urlscan.io logo urlscan.io
SecurityTrails logo

www.yt1s.com Open in urlscan Pro
2606:4700:20::681a:a33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://yt1s.com/
Effective URL: https://www.yt1s.com/en2aef
Submission: On October 30 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 2606:4700:20::681a:a33, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.yt1s.com. The Cisco Umbrella rank of the primary domain is 736467.
TLS certificate: Issued by WE1 on September 18th 2024. Valid for: 3 months.
This is the only time www.yt1s.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 172.67.68.139 13335 (CLOUDFLAR...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 139.45.197.236 9002 (RETN-AS)
3 2001:4860:480... 15169 (GOOGLE)
1 172.67.178.81 13335 (CLOUDFLAR...)
1 172.67.193.52 13335 (CLOUDFLAR...)
1 139.45.195.8 9002 (RETN-AS)
2 139.45.195.254 9002 (RETN-AS)
33 11
17    172.67.68.139 (United States)

ASN13335 (CLOUDFLARENET, US)
yt1s.com
www.yt1s.com
2    2606:4700:20::681a:a33 (United States)

ASN13335 (CLOUDFLARENET, US)
www.yt1s.com
2    2404:6800:4004:825::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    139.45.197.236 (United Kingdom)

ASN9002 (RETN-AS, GB)
besmeargleor.com
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.67.178.81 (United States)

ASN13335 (CLOUDFLARENET, US)
bytogeticr.com
1    172.67.193.52 (United States)

ASN13335 (CLOUDFLARENET, US)
tzegilo.com
1    139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)
my.rtmark.net
2    139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)
fleraprt.com
Apex Domain
Subdomains		 Transfer
19 yt1s.com
yt1s.com — Cisco Umbrella Rank: 617310
www.yt1s.com — Cisco Umbrella Rank: 736467
79 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
3 besmeargleor.com
besmeargleor.com — Cisco Umbrella Rank: 204185
35 KB
2 fleraprt.com
fleraprt.com — Cisco Umbrella Rank: 19217
904 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
175 KB
1 tzegilo.com
tzegilo.com — Cisco Umbrella Rank: 19882
9 KB
1 rtmark.net
my.rtmark.net — Cisco Umbrella Rank: 10912 Failed
543 B
1 bytogeticr.com
bytogeticr.com — Cisco Umbrella Rank: 30165
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 683
7 KB
0 clarity.ms Failed
www.clarity.ms Failed
33 10
Domain Requested by
18 www.yt1s.com 1 redirects www.yt1s.com
static.cloudflareinsights.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 besmeargleor.com www.yt1s.com
besmeargleor.com
2 fleraprt.com tzegilo.com
2 www.googletagmanager.com www.yt1s.com
www.googletagmanager.com
1 tzegilo.com besmeargleor.com
1 my.rtmark.net besmeargleor.com
1 bytogeticr.com besmeargleor.com
1 static.cloudflareinsights.com www.yt1s.com
1 yt1s.com 1 redirects
0 www.clarity.ms Failed www.yt1s.com
33 11

This site contains no links.

Subject Issuer Validity Valid
yt1s.com
WE1		 2024-09-18 -
2024-12-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
cloudflareinsights.com
WE1		 2024-09-03 -
2024-12-02		 3 months crt.sh
besmeargleor.com
R11		 2024-10-12 -
2025-01-10		 3 months crt.sh
bytogeticr.com
WE1		 2024-10-01 -
2024-12-30		 3 months crt.sh
tzegilo.com
WE1		 2024-09-23 -
2024-12-22		 3 months crt.sh
rtmark.net
R11		 2024-08-30 -
2024-11-28		 3 months crt.sh
fleraprt.com
Sectigo RSA Domain Validation Secure Server CA		 2024-01-09 -
2025-01-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.yt1s.com/en2aef
Frame ID: FDD5B7C6E9BC247A2AABF96CB5D6C584
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Youtube Downloader - Online Youtube Video Downloader

