urlscan.io logo urlscan.io
SecurityTrails logo

www.yt1s.com Open in urlscan Pro
2606:4700:20::681a:a33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://yt1s.com/en520
Effective URL: https://www.yt1s.com/en2aef
Submission Tags: falconsandbox
Submission: On April 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:20::681a:a33, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yt1s.com. The Cisco Umbrella rank of the primary domain is 701717.
TLS certificate: Issued by E1 on March 25th 2024. Valid for: 3 months.
This is the only time www.yt1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 18 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:48:1... 8075 (MICROSOFT...)
4 139.45.197.236 9002 (RETN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 139.45.195.8 9002 (RETN-AS)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 20.120.65.166 8075 (MICROSOFT...)
1 104.21.17.211 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 139.45.195.254 9002 (RETN-AS)
33 12
18    2606:4700:20::681a:a33 (United States)

ASN13335 (CLOUDFLARENET, US)
yt1s.com
www.yt1s.com
2    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2620:1ec:48:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
besmeargleor.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    20.120.65.166 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
l.clarity.ms
1    104.21.17.211 (None, )

ASN13335 (CLOUDFLARENET, US)
bytogeticr.com
1    2606:4700:3036::ac43:c134 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
Apex Domain
Subdomains		 Transfer
18 yt1s.com
yt1s.com — Cisco Umbrella Rank: 420509
www.yt1s.com — Cisco Umbrella Rank: 701717
77 KB
5 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 747
c.clarity.ms — Cisco Umbrella Rank: 1371
l.clarity.ms — Cisco Umbrella Rank: 5868
28 KB
4 besmeargleor.com
besmeargleor.com — Cisco Umbrella Rank: 154420
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
region1.google-analytics.com — Cisco Umbrella Rank: 2404
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
158 KB
1 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 24123
482 B
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 24616
8 KB
1 bytogeticr.com
bytogeticr.com — Cisco Umbrella Rank: 60015
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
766 B
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 11881
543 B
33 10
Domain Requested by
17 www.yt1s.com 1 redirects www.yt1s.com
4 besmeargleor.com www.yt1s.com
besmeargleor.com
2 c.clarity.ms 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.clarity.ms www.yt1s.com
www.clarity.ms
2 www.googletagmanager.com www.yt1s.com
www.googletagmanager.com
1 fleraprt.com tzegilo.com
1 tzegilo.com besmeargleor.com
1 bytogeticr.com besmeargleor.com
1 l.clarity.ms www.clarity.ms
1 c.bing.com 1 redirects
1 my.rtmark.net besmeargleor.com
1 region1.google-analytics.com www.googletagmanager.com
1 yt1s.com 1 redirects
33 14

This site contains no links.

Subject Issuer Validity Valid
yt1s.com
E1		 2024-03-25 -
2024-06-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
besmeargleor.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh
rtmark.net
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
bytogeticr.com
GTS CA 1P5		 2024-04-06 -
2024-07-05		 3 months crt.sh
tzegilo.com
GTS CA 1P5		 2024-03-30 -
2024-06-28		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.yt1s.com/en2aef
Frame ID: 34AAC81F9FD42AFB8358C2E1718E25B3
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Youtube Downloader - Online Youtube Video Downloader

Page URL History Show full URLs

  1. https://yt1s.com/en520 HTTP 301
    https://www.yt1s.com/en520 HTTP 301
    https://www.yt1s.com/en2aef Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

54 %
IPv6

10
Domains

14
Subdomains

12
IPs

5
Countries

325 kB
Transfer

846 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://yt1s.com/en520 HTTP 301
    https://www.yt1s.com/en520 HTTP 301
    https://www.yt1s.com/en2aef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&RedC=c.clarity.ms&MXFR=1101ACAAEC0060470C53B8CFE8006EB2 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&MUID=1E9373026644638503EE676767CF62DD

