salda.ws Open in urlscan Pro
185.186.143.7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://salda.ws/video.php?id=Iin1sJx_uTs
Submission: On June 29 via manual (June 29th 2022, 1:39:49 pm UTC) from RU — Scanned from DE

Summary HTTP 79 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 79 HTTP transactions. The main IP is 185.186.143.7, located in Moscow, Russian Federation and belongs to ASKONTEL, RU. The main domain is salda.ws.
TLS certificate: Issued by R3 on May 13th 2022. Valid for: 3 months.

This is the only time salda.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	185.186.143.7 185.186.143.7	204490 (ASKONTEL) (ASKONTEL)
5	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
2	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
22	2a00:1450:400... 2a00:1450:4001:80f::2016	15169 (GOOGLE) (GOOGLE)
2 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1 5	95.163.52.67 95.163.52.67	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	159.69.75.12 159.69.75.12	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	136.243.105.133 136.243.105.133	24940 (HETZNER-AS) (HETZNER-AS)
79	19

8 185.186.143.7 (Moscow, Russian Federation)

ASN204490 (ASKONTEL, RU)

salda.ws	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

rbthre.work	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.75.12 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de

salda.realpush.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.243.105.133 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.133.105.243.136.clients.your-server.de

select1.pstatrbnew.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 135	162 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 107	749 KB
8	yandex.ru 1 redirects yandex.ru — Cisco Umbrella Rank: 1297 informer.yandex.ru — Cisco Umbrella Rank: 59651 mc.yandex.ru — Cisco Umbrella Rank: 3472	137 KB
8	salda.ws salda.ws	303 KB
5	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 10338	16 KB
4	yastatic.net yastatic.net — Cisco Umbrella Rank: 6189	142 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 330	30 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	43 KB
3	yandex.com 1 redirects mc.yandex.com — Cisco Umbrella Rank: 10550	476 B
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 static.doubleclick.net — Cisco Umbrella Rank: 436	1 KB
2	pstatrbnew.bid select1.pstatrbnew.bid	207 B
2	realpush.digital salda.realpush.digital	476 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9125	2 KB
2	rbthre.work rbthre.work — Cisco Umbrella Rank: 317297	13 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 257	3 KB
1	google.com www.google.com — Cisco Umbrella Rank: 8	14 KB
79	16

	Domain	Requested by
22	i.ytimg.com	salda.ws www.youtube.com
9	www.youtube.com	salda.ws www.youtube.com
8	salda.ws	salda.ws rbthre.work
5	top-fwz1.mail.ru	1 redirects salda.ws top-fwz1.mail.ru
5	yandex.ru	salda.ws yandex.ru
4	yastatic.net	yandex.ru
4	jnn-pa.googleapis.com	www.youtube.com
3	mc.yandex.com	1 redirects salda.ws mc.yandex.ru
2	select1.pstatrbnew.bid	rbthre.work
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	salda.realpush.digital	rbthre.work
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.gstatic.com	www.youtube.com
2	counter.yadro.ru	1 redirects salda.ws
2	mc.yandex.ru	1 redirects salda.ws
2	rbthre.work	salda.ws rbthre.work
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	informer.yandex.ru	salda.ws
79	20

This site contains links to these domains. Also see Links.

Domain
oauth.yandex.ru
connect.mail.ru
oauth.vk.com
www.odnoklassniki.ru
metrika.yandex.ru
www.liveinternet.ru
top.mail.ru

Subject Issuer	Validity	Valid
salda.ws R3	`2022-05-13` - `2022-08-11`	3 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-03-04` - `2022-09-01`	6 months	crt.sh
rbthre.work R3	`2022-06-15` - `2022-09-13`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
realpush.digital R3	`2022-06-04` - `2022-09-02`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
pstatrbnew.bid R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://salda.ws/video.php?id=Iin1sJx_uTs
Frame ID: 604E943A969B04D242DB2116FFEA8436
Requests: 56 HTTP requests in this frame

Frame: https://www.youtube.com/embed/Iin1sJx_uTs
Frame ID: 5E252021A8AD625D01F37A672FCB229F
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Игнорирование Ветеранов боевых действий, Видео, Смотреть онлайн

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

79
Requests

90 %
HTTPS

67 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

1612 kB
Transfer

4826 kB
Size

21
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://oauth.yandex.ru/authorize?response_type=code&client_id=cc67df90579a4626b8ff1bc3aef847bd&display=popup

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/oauth/authorize?client_id=744064&response_type=code&redirect_uri=https://salda.ws/oauth/mailru.php

Search URL Search Domain Scan URL

URL: http://oauth.vk.com/authorize?client_id=5455364&response_type=code&scope=email&redirect_uri=https://salda.ws/oauth/vkcom.php

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/oauth/authorize?client_id=1246956544&response_type=code&redirect_uri=https://salda.ws/oauth/okru.php

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=50728582&from=informer

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: http://top.mail.ru/jump?from=1553192

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://top-fwz1.mail.ru/counter?id=1553192;t=487;l=1 HTTP 302
https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1