Page URL History Show full URLs

  1. http://yt1s.com/ HTTP 307
    https://yt1s.com/ HTTP 301
    https://www.yt1s.com/ HTTP 301
    https://www.yt1s.com/en2aef Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

94 %
HTTPS

40 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

326 kB
Transfer

882 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://yt1s.com/ HTTP 307
    https://yt1s.com/ HTTP 301
    https://www.yt1s.com/ HTTP 301
    https://www.yt1s.com/en2aef Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en2aef
www.yt1s.com/
Redirect Chain
  • http://yt1s.com/
  • https://yt1s.com/
  • https://www.yt1s.com/
  • https://www.yt1s.com/en2aef
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/en2aef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fec2bec4a263f64e8121cd434838e13fd6cd96a7c8490e9c301a0ad779e1439c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
8da97c974f58afb1-NRT
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 06:53:09 GMT
last-modified
Wed, 30 Oct 2024 06:53:09 GMT
link
<https://www.yt1s.com/en2aef>; rel="canonical"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GP%2F8Mf1s%2BnPSzWmIIxLeV%2FffQAWoC0bESFxltowbB%2BWBRMAzAwHziLemwnQR3PawRf9GnHgOvhTETpWUlVNtErBnjTOnTd47eg4r41T2nXMnWmjeeh2UoL52iyiViNo5hiJsCm%2B5L%2BC3MA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="EXPIRED"
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
EXPIRED
cf-ray
8da97c93ab93afb1-NRT
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 06:53:09 GMT
link
<https://www.yt1s.com/en2aef>; rel="canonical"
location
https://www.yt1s.com/en2aef
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KC8JM3yh0Y2sJG5V6un2BTG%2F054r8PF13EOwiOcsV3U7G57Vw2VfAO53K8opJ4Wx3%2FDvrCeG7Gl83mh3uTNKO6abwKEEcGfB9LBQ2FBzde3hyvTwdsQSY%2Fh0md9p9PkASuBRB8nqHJU33A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfCacheStatus;desc="EXPIRED"
speculation-rules
"/cdn-cgi/speculation"
vary
Accept-Encoding
speculation
www.yt1s.com/cdn-cgi/ 		128 B
590 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/cdn-cgi/speculation
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.yt1s.com
Referer
https://www.yt1s.com/en2aef