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en2aef
www.yt1s.com/
Redirect Chain
  • https://yt1s.com/en520
  • https://www.yt1s.com/en520
  • https://www.yt1s.com/en2aef
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f4c9c6182052edd0504706b079730e02be80c02647409229a797fadd9077b9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8762be5fcd7c4d25-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 06:54:27 GMT
link
<https://www.yt1s.com/en2aef>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GYiaGXlcCaE3XC%2FmfQ%2Birag8tKrAky3R1%2FCQAs3Y3INJAWcpAQRcedrqqcurNC56%2B7IlnOdK8IJlUWhEjbvpnybjkh%2BXscT48vWRxIA9KqiDwiHxmC%2F8njfzCsx1DDkJLxRqDtlZjppJjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
8762be5f8d384d25-FRA
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 06:54:27 GMT
link
<https://www.yt1s.com/en2aef>; rel="canonical"
location
https://www.yt1s.com/en2aef
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=skv3%2BMT4eZs4qu55MnJB5IHo9IWAt0aHlPl1DKUMumpKycYmEA1SAJv2%2FTCJMH8vn8kGMvJVERDSnFZk2E2Xhu0Qm%2Bz5jPgsaMiVunb1ffXdboZAMSgLd%2Bhn82ord50lSCxeIIJc15F7Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
www.yt1s.com/statics/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/css/style.css?v=2.24
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181e78c1822045364f2244290111fa5e426ac9cd6166409561739bda17f2802e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
221251
cf-polished
origSize=19947
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 18 Dec 2022 01:27:55 GMT
server
cloudflare
etag
W/"639e6c9b-4deb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mhqQ%2FvwDU3M6%2BtUMADyBv8VBw7Qe7OMKpMSOCn%2B6BcDg9Lp0A46522fteWAhywtdrg13Scghz%2BgmIYGldp%2F2ip%2F0ludDGArBFkTIucYCkcD0CYGXenUZPbFgHId1yIGQRXRvrMnib%2FckXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=604800
cf-ray
8762be601dc44d25-FRA
expires
Mon, 22 Apr 2024 17:26:56 GMT
clock.svg
www.yt1s.com/statics/image/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/clock.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 15:07:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
198790
etag
W/"5ee8e01e-15b7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qmmq0hjKu4g4cIbZUOt78KMPVDLBNZPRTiyk5dcsSBRPi2X6Q6cfMumTFcJphycPuBm%2FwEJfee6RBajzWNMWUbT%2FeXsZBcDWvG2ySXLzbsqKX8nkCiRi6BVL6Rr%2By2bGFdWNU4TxyJowgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be601dc74d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 23:41:17 GMT
limit.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/limit.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 15:08:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
211758
etag
W/"5ee8e058-985"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPxQIbFDS7FajTMjaYlZOf3mqsF%2F05HPVa8O3P%2FBAHjo8CdxxjEhdZKjFWrnyL8gucD5ihDe6piNucnsWUT5X139Djyjw%2FayEbZG8aib%2Fmcs4wnFd107bsIyEnshTq05WaYyJTpEhsPRhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be601dc84d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 20:05:09 GMT
safe.svg
www.yt1s.com/statics/image/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/safe.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 15:08:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
198790
etag
W/"5ee8e06c-ad0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uXSyzb4%2F7MYW4uvjadqozFmfbWBgM%2BoELpyPvUJ4048Lg6eHAZb3t3Djopb50sDRtF3KaOdFlnozxnm5LoX1BJI5TZYTtx63670IFqE8zh4xBHSG1BD%2BDCJ1Qyq96o%2B%2FKSOSitIKtxA4DA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be602ddb4d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 23:41:17 GMT
platform.svg
www.yt1s.com/statics/image/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/platform.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jun 2020 11:19:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221251
etag
W/"5eeb4dcc-3762"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0OHdfmTMiggs6vkrmt7SWLR32y3LCf9iKYnn%2BwaG1GMswBPxnQfjUDzVc2mWUsr1niFP8hr7m7C%2Bi4fbGih%2BzEs6CBXDt84jdE%2FAUd8%2FP4daVka4qikfC6nQMp2EqxJJ3mZxVxqauMiaYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be602de14d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 17:26:56 GMT
support.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/support.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jun 2020 11:20:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221251
etag
W/"5eeb4df4-7cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78cgs3jA3BVMnbphjnhYxbmgjTTaCMnooR8P6%2BzUKczUNne2zcXLkBUQm9OVpVsIlUur2Q3qytwKtBc82NOTXNaXx%2FIW0Rs2aL54gUx2%2FUnSvdc4d6GrnpkRm37BqG5QqcYJpGsSv03ccg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603de64d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 17:26:56 GMT
cloud.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/cloud.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 18 Jun 2020 11:20:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
210633
etag
W/"5eeb4e06-694"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PRFAOUx3qFot0uY%2FMbqpoxvqCFu%2Fz8bnXv4BhK5sPhiS9sRl9lBuE8yb9C1g3WKLBn9%2BmVqG1OpvDl3h0XU%2BcBBZQXuwI9rTkmYpPq4f70Zk38FYPOqx2KElwssZhgM2WX0IOMVuHo56zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603de94d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 20:23:54 GMT
icon1.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon1.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 16:14:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
216873
etag
W/"5ee8efde-16ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9svFISkE3EHwyRX06CxlXJDZ4JDq97H3yfsMoIq10ePvJ4%2BH6HqWMLWHUeTE5IaRZUpln2zlgXNG9CgFJpyHYDmwGQQBn0U3UHj%2Bu4LkTu5tCvFYt27uu6P9STev3e6VZ8jY%2FC4nNejYdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603dec4d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 18:39:54 GMT
icon2.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon2.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 16:14:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221250