Request Chain 32

https://counter.yadro.ru/hit?t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%u0442%u0435%u0440%u0430%u043D%u043E%u0432%20%u0431%u043E%u0435%u0432%u044B%u0445%20%u0434%u0435%u0439%u0441%u0442%u0432%u0438%u0439%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.6489743391431124 HTTP 302
https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%u0442%u0435%u0440%u0430%u043D%u043E%u0432%20%u0431%u043E%u0435%u0432%u044B%u0445%20%u0434%u0435%u0439%u0441%u0442%u0432%u0438%u0439%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.6489743391431124

Request Chain 42

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 55

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9684.RuDIv8M4UDcAB2mV6-bmFjRa2XdFM0EbiYPzTi4fjjE21qefkuJRzdMt7aRUOcA0.r5MngrM6yLk9u61lyoRpLVV2-aU%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9684.QNpXKp56GECiaznYAREQKOos78Pa67nhcZ24YCZEZMAzoL-2v3648NupE500n5yRQljOdSvXucuuYHvY-6hH4A%2C%2C.PCNlDcxQl56_SM5C4LlhkMWyUIk%2C

79 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request video.php Show response
salda.ws/ 59 KB
14 KB 252ms
113ms Document
text/html 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

fcc6cb61197700fc1c710d08cd9294be7f55c21f568b2459f938b5bc299d9179

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com .ytimg.com youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru liveinternet.ru .liveinternet.ru mail.ru .mail.ru imgsmail.ru .imgsmail.ru rbthre.work .rbthre.work ; object-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; img-src data: https: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru; media-src 'self' blob: data: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; frame-src 'self' youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru rutube.ru .rutube.ru ; font-src 'self' data: gstatic.com .gstatic.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; connect-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru statforweb.bid .statforweb.bid tword.ru .tword.ru realpush.digital .realpush.digital rbthre.work .rbthre.work pstatrbnew.bid .pstatrbnew.bid pushreal.media .pushreal.media realpush.news .realpush.news ;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-encoding: gzip
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work ; object-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; img-src * data: https: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru; media-src 'self' blob: * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; frame-src 'self' youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru rutube.ru *.rutube.ru ; font-src 'self' data: gstatic.com *.gstatic.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news ;
content-type: text/html; charset=UTF-8
date: Wed, 29 Jun 2022 13:39:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT, Thu, 30 Jun 2022 13:39:44 GMT
link: </css/css.min.css?v=79_6792>; rel=preload; as=style, </js/js.min.js?v=79_6792>; rel=preload; as=script, </img/s17.png>; rel=preload; as=image, </img/logo.png>; rel=preload; as=image
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css.min.css
salda.ws/css/ 102 KB
18 KB 2ms
0ms Stylesheet
text/css 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.ws/css/css.min.css?v=79_6792

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

4347c20ac1a31a02056bf128cc6f9eeeef94abca0d44fc8a649fa5b8c92dc5f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 09:45:36 GMT
server: nginx
etag: W/"62876340-196bd"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 js.min.js Show response
salda.ws/js/ 178 KB
61 KB 37ms
0ms Script
application/javascript 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.ws/js/js.min.js?v=79_6792

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

cfcfcb98375f60c9dcad4d2039314935421dbef6c2d5240057d3665ecab6c550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2022 09:45:45 GMT
server: nginx
etag: W/"62876349-2c98b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 s17.png
salda.ws/img/ 128 KB
128 KB 34ms
0ms Image
image/png 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salda.ws/img/s17.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

fc81f1042732040a255e9fa80134d91baf8e35e1528b68d53203942d09eee7f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
last-modified: Mon, 08 Apr 2019 11:56:14 GMT
server: nginx
etag: "5cab36de-1ff4d"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 130893
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 logo.png
salda.ws/img/ 69 KB
69 KB 3ms
0ms Image
image/png 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salda.ws/img/logo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

e14930f270e3be1c0c36c3ee34b7e4a28afe49f7ac7a68a5a76f5c7b805a4ada

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
last-modified: Fri, 21 Dec 2018 07:47:23 GMT
server: nginx
etag: "5c1c9a8b-1138b"
strict-transport-security: max-age=31536000;
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 70539
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 context.js Show response
yandex.ru/ads/system/ 284 KB
77 KB 311ms
87ms Script
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

0a4103bea5815578a18362be4a7e5ac91a9975436d7da9387a88ef415506f790

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1656509983579256-12051897114617158792-sas3-0778-625-sas-l7-balancer-8080-BAL-5034
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 29 Jun 2022 14:39:43 GMT

GET
H2 200 0tgc8XWV.js Show response
rbthre.work/pjs/ 45 KB
12 KB 392ms
173ms Script
application/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbthre.work/pjs/0tgc8XWV.js

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

1984d2ef5377effdc5f96f759be1542891760ddeadf9b730f73b4756c583d2ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
last-modified: Wed, 29 Jun 2022 01:45:16 GMT
server: cloudflare-nginx
etag: W/"62bbaeac-b492"
strict-transport-security: max-age=63072000
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Wed, 29 Jun 2022 13:49:43 GMT