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lopf3et16q60ppgzRux2vTehW2p4tJ4lvjyyzQ7QMOpUa9SJE%2B38pzqGU33%2F24tYzorfs%2Bl%2FMgjU9LsQoeztwWZTbDCIZFltcitTb9mMJzKu5YXqfsiNUhkz4Im8uw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c991e35b00f-NRT
access-control-allow-origin
https://www.yt1s.com
alt-svc
h3=":443"; ma=86400
content-length
128
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
application/speculationrules+json
vary
Origin, Accept-Encoding
server
cloudflare
style.css
www.yt1s.com/statics/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/css/style.css?v=2.24
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181e78c1822045364f2244290111fa5e426ac9cd6166409561739bda17f2802e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"639e6c9b-4deb"
age
551703
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qIZ84tuZu%2BM9bP%2FrHgxpbk5jyNj8fxPecxw8Hw0sdtiJ7SRqJJ1GRI5pWMkVL0i1%2FfWN2Mvca9Zypx6OSTEhzaLpTde0WzEyoON4ag2kqysde%2BroWdi2ZFqKD1uZ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 30 Oct 2024 21:38:05 GMT
cf-polished
origSize=19947
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
text/css
last-modified
Sun, 18 Dec 2022 01:27:55 GMT
vary
Accept-Encoding
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da97c991e39b00f-NRT
server
cloudflare
clock.svg
www.yt1s.com/statics/image/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/clock.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8e01e-15b7"
age
55523
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vf5x5ihZTnic1CH5osMXV2LSa2c%2BT6WS0Gg5m6j%2FVWriqfivWoN98pU6%2Fji86sPbeNqvRFIyla3f8p09pDAYaBypBMBcDbogwh6DsitGSBXaDUz%2Bi2eQ4Cm%2B1aUFsw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c991e3eb00f-NRT
expires
Tue, 05 Nov 2024 15:27:46 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 15:07:10 GMT
vary
Accept-Encoding
server
cloudflare
limit.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/limit.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8e058-985"
age
115695
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2B4HbfJ%2FIoQ2zMCf0crmYNH8Q8CHIlURF9WabZmaetfBRYX6nLeKY7Nz8c7H7cRAsOXu4Fkgv0TSrG4poPw9VcCDd1d%2FAqcMbqzBcLen%2B0tWuft5wxq1AQiFX4u09g%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c991e3fb00f-NRT
expires
Mon, 04 Nov 2024 22:44:54 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 15:08:08 GMT
vary
Accept-Encoding
server
cloudflare
safe.svg
www.yt1s.com/statics/image/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/safe.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8e06c-ad0"
age
477757
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucGSuQGKuLl2Ih1vfJMbQmKcWRDLQE5OGp0HwA86gDRNfkCURT%2B4zxqT6I5dtsFKsu7NjRSDvfeXOBTW7C%2FOZ4Y%2BLRXE%2FklhxeW8hT%2BrV%2BRCSNzxuVdxnUo8%2BBy8jg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c993e56b00f-NRT
expires
Thu, 31 Oct 2024 18:10:32 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 15:08:28 GMT
vary
Accept-Encoding
server
cloudflare
platform.svg
www.yt1s.com/statics/image/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/platform.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5eeb4dcc-3762"
age
538926
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VBuf2%2FnegNnw3Gnpj9VD2Wdo2iXClLOactt1hb8DcGV4%2F8YO7wfZiLEpyeWdIbJmQn%2FnGuBQN%2BbR%2FdVjL2YuK7aozp31hYOWw7C%2FakujwHc1S%2FTwxHlXgDqy1eOQfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c993e5cb00f-NRT
expires
Thu, 31 Oct 2024 01:11:03 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Jun 2020 11:19:40 GMT
vary
Accept-Encoding
server
cloudflare
support.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/support.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5eeb4df4-7cc"
age
44609
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dgWvMBYWmVgF4pbGwNgCLJe6hD06xjouAXmU1BjTaYTUOdqAUAT0rxS2GJ2KRyGojlOSaydIXerUnrqrKC0nNkgeaZ5Rq3t9JLz2Bq8bIaTafMVdtOGusE%2FBg0FYVA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e69b00f-NRT
expires
Tue, 05 Nov 2024 18:29:39 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Jun 2020 11:20:20 GMT
vary
Accept-Encoding
server
cloudflare
cloud.svg
www.yt1s.com/statics/image/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/cloud.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5eeb4e06-694"
age
51444
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SiiErZ2DoD3VELezzbGzRPIXBu1rPWMzoaVj6wYscEgKvaJDEFK9J2oF2NIcYqlFn4s3e4deV3A5yOYgqp5%2FHxSJbYEGKMRFWnIcMcWKd6ESUejmmPFIuZmE%2B00kaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e6db00f-NRT
expires
Tue, 05 Nov 2024 16:35:45 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Thu, 18 Jun 2020 11:20:38 GMT
vary
Accept-Encoding
server
cloudflare