etag
W/"5ee8eff4-19a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uFmWmlX4rskf4Sgrhp3KHNBUNO3BzYyA37o9CxxHdIFnCAIp%2FEQdtRAtDZL7iuq6IkyLoCb5MDIMoOezYCF%2BNa%2BpeIWBUmL2NWwqd8Kk7FdhnKV80fdGyw%2F3WLh1EnXcQo7zAb3%2FgTf9RQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603def4d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 17:26:57 GMT
icon3.svg
www.yt1s.com/statics/image/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon3.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 16:15:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221251
etag
W/"5ee8f008-1b30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2FMZU5aUqCLD2oTN%2F2Q%2BTFcRsehP1dTvgvEpyOTqNwSXLDsZXSSAGtm495nRfP%2FKQl%2BYIrUhk35%2BWML154zK4tQJKJ%2FkJXnGqNN8aLdttaFEiavkSU3m3vUQANA75PGstT0F%2Fg3si9AZZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603df24d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 17:26:56 GMT
icon4.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon4.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 16:15:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
211758
etag
W/"5ee8f020-19f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv0%2Fl9V2jFAndj%2FDpx3exsHyshfgPfisiUa0afMPugjWAzbdrAVj%2B8D1H2PcQYMWHl7ZRVR5pAytmceTN4Ev6XWoKegft2QxWfxGdl8CQI1IDzTKpCYooGf0TzD5wHKT%2B9GS7RboqvEkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603df64d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 20:05:09 GMT
icon5.svg
www.yt1s.com/statics/image/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon5.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 16 Jun 2020 16:15:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
211758
etag
W/"5ee8f03c-15e1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EijM8eO3sk%2BsET1efit2ed36hRtect32xkj7yV0gjHNuxhNRd6Cde%2F6p%2FtscnKs%2Fh2s1czs%2BFkjgYgGyvtZJHD2hN99arCsJW%2B770C52fUf2e45PuuwsDi0Bn5PK6tvLDW1%2FxYVUCMCDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=604800
cf-ray
8762be603dfb4d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 20:05:09 GMT
jquery.min.js
www.yt1s.com/statics/js/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/js/jquery.min.js?v=3.306
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af994fa4b87cf40730dcd22cf3f54be91f55d0610d9727fc9e7d2a80a614ccc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 05 Apr 2024 07:40:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
221250
etag
W/"660faafb-19036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrjUUjaNtC%2FCExZWo%2F3VzdmDkviK15F2sv3qE5cgdPwcEw1Y1bhURfFQ9K6WZn5d280yfM8WPKixisDAvuMrfvStmQErLpmg2WS8PhPuY6mNgLGJ%2BMv8pwCp4VdfO47co%2FsbhhXesbdOsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
8762be603dfe4d25-FRA
alt-svc
h3=":443"; ma=86400
expires
Mon, 22 Apr 2024 17:26:57 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
429b4e96e21a12d06a6a0c86323bee24163445c639877554f4418087a9debe1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73035
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 18 Apr 2024 06:54:27 GMT
lm9whpv4a7
www.clarity.ms/tag/ 		718 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/lm9whpv4a7
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e2e2d37f2d62793921ecdf92680dedbabb6637893af594d34c866c1db7bc38aa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 18 Apr 2024 06:54:28 GMT
x-azure-ref
20240418T065427Z-r1655cbfccfsdscsv7efcr6drs00000003q0000000003rep
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
718
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
7144516
besmeargleor.com/400/ 		79 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/400/7144516
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/statics/js/jquery.min.js?v=3.306
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
b573ad97252df02bf748b4c51b2eeee9e5cdb4c04858ac5261d63d861f1dd218
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
91c444c6b44045da610d23e63590a3db
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
js
www.googletagmanager.com/gtag/ 		243 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SHGNTSN7T4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
392098a40e3b91ae338865968d68fd517edd77164a4be2128919ae66902c3a9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88294
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 06:54:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Apr 2024 05:39:22 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
4506
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 18 Apr 2024 07:39:22 GMT
clarity.js
www.clarity.ms/s/0.7.31/ 		61 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.31/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/lm9whpv4a7
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:48:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
content-encoding
br
last-modified
Tue, 16 Apr 2024 12:25:01 GMT
etag
W/"0x8DC5E103CD38F71"
vary
Accept-Encoding
x-azure-ref
20240418T065428Z-r1655cbfccfsdscsv7efcr6drs00000003q0000000003rf3
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
b7645dd3-101e-0065-2d01-90809f000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
collect
region1.google-analytics.com/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-SHGNTSN7T4&gtm=45je44f0v9125056135za200&_p=1713423267876&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=889099102.1713423268&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1713423268&sct=1&seg=0&dl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&dt=Youtube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=464
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGNTSN7T4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:54:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yt1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=734728237&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&ul=de-de&de=UTF-8&dt=Youtube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1180111816&gjid=366171888&cid=889099102.1713423268&tid=UA-173445049-1&_gid=119520595.1713423268&_r=1&gtm=457e44f0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&jsscut=1&npa=1&z=537300833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:54:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.yt1s.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
