u6lyxl0w.skin Open in urlscan Pro
104.21.64.1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request e8q2m0gss6x2 Show response u6lyxl0w.skin/e/	878 B 1 KB	640ms 475ms	Document text/html	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e41ab33031de68c317b0d1f1919ee1f15981e8ee41b36d939f96f4d921749495 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f309bd04cd3edee-LHR content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 16 Dec 2024 18:06:41 GMT expires Sun, 15 Dec 2024 18:06:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eh1YBNBFAH%2BR3yvqllZ9KLr3y6shlfO32mQ9L7OtwiDenS2OukxAMJWvxNl0W40cBOUuk2FZS4bgbSfTpGrTDU8j7Hf2oQEqfyz%2FubhkAKlzSidyCRZ9ELo6eENOi7%2Bi"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=9095&min_rtt=6231&rtt_var=8066&sent=7&recv=9&lost=0&retrans=1&sent_bytes=4375&recv_bytes=2299&delivery_rate=236437&cwnd=253&unsent_bytes=0&cid=1af4972600540eb1&ts=513&x=0" x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	main.css u6lyxl0w.skin/css/	48 KB 13 KB	49ms 48ms	Stylesheet text/css	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/css/main.css?v=4 Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0341644a22e09291520c4c51eac70ed71928ee3066f40fcff257c582afac3b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"66f5a2be-c03c" age 221375 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Okrkb4gU0vxI5DbQhUOygj24UByyLIKmVfy6SFd%2FROdN6qdwAwJ8K5SpJc%2FwpLjbbS5ZKiDL%2FAATQCTiNJiJpHG09lpX2Ymx%2FzWwmtKAQ2wn01LMhb0DS9iV5YZ5W6%2BQ"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sat, 21 Dec 2024 04:37:06 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:41 GMT content-type text/css last-modified Thu, 26 Sep 2024 18:06:54 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bd36f8e9463-LHR x-xss-protection 1; mode=block server cloudflare
GET H3	200	jquery.js Show response u6lyxl0w.skin/js/	87 KB 33 KB	74ms 74ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/js/jquery.js Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"603e8adc-15d9d" age 317767 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jgWJpcyRXKLoswzeQD7KWN5epPmRwYoDiAk4VfBpKSsscZTkmpzUzGrITKehfUnzK1mmufptOVSRwALhX8aMUP7jk0Rks8wfq9nLHy6jp8PXDapu5OmfbLW71gTS747u"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Fri, 20 Dec 2024 01:50:34 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:41 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 02 Mar 2021 18:58:36 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bd36f8d9463-LHR x-xss-protection 1; mode=block server cloudflare
GET H3	200	xupload.js Show response u6lyxl0w.skin/js/	11 KB 5 KB	101ms 101ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/js/xupload.js Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c3c7c3de97ef15965def93fc9317e82854b979aa1a7980fde49b873a04aab85d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"610a9920-2a73" age 316309 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ltrz7SQqraNWOz4uYNLaM5WuHcyDUgRt%2F%2BO77vUXhimtxNPG1W37NKaFj7Nhayyk6bNGGp7BUepSPk6kRbe9t%2BpCEnk8%2BcRV%2BXmhw1hTkSxqf0ttrK69o3RYoQFKEDYx"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Fri, 20 Dec 2024 02:14:52 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:41 GMT content-type application/javascript; charset=utf-8 last-modified Wed, 04 Aug 2021 13:41:52 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bd36f8f9463-LHR x-xss-protection 1; mode=block server cloudflare
GET H3	200	jquery.cookie.js Show response u6lyxl0w.skin/js/	4 KB 2 KB	74ms 74ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/js/jquery.cookie.js Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"4de4e4e4-10eb" age 405191 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mBOjhV0jWpTbqLa0SDSOU%2By8lEoEODfSz0giihwJRhoXGyGSI8eE8unzZttMZyXy%2BaeV4ZcriuaMwVC1ln8TW5c11hi5DawQnJkhFi7Sus02KX98wMTlknOqcCUEX1pO"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Thu, 19 Dec 2024 01:33:30 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:41 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 31 May 2011 12:53:56 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bd36f919463-LHR x-xss-protection 1; mode=block server cloudflare
GET H3	200	ls.js Show response u6lyxl0w.skin/js/	2 KB 1 KB	74ms 74ms	Script application/javascript	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/js/ls.js Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"63eb7076-80f" age 309415 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7jppqwueOXDUXWOlV6nz6xgfdRuF9xjw1dw0UV6fsUHXqKmQsgOt5hJMtDYKb2GrYW6QnkOqhnGybgy2R0%2Bj4V6v3ddQzlyqhwzXH3vGwTQxchdjDakyYgtmaHcu9hgE"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Fri, 20 Dec 2024 04:09:46 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:41 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 14 Feb 2023 11:28:54 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bd36f909463-LHR x-xss-protection 1; mode=block server cloudflare
GET H3	200	e8q2m0gss6x2 6v254h9v.xyz/ptsd/ Frame A6AC	0 0	302ms 193ms	Document text/html	172.67.192.183 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://6v254h9v.xyz/ptsd/e8q2m0gss6x2 Requested by Host: u6lyxl0w.skin URL: https://u6lyxl0w.skin/e/e8q2m0gss6x2 Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.192.183 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://u6lyxl0w.skin/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f309bd56fa19415-LHR content-encoding zstd content-type text/html; charset=UTF-8 date Mon, 16 Dec 2024 18:06:41 GMT expires Sun, 15 Dec 2024 18:06:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=0,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SIWpR2XLXP6hnIKOdG3%2BvpjnvqLUVWMnxzlscnsK64eYtt0rwfHX5RK3S84oOSg6%2F3NKdAIxAw9K48kvAEWatfTZ9NCMXMjutJ9eE7M7ZR5GQ78was6qPEpD8Qvs94Q%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=25244&min_rtt=24733&rtt_var=4404&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4161&recv_bytes=4504&delivery_rate=547&cwnd=12000&unsent_bytes=0&cid=7c35827e25823ded&ts=201&x=1" cfExtPri cfHdrFlush;dur=0 x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	favicon.ico u6lyxl0w.skin/	1 KB 903 B	60ms 59ms	Other image/x-icon	104.21.64.1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://u6lyxl0w.skin/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.64.1 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c53b6a1e519b835191c058325f17d0f3ea15e1507ca47313c94cc54b68741500 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://u6lyxl0w.skin/e/e8q2m0gss6x2 Response headers content-encoding zstd cf-cache-status HIT etag W/"54cfcf64-47e" age 189426 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uyIb4B1%2B4slbMKq3rIOVEU%2BaJ7ry8ptN4WDhpyW3t9Iy6ksSOrVnDhN4yve%2FYZUI0bWGFsglC70KDPuzArJ63poRgJajR03VUxlOxDxRB4mFG2fZfEp6mnNurHe%2BxMvR"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Sat, 21 Dec 2024 13:29:36 GMT alt-svc h3=":443"; ma=86400 date Mon, 16 Dec 2024 18:06:42 GMT content-type image/x-icon last-modified Mon, 02 Feb 2015 19:26:28 GMT vary Accept-Encoding nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cache-control max-age=604800 cf-ray 8f309bde8fa29463-LHR x-xss-protection 1; mode=block server cloudflare