icon1.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon1.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8efde-16ae"
age
455594
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpI1b3Xb9UDXRUEGJn3iwdB9W8V5fn3RWeXUTK2kz6rGYvj2w3MSRCbtJTJWL5TafORAtjIFg2dPCxdnepwY20vTfg0bBr77T4M%2BEBdfp0vAlq%2BhFmISqXc28jxqNA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e73b00f-NRT
expires
Fri, 01 Nov 2024 00:19:55 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 16:14:22 GMT
vary
Accept-Encoding
server
cloudflare
icon2.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon2.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8eff4-19a7"
age
453445
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=02Fu5KFNPfm67nTRWYbk%2FCUHyuDBoRCy%2FHV3YUqJqY2ql4ntM03yZG6%2FrFiAflkB8m2%2BEWbBsS3ppVxE1tjv5UPp3tpOWDs6wjo1dZKlyyCK2K9CW98PSGk%2BADnUSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e75b00f-NRT
expires
Fri, 01 Nov 2024 00:55:44 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 16:14:44 GMT
vary
Accept-Encoding
server
cloudflare
icon3.svg
www.yt1s.com/statics/image/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon3.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8f008-1b30"
age
42973
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uvvtb8kaOIWiPU7Dr1ggYAkIAir7PSj6O8sAzLhfSEaLvvhrbqZeCO0IPUaL6fBZLYNOt4S9OHK43kagKUvpM%2BZKSulInf7o5p54aMOb0hfWkiBbD79BRDhNMqPVLw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e78b00f-NRT
expires
Tue, 05 Nov 2024 18:56:56 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 16:15:04 GMT
vary
Accept-Encoding
server
cloudflare
icon4.svg
www.yt1s.com/statics/image/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon4.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8f020-19f4"
age
51444
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bf0huK5jCeKBvHSVqKsKtz9WnCRui6SIx%2BdvzDLPzi8FKo17yZSNqBdvRT7k3SjwslKO89wFvu2HVyUZMxdW2k1MyQHnPQuR9R%2BgHStu1B6QEr0o%2B3SO8m0yJxjjgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e7bb00f-NRT
expires
Tue, 05 Nov 2024 16:35:45 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 16:15:28 GMT
vary
Accept-Encoding
server
cloudflare
icon5.svg
www.yt1s.com/statics/image/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.yt1s.com/statics/image/icon5.svg
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"5ee8f03c-15e1"
age
51443
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4UvAOA7m6iyYVUEgVMUqRONU8oO4Df6OdjYuI843%2BT7DuRaUVyXA4U3tuA6I3e65%2FBQMmp3JG4kT7sEA%2FhvrtZ24nW7MM7r6umA18BaFz3tQ3SP2U4rIB2mBDkZDeg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e7cb00f-NRT
expires
Tue, 05 Nov 2024 16:35:46 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
image/svg+xml
last-modified
Tue, 16 Jun 2020 16:15:56 GMT
vary
Accept-Encoding
server
cloudflare
jquery.min.js
www.yt1s.com/statics/js/ 		100 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/statics/js/jquery.min.js?v=3.307
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96d7f40e965ef49b70a9fc8c8df9f844dcf7b4ee3a30d05bfc7cfcbf422dfc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"66bda7ad-19046"
age
527569
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2yTDd5lw9RWuVwSeJnZd3WRtthv5s7AaULUnx%2Fyim1jW2qGBCPeS4ral%2FAReJYxHBWaWy6IPlXd717%2FuBLp%2FcHv3BpYYCtIGyYhCRCLwQtpq%2BhWs%2BirXXIV56eQ3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97c994e80b00f-NRT
expires
Thu, 31 Oct 2024 04:20:20 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
application/javascript
last-modified
Thu, 15 Aug 2024 07:01:01 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/ 		221 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5489cbe5a8c15ef9c9fa5ab46c4871a6ace0548112d389c1543afcce0d42720e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 06:53:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 06:53:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 30 Oct 2024 06:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
80539
x-xss-protection
0
server
Google Tag Manager
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/en2aef
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.yt1s.com
Referer
https://www.yt1s.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8da97c995fd57827-NRT
access-control-allow-origin
*
date
Wed, 30 Oct 2024 06:53:09 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
lm9whpv4a7
www.clarity.ms/tag/ 		0
0
7144516
besmeargleor.com/400/ 		88 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/400/7144516
Requested by
Host: www.yt1s.com
URL: https://www.yt1s.com/statics/js/jquery.min.js?v=3.307
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
abc72d606256e909b298fd0f50110ff468939a70ba77f65cfc41a9795a4a805b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