7213fc3463f7465f22d69418ae1c3c1fb133651e14a83a881b385c26f8cfefbb
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.yt1s.com
access-control-expose-headers
Authorization
access-control-allow-credentials
true
timing-allow-origin
*, *
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length
65
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&RedC=c.clarity.ms&MXFR=1101ACAAEC0060470C53B8CFE8006EB2
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&MUID=1E9373026644638503EE676767CF62DD
42 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&MUID=1E9373026644638503EE676767CF62DD
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.yt1s.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:54:28 GMT
last-modified
Fri, 01 Mar 2024 22:54:48 GMT
server
Microsoft-IIS/10.0
etag
"3e26b762b6cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 18 Apr 2024 06:54:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7E386A0E106D4050B1FE803A57C8D78D Ref B: FRA31EDGE0514 Ref C: 2024-04-18T06:54:28Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FE7BCDDE69F64307B647763719F8D5DE&MUID=1E9373026644638503EE676767CF62DD
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.png
www.yt1s.com/statics/image/ 		360 B
920 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/image/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4f9cd0c8f0962c84476a785f4d8507224e4bcae288b9ca451fbea5906929df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39768
cf-polished
origFmt=png, origSize=899
content-disposition
inline; filename="favicon.webp"
alt-svc
h3=":443"; ma=86400
content-length
360
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Sep 2020 10:03:10 GMT
server
cloudflare
etag
"5f6b1d5e-383"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g3lqZQrlxmnnTZa5v4i1Z5AFbrhX%2B2D4S%2BocMxmlE2Sfv24vfWfFMT%2Fe47Urvi5YSpsr2zM%2B44MOnvQXdizGj1agqHh4HkQ%2BMM7SaaxnSJBJ3Crx%2FDeBeyYcH04Ib0ePRrzR4TNgdonc4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
8762be6228124d25-FRA
expires
Wed, 24 Apr 2024 19:51:40 GMT
favicon-32x32.png
www.yt1s.com/statics/image/ 		152 B
720 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/image/favicon-32x32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b5e97a159ac8e3acea03945c0c8186f83476e3e3fd77d4064f7497fda07ecb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/en2aef
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
549483
cf-polished
origFmt=png, origSize=320
content-disposition
inline; filename="favicon-32x32.webp"
alt-svc
h3=":443"; ma=86400
content-length
152
cf-bgj
imgq:85,h2pri
last-modified
Wed, 23 Sep 2020 10:04:08 GMT
server
cloudflare
etag
"5f6b1d98-140"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CrSgmiv5n2mb3vfgrgIrMzZYZS2L2Y9Ax%2F05yHtCuMHjQiyvvyZETf%2BjEkzQgyurVVrA4Aua7ZbDRBW0bsCcupDEsTfGYGmDwJi%2Bai%2BZ3Z%2FB%2BN%2BHX%2BvhOShcL259QeEh52tcjzCxtYypYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
8762be6248354d25-FRA
expires
Thu, 18 Apr 2024 22:16:25 GMT
7144516
besmeargleor.com/400/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/400/7144516?oo=1&oaid=9e2a6ac17f7940fb9788a70485486d03&sw_version=v1.335.0
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
176dabf0521a807f78fce77ff52635f18c5d85a374ab4bce9d362edf03bdcee4
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
content-encoding
gzip
x-trace-id
7a2471cb295e5fb7af6ab0eb5ee0ba5e
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.yt1s.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
collect
l.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.31/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.120.65.166 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.yt1s.com
Date
Thu, 18 Apr 2024 06:54:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
split_track
bytogeticr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.17.211 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fF5te%2Fg8M9CJ6IYh9%2FUU8Dzo7S13aofq2WBsoHkXCEUoFelzB8pRboKlv5Z4I1fMbs9aUEQx%2BdXXjzwJSmUSAG%2FLAhPye38nEzLZHRO8jt7UQ%2FbAIyxHnmhS4T1L4vJE4w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cf-ray
8762be62cb035d39-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-length
0
alt-svc
h3=":443"; ma=86400
stattag.js
tzegilo.com/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 06:54:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 07 Feb 2024 12:51:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2469
etag
W/"65c37cc1-4ac0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XqeIsdqgmf2Af%2FL286A0f%2BVY9FruVczJ1Z%2FkSC%2BG3fIkll4qCwykLlIuX5zPavPrsVnYaSwSxhZoBYVgUX4P9B0vPv8K8zOdxWeUTjoIWVfxXMyWs5R4FCQTfkgJ7BhzapPUj8Ilt4dBvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8762be62cf84973d-FRA
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
alt-svc
h3=":443"; ma=86400
add
fleraprt.com/log/ 		12 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=552fa88e-0140-4211-8132-87062723330f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 18 Apr 2024 06:54:28 GMT
Server
nginx/1.19.10
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.yt1s.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Content-Length
12
7144516
besmeargleor.com/500/ 		0
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/500/7144516?excludes=&oaid=9e2a6ac17f7940fb9788a70485486d03&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=1570&wy=1170&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&browser_version=124.0.6367.60&js_build=8&sw_version=v1.335.0
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://www.yt1s.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