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery number| show_fname_chars function| $$ function| fileSelected function| openStatusWindow function| StartUpload function| checkExt function| fixLength function| getFormAction function| setFormAction function| InitUploadSelector function| findPos function| changeUploadType function| jah function| scaleImg function| OpenWin function| player_start function| copy function| download_video function| convertSeconds function| convertSize function| SP function| progressUpdate function| encStatus object| ls

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			u6lyxl0w.skin/e	1970-01-21 01:46:48	Name: file_id Value: 32642368
			u6lyxl0w.skin/e	1970-01-21 01:46:48	Name: aff Value: 5
			.u6lyxl0w.skin/	1969-12-31 23:59:59	Name: lang Value: 1
			.yandex.ru/	1970-01-21 11:22:12	Name: i Value: MdQwFoGxWoiOUonhMyA/NhnHfJA2stkkXzCT2bMWmpLphJYYTvsuJP8SfACxh1yZfIgbWS7CATh1TCyBJsl+clpQNFQ=
			.yandex.ru/	1970-01-21 11:22:12	Name: yandexuid Value: 3961096651734372402
			.yandex.ru/	1970-01-21 10:31:48	Name: yashr Value: 6681023881734372402
			.yandex.ru/	1970-01-21 11:22:12	Name: bh Value: EkEiR29vZ2xlIENocm9tZSI7dj0iMTMxIiwgIkNocm9taXVtIjt2PSIxMzEiLCAiTm90X0EgQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJgstiBuwY=
			.6v254h9v.xyz/	1970-01-21 10:31:48	Name: _ym_uid Value: 1734372403957863688
			.6v254h9v.xyz/	1970-01-21 10:31:48	Name: _ym_d Value: 1734372403
			.6v254h9v.xyz/	1970-01-21 01:47:24	Name: _ym_isad Value: 2
			mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1432032171734372402
			.yandex.com/	1970-01-21 10:31:48	Name: yuidss Value: 5671395661734372402
			.yandex.com/	1970-01-21 10:31:48	Name: ymex Value: 1765908402.yrts.1734372402#1765908402.yrtsi.1734372402
			.yandex.com/	1970-01-21 11:22:12	Name: bh Value: EkEiR29vZ2xlIENocm9tZSI7dj0iMTMxIiwgIkNocm9taXVtIjt2PSIxMzEiLCAiTm90X0EgQnJhbmQiO3Y9IjI0IioCPzA6ByJMaW51eCJgstiBuwY=
			.yandex.com/	1970-01-21 11:22:12	Name: i Value: PiNixvy38yGV67I2tCkPUJG911ldHTG0AlZGBtXlQlTLjQDcNA41fWvnRHj1e58XJJieapurtEpFhtm2hUqBz3PrMqQ=
			.yandex.com/	1970-01-21 11:22:12	Name: yandexuid Value: 9201878351734372402
			.yandex.com/	1970-01-21 10:31:48	Name: yashr Value: 7275344091734372402

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6v254h9v.xyz
u6lyxl0w.skin
104.21.64.1
172.67.192.183
75aef2e95ea7f3a70999396fba0c2ab866f4ff06313cf1b07780d800a5fc1ebc
96f2f3c87be4a0582def1b5e1e9e19aa0529adb7fd9277cede56c1eefd906d01
b0341644a22e09291520c4c51eac70ed71928ee3066f40fcff257c582afac3b1
c3c7c3de97ef15965def93fc9317e82854b979aa1a7980fde49b873a04aab85d
c53b6a1e519b835191c058325f17d0f3ea15e1507ca47313c94cc54b68741500
e41ab33031de68c317b0d1f1919ee1f15981e8ee41b36d939f96f4d921749495
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e