access-control-expose-headers
Link
content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
date
Wed, 30 Oct 2024 06:53:10 GMT
content-type
application/javascript
vary
Origin
strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
ed58ebfd14a842739c8f9fd51be56732
access-control-allow-origin
*
server
nginx
js
www.googletagmanager.com/gtag/ 		272 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SHGNTSN7T4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bd21bbe3ce7e9a467053eac4a74fdf2c141738fee8b0c54140a753363710ec60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 30 Oct 2024 06:53:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 06:53:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97372
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-173445049-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

content-encoding
gzip
age
4058
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 30 Oct 2024 07:45:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 05:45:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SHGNTSN7T4&gtm=45je4as0v9125056135za200&_p=1730271189960&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=1333759946.1730271190&ul=ja-jp&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1730271190&sct=1&seg=0&dl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&dt=Youtube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1305
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SHGNTSN7T4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.yt1s.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 06:53:10 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/ 		1 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=714710967&t=pageview&_s=1&dl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&ul=ja-jp&de=UTF-8&dt=Youtube%20Downloader%20-%20Online%20Youtube%20Video%20Downloader&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=153414715&gjid=1113152195&cid=1333759946.1730271190&tid=UA-173445049-1&_gid=820498770.1730271190&_r=1&gtm=457e4as0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101533421~101823848~101878899~101878944~101925629&jsscut=1&z=1229017231
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.yt1s.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 30 Oct 2024 06:53:10 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.yt1s.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
split_track
bytogeticr.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bytogeticr.com/split_track?dt=0&r=false&timeout=1000errm=
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtcEIscShPK5G6XaQYRb6ReS%2F0M1JUgOHCuT3Kg1gPeb1GfPloChJanKOayRHJrI4Z5XRAW4GMU%2Fwm3mt5jNQ3fjDIGWdHm6H4LbGZaafi5u9Um5BxE%2FCtd8BJCSM4x0bA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST, OPTIONS, HEAD
cf-ray
8da97ca04fc4d767-NRT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=1556&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4212&recv_bytes=5728&delivery_rate=1016&cwnd=12000&unsent_bytes=0&cid=27c253d00dd97c8c&ts=279&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 30 Oct 2024 06:53:11 GMT
content-type
application/octet-stream
server
cloudflare
priority
u=1,i
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
gid.js
my.rtmark.net/ 		0
0
rum
www.yt1s.com/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://www.yt1s.com/en2aef

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8da97ca03e8cb00f-NRT
access-control-allow-origin
https://www.yt1s.com
date
Wed, 30 Oct 2024 06:53:11 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
www.yt1s.com/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.yt1s.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.68.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e92bc051dfe9942d3cacd100ec069d60be27070421c5cf5a5853182f656096f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/en2aef

Response headers

cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"6667c335-3c2e"
age
472586
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JXrF5XzlWLIX3EkirKJcnQEYVXKMTApOcllshIn%2Fu1klpZNK2%2FbZO3hY0%2FEfLvHmWnORM1DRB%2Fb%2BtwVkVcjvPZyI26gGLxOY2N7xGVWjXoMMthsavfMmBPY%2FftXJlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da97ca03e8db00f-NRT
expires
Thu, 31 Oct 2024 19:36:45 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 30 Oct 2024 06:53:11 GMT
content-type
image/x-icon
last-modified
Tue, 11 Jun 2024 03:23:33 GMT
vary
Accept-Encoding
server
cloudflare
stattag.js
tzegilo.com/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tzegilo.com/stattag.js
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"668fb2be-45d7"
age
2823
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bj6fAs7qJwbwHDBR38ZbVWJN2PrefDzFYJQceYHhrmHYAD%2Bs5CDtfK83AQae%2F2DsIzTo1xnfJdya1rm1sdMykcEf72d9Mc4koUuZ0oxii%2F8zXbSQrpje3xhHrhOqrg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1550&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4182&recv_bytes=4364&delivery_rate=423911&cwnd=12000&unsent_bytes=0&cid=8a7ba28f5b803c01&ts=76&x=1", cfHdrFlush;dur=0
date
Wed, 30 Oct 2024 06:53:12 GMT
content-type
application/javascript
last-modified
Thu, 11 Jul 2024 10:23:58 GMT
vary
Accept-Encoding
link
<https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da97ca6ef1ed759-NRT
server
cloudflare
7144516
besmeargleor.com/500/ 		0
591 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/500/7144516?excludes=&oaid=x8qe186937mi425431912j4y3rore818&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=40&wy=40&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=540&btz=Asia%2FTokyo&bto=-540&jsp=1&is_mobile=false&js_build=8&sw_version=v1.430.0
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.yt1s.com/