x-trace-id
d88045b71629dc0e5805568828f4f4db
pragma
no-cache
date
Thu, 18 Apr 2024 06:54:28 GMT
strict-transport-security
max-age=1
x-content-type-options
nosniff
server
nginx
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
vary
Origin
access-control-allow-origin
https://www.yt1s.com
access-control-expose-headers
Link
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*, *
expires
Tue, 11 Jan 1994 10:00:00 GMT
7144516
besmeargleor.com/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/500/7144516?excludes=&oaid=9e2a6ac17f7940fb9788a70485486d03&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=1570&wy=1170&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=120&btz=Europe%2FBerlin&bto=-120&os=win32&os_version=10.0.0&browser_version=124.0.6367.60&js_build=8&sw_version=v1.335.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.yt1s.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.yt1s.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Thu, 18 Apr 2024 06:54:28 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity string| c_url_tmp string| k_url_next string| k_page boolean| k_is_mini string| yt_tmp string| k_url_check_task string| k_url_convert string| k_url_search string| txt_processing string| txt_download function| gtag object| dataLayer function| k_parseDuration function| matchYoutubeUrl function| KHtmlEncode function| fancyTimeFormat function| renderFail function| renderListVideo function| convertSuccess function| convertFailed function| checkTask function| convertFile function| randomIntFromInterval function| renderDetail function| selectFileQuality function| renderFacebook function| renderSelectQuality boolean| yt_busy function| ksearchvideo boolean| da_load_qc function| load_qc function| parse_query_string function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| zfgstorage object| 0gh0iihhk7o object| zfgformats object| webpushlogs object| syncCallbacks boolean| __lwkemfd9q__ object| __ds3dcV__ number| __qwe33wweq__

