfirst object| syncCallbacks object| Ya object| yaCounter94315107 object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| ua_fields

17 Cookies

Domain/Path Name / Value
dubzenom.com/ Name: OAID
Value: ca0410ea3b2844a482125d4506787dc9
dubzenom.com/ Name: oaidts
Value: 1694516172
.yt1s.skin/ Name: _ym_uid
Value: 1694516172868714172
.yt1s.skin/ Name: _ym_d
Value: 1694516172
my.rtmark.net/ Name: ID
Value: ca0410ea3b2844a482125d4506787dc9
yt1s.skin/ Name: prefetchAd_6009929
Value: true
dubzenom.com/ Name: syncedCookie
Value: true
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3214765115fake
.yt1s.skin/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 177610577fake
mc.yandex.com/ Name: yabs-sid
Value: 414722141694516172
.yandex.com/ Name: i
Value: GbUJtTdsLTsxEyUjT/X/Oh4mY1jVNqyyoQeiHCct/wHiqr5H8pWRgMIqdCl7DrB/mLQWrfHptlzpvY3EXL9n0XAyoDQ=
.yandex.com/ Name: yandexuid
Value: 827753321694516172
.yandex.com/ Name: yuidss
Value: 827753321694516172
.yandex.com/ Name: ymex
Value: 1726052172.yrts.1694516172#1726052172.yrtsi.1694516172
.yandex.com/ Name: bh
Value: KgI/MA==
.yt1s.skin/ Name: _ym_visorc
Value: w

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

buttons-config.sharethis.com
count-server.sharethis.com
dubzenom.com
inklinkor.com
l.sharethis.com
mc.yandex.com
mc.yandex.ru
my.rtmark.net
platform-api.sharethis.com
platform-cdn.sharethis.com
whos.amung.us
widgets.amung.us
yt1s.skin
13.32.121.81
13.32.99.34
139.45.195.8
139.45.197.245
2600:9000:2090:0:1d:85c3:6640:93a1
2600:9000:20eb:f200:c:abe:f440:93a1
2606:4700:10::ac43:88d
2606:4700:3037::6815:5b3f
2a02:6b8::1:119
2a06:98c1:3121::3
3.65.224.49
0283889fe286220713788817189283f3901bf83a2731bd78b8a9c676d8b9cc66
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382
03e42b95e9049816d901eabbe2a2247deda61a85972e3a50e3c8274e6c5fe39b
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7
1b73b8b06c949073f066fdd4dc038de714d637d557e5fb2c8431359f98a5961d
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
2c7ffff003f51d9b82e0132a6eb03e0b2c676048ed8c23e96df5c62e413be6a3
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
698afbfd1215c0d829e4862a1fd30d1f880e0005f5d2dccb0969957a61add5a5
6c362d80a2fced75576d3b3c1302d8bf5ae5c94f74071475241b955be87282aa
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4
8232acc51a9607e02a385bcc27175f91c37f8facb789dbfe931a9760ff1dc51d
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8ef80b9484ec57f96a4cfe363afe777cb54dd1deda8aae48c7394b8335bca048
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053
900fd87132a251c6fab14568b2fee0d7af6d3caa1abe3dd1245e3fe23a559d86
90e927fab9fbf07642b6445e3dfe4017b9ef2d0cac50aa928fed6fac46c76c22
910054800dc617e576fd8b8775ec1a93a66d00f3ba01e930b34d0aa272cb8420
92d967aa9f47d13c45fa328edf25255a86f1b4cabf5673a516166a274da4c235
973c19bbaaa69428773410bb687e2af1b6ada9a3191dbafa6698e71b280b3f4a
9815fd90529b64be433499fdf1d1ba06aa1d1ec31ed86ef7a50641568350fda5
9a83c65bdd0ff9488af9d25720686457ea7295c9c44f9f1d285a0c9ec89bab99
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae
b69939c41abddbdc9d22db67942f31cf93466284be6024b7b98b789f5caffb58
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a
cb8c2b19fd9b56c41db14bd71b5c0616c1ba4e99b08c8e75084cf695f74b7120
cb9c4209cb9614d749efa807c0f454fc51136f7d5914ca629945cadad984edf7
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd
d3b8d6398aee272504d133a24630b4a370fa8b5d9d11301cbb8dfdd5c76a302c
dadbb59b37bfea4c78c6e15c8cbb96dfba84526e43a0767dc244fd062a841aba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e720e223a5b40eb08c9e6e5546ef71b765c5c008c769231ce1f8aaf129a08295