Response headers

strict-transport-security
max-age=1
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
timing-allow-origin
*, *
access-control-expose-headers
Link
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
x-trace-id
f67a993e84f5dd3c0f5b9b3a6d6a3c91
x-content-type-options
nosniff
expires
Tue, 11 Jan 1994 10:00:00 GMT
access-control-allow-origin
https://www.yt1s.com
date
Wed, 30 Oct 2024 06:53:13 GMT
vary
Origin
server
nginx
gid.js
my.rtmark.net/ 		65 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://my.rtmark.net/gid.js?userId=x8qe186937mi425431912j4y3rore818
Requested by
Host: besmeargleor.com
URL: https://besmeargleor.com/400/7144516
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
ddb54ef28713099cd3b7b998e694c8773246170840ead45d7ac5c0d38975061b
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.yt1s.com/

Response headers

strict-transport-security
max-age=1
access-control-expose-headers
Authorization
timing-allow-origin
*, *
access-control-allow-credentials
true
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
x-content-type-options
nosniff
access-control-allow-origin
https://www.yt1s.com
content-length
65
date
Wed, 30 Oct 2024 06:53:13 GMT
content-type
application/json; charset=utf-8
server
nginx
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
7144516
besmeargleor.com/500/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://besmeargleor.com/500/7144516?excludes=&oaid=x8qe186937mi425431912j4y3rore818&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=40&wy=40&ww=1600&wh=1285&cw=1600&wiw=1600&wih=1200&wfc=0&pl=https%3A%2F%2Fwww.yt1s.com%2Fen2aef&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&tzofs=540&btz=Asia%2FTokyo&bto=-540&jsp=1&is_mobile=false&js_build=8&sw_version=v1.430.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.197.236 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=1
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.yt1s.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.yt1s.com
access-control-max-age
600
allow
GET, OPTIONS
content-length
0
date
Wed, 30 Oct 2024 06:53:12 GMT
server
nginx
strict-transport-security
max-age=1
timing-allow-origin
*
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
add
fleraprt.com/log/ 		12 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=93b8df3d-cb6f-43ae-b58c-5840cf26ec2f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.yt1s.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://www.yt1s.com
Content-Length
12
Date
Wed, 30 Oct 2024 06:53:12 GMT
Content-Type
application/json; charset=utf-8
Server
nginx/1.19.10
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
add
fleraprt.com/async_log/ 		0
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fleraprt.com/async_log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f&ruid=93b8df3d-cb6f-43ae-b58c-5840cf26ec2f
Requested by
Host: tzegilo.com
URL: https://tzegilo.com/stattag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx/1.19.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.yt1s.com/

Response headers

Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin
https://www.yt1s.com
Content-Length
0
Date
Wed, 30 Oct 2024 06:53:12 GMT
Server
nginx/1.19.10
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.clarity.ms
URL
https://www.clarity.ms/tag/lm9whpv4a7
Domain
my.rtmark.net
URL
https://my.rtmark.net/gid.js