16 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 82440165c94047a3a87ae56202b799f2.20240418.20250418
.yt1s.com/ Name: _clck
Value: 6j7mbj%7C2%7Cfl1%7C0%7C1569
.yt1s.com/ Name: _ga_SHGNTSN7T4
Value: GS1.1.1713423268.1.0.1713423268.0.0.0
.yt1s.com/ Name: _ga
Value: GA1.2.889099102.1713423268
.yt1s.com/ Name: _gid
Value: GA1.2.119520595.1713423268
.yt1s.com/ Name: _gat_gtag_UA_173445049_1
Value: 1
my.rtmark.net/ Name: ID
Value: 9e2a6ac17f7940fb9788a70485486d03
besmeargleor.com/ Name: OAID
Value: 9e2a6ac17f7940fb9788a70485486d03
.bing.com/ Name: MUID
Value: 1E9373026644638503EE676767CF62DD
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1E9373026644638503EE676767CF62DD
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1E9373026644638503EE676767CF62DD
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.yt1s.com/ Name: _clsk
Value: xc6buq%7C1713423268531%7C1%7C1%7Cl.clarity.ms%2Fcollect

19 Console Messages

Source Level URL
Text
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.yt1s.com/en2aef
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

besmeargleor.com
bytogeticr.com
c.bing.com
c.clarity.ms
fleraprt.com
l.clarity.ms
my.rtmark.net
region1.google-analytics.com
tzegilo.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.yt1s.com
yt1s.com
104.21.17.211
139.45.195.254
139.45.195.8
139.45.197.236
20.120.65.166
2001:4860:4802:34::36
2606:4700:20::681a:a33
2606:4700:3036::ac43:c134
2620:1ec:48:1::45
2620:1ec:c11::237
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2008
68.219.88.97
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382
06f4c9c6182052edd0504706b079730e02be80c02647409229a797fadd9077b9
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7
176dabf0521a807f78fce77ff52635f18c5d85a374ab4bce9d362edf03bdcee4
181e78c1822045364f2244290111fa5e426ac9cd6166409561739bda17f2802e
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174
392098a40e3b91ae338865968d68fd517edd77164a4be2128919ae66902c3a9c
429b4e96e21a12d06a6a0c86323bee24163445c639877554f4418087a9debe1f
4af994fa4b87cf40730dcd22cf3f54be91f55d0610d9727fc9e7d2a80a614ccc
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7213fc3463f7465f22d69418ae1c3c1fb133651e14a83a881b385c26f8cfefbb
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae
af4f9cd0c8f0962c84476a785f4d8507224e4bcae288b9ca451fbea5906929df
b573ad97252df02bf748b4c51b2eeee9e5cdb4c04858ac5261d63d861f1dd218
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd
d6f3a8301ffa9a9aa6a748ccc535a559242cd73451bb4d236b7e72ff64123703
d71ea61938136a384e4c53c5a7a3c36e68fcc70a68bae691e270987d5d2eb11f
d9b5e97a159ac8e3acea03945c0c8186f83476e3e3fd77d4064f7497fda07ecb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2e2d37f2d62793921ecdf92680dedbabb6637893af594d34c866c1db7bc38aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7