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| clarity string| c_url_tmp string| k_url_next string| k_page string| yt_tmp string| k_url_check_task string| k_url_convert string| k_url_search string| txt_processing string| txt_download function| gtag object| dataLayer object| __cfBeacon function| k_parseDuration function| matchYoutubeUrl function| KHtmlEncode function| fancyTimeFormat function| renderFail function| renderListVideo function| convertSuccess function| convertFailed function| checkTask function| convertFile function| randomIntFromInterval function| renderDetail function| selectFileQuality function| renderFacebook function| renderSelectQuality function| ksearchvideo function| load_qc function| parse_query_string function| $ function| jQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData object| zfgstorage object| 47imuv2fuzc object| zfgformats object| webpushlogs object| syncCallbacks boolean| __lwkemfd9q__ number| __qwe33wweq__

6 Cookies

Domain/Path Name / Value
.yt1s.com/ Name: _ga_SHGNTSN7T4
Value: GS1.1.1730271190.1.0.1730271190.0.0.0
.yt1s.com/ Name: _ga
Value: GA1.2.1333759946.1730271190
.yt1s.com/ Name: _gid
Value: GA1.2.820498770.1730271190
.yt1s.com/ Name: _gat_gtag_UA_173445049_1
Value: 1
besmeargleor.com/ Name: OAID
Value: x8qe186937mi425431912j4y3rore818
my.rtmark.net/ Name: ID
Value: x8qe186937mi425431912j4y3rore818

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.yt1s.com/en2aef
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A0F08000AC150000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

besmeargleor.com
bytogeticr.com
fleraprt.com
my.rtmark.net
static.cloudflareinsights.com
tzegilo.com
www.clarity.ms
www.google-analytics.com
www.googletagmanager.com
www.yt1s.com
yt1s.com
my.rtmark.net
www.clarity.ms
139.45.195.254
139.45.195.8
139.45.197.236
172.67.178.81
172.67.193.52
172.67.68.139
2001:4860:4802:34::178
2404:6800:4004:825::2008
2606:4700:20::681a:a33
2606:4700::6810:5049
035bdf34e61343836d721b82821bfd40506b5ad129e674c89907cdec0493e382
0f25c637a002f675855ebd14a24d9412747e019551751c6c1cd1feee27c039d7
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
181e78c1822045364f2244290111fa5e426ac9cd6166409561739bda17f2802e
20f5b96573ae301d5afd020c65a1f89a8dac36e218c6777dcf5f69bd97773174
4cc8141b2183ed6bb344d17264125fb7f3129fcca8a6ce7bcdcb4bc55c4b83ea
5489cbe5a8c15ef9c9fa5ab46c4871a6ace0548112d389c1543afcce0d42720e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
75c91d86601e23ab56d872b31b42660f893fc6d6b0785e085c06c2c038e98fb2
81ee4dd776254ee392aad705423c7a42034410c2e4321f86ed424bbf8c06fbb4
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8fe6590f7ebd421601fd4c17f4eb41b0ce24fc45842a507da72c74923c584053
a2e2170ec846bba8e836ea0a4da376c8be3f58ffb2a3216c7cb790d94664f027
a8c6500f896d32bfd7ceb7e421ac2446ef98ca666b19d1470226c1b6f9b2cbae
abc72d606256e909b298fd0f50110ff468939a70ba77f65cfc41a9795a4a805b
b87a9f9398c22aeaad3be5b906a2d2e9e0914e8dd9bea79b68e9c143188a106d
bd21bbe3ce7e9a467053eac4a74fdf2c141738fee8b0c54140a753363710ec60
c22f84599b1be066f3f8767d82f59351ff88b8e92e01892642255d9c339f6c1a
d215d80c5b3054258323ea5e7518189b9715a6d1c7565a417f2b1875104fabfd
ddb54ef28713099cd3b7b998e694c8773246170840ead45d7ac5c0d38975061b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92bc051dfe9942d3cacd100ec069d60be27070421c5cf5a5853182f656096f5
f96d7f40e965ef49b70a9fc8c8df9f844dcf7b4ee3a30d05bfc7cfcbf422dfc7
fe85cceb474303eb80a5ca9a60b16d92208a8e0b38647647654b0c42447b51f7
fec2bec4a263f64e8121cd434838e13fd6cd96a7c8490e9c301a0ad779e1439c