GET
H2 200 b20b8b4e859137a5423ef0c2b271d947_mini.jpg
salda.ws/meet/photos/b2/0b/ 9 KB
9 KB 107ms
104ms Image
image/jpeg 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salda.ws/meet/photos/b2/0b/b20b8b4e859137a5423ef0c2b271d947_mini.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

57a63c378629d9e01d613835e680b857c637e13274325d8a432a058931ef9c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
last-modified: Mon, 06 Jun 2022 13:18:29 GMT
server: nginx
etag: "629dfea5-241a"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9242
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/JBN-iZB_VqY/ 4 KB
4 KB 126ms
75ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/JBN-iZB_VqY/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36814547d49fcc6b586b2d01f44c142c033339835599b2cf3f02d0015c0bba40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4295
x-xss-protection: 0
server: sffe
etag: "1615129114"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/y6nY_jdvHtA/ 5 KB
5 KB 89ms
38ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/y6nY_jdvHtA/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51614c1546ac410e2be9bb97a1763cbc7cde05ef4c66517dcf972777390e3b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4746
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/eMpwtvdg-Pg/ 4 KB
4 KB 123ms
72ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eMpwtvdg-Pg/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf8a2459dfb1cc1111430fc4473929327dc3894793927b7ad81bf1368d53dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4133
x-xss-protection: 0
server: sffe
etag: "1620674351"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/UwEmkF2-RFM/ 4 KB
4 KB 247ms
196ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/UwEmkF2-RFM/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd4782cc24968a493a76dbf40aa93aa4bb95e933818b8f5ad874ededaf8b1822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3698
x-xss-protection: 0
server: sffe
etag: "1615111046"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/eLqh-4SgB_E/ 4 KB
4 KB 145ms
95ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/eLqh-4SgB_E/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2f3794752fc089949bb8d04baa11f5817eed07560b1bbce55a5d394f31ad228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
server: sffe
etag: "1620817326"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/vFgkFc--Egk/ 3 KB
3 KB 87ms
36ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vFgkFc--Egk/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c70a7610c128356bf797cfe5d43d154e155a43215ae1313e222df1806714122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2687
x-xss-protection: 0
server: sffe
etag: "1602951954"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/7jyhI4IWHGw/ 3 KB
3 KB 74ms
72ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/7jyhI4IWHGw/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7748c5486caa9e9cf6e7a74546e9fcb91f579048afdf996787858b9e6a170c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2671
x-xss-protection: 0
server: sffe
etag: "1615100916"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/nzRLfFtL1BE/ 4 KB
4 KB 91ms
90ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/nzRLfFtL1BE/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afec3a25a8635a2cfd8724c70775814777cca0086abcfc63610d04df86d8ec57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3687
x-xss-protection: 0
server: sffe
etag: "1610632283"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/ekWOCUYzkH0/ 4 KB
4 KB 62ms
60ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/ekWOCUYzkH0/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee24943d40c8d188a5481343b77571373ed18c83c97b878027256bc3e4addc8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3764
x-xss-protection: 0
server: sffe
etag: "1556457678"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/vGnYXB1r6sw/ 4 KB
4 KB 82ms
81ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vGnYXB1r6sw/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

728f5737e4cce4a4fb6784cd605585245067e52c947f8d18e259dbb9c78bc7b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4255
x-xss-protection: 0
server: sffe
etag: "1571578032"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/q5uZomtvZTg/ 3 KB
3 KB 80ms
79ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/q5uZomtvZTg/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea430af257d76f255b08fde85566f4e8fc0b92aeb2b21fc9b0b39198f1b9fad0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2894
x-xss-protection: 0
server: sffe
etag: "1448909357"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/zFIHRyqav8I/ 4 KB
4 KB 75ms
74ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zFIHRyqav8I/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61cb45860644b493b736e5a35511195ca1787626524efc518b2e9d764307e769

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4078
x-xss-protection: 0
server: sffe
etag: "1570370479"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/R5Hyyi2ONbc/ 4 KB
4 KB 90ms
89ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/R5Hyyi2ONbc/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

808525f022a23e79b43e489e3e38bec792fd4d620735d47a6bb38bec0486cb70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3769
x-xss-protection: 0
server: sffe
etag: "1618325055"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/gPVbDKu-lzE/ 3 KB
3 KB 58ms
57ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/gPVbDKu-lzE/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de0a80fe74b17b3b868d9693dadfe5894a2c317927220e403cb8ca24a25af2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: sffe
etag: "1481717826"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/OC1kylcSKLk/ 4 KB
4 KB 99ms
98ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/OC1kylcSKLk/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13d26ff9013f4c9c6109686d261736147a7934395e651549493aaba25136bc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4338
x-xss-protection: 0
server: sffe
etag: "1581868488"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/9Q2dgqzGUs8/ 5 KB
5 KB 96ms
95ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/9Q2dgqzGUs8/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731a502b5a220b4165d05cc8112efca1105eb78e97340800798ac66246eac107

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4652
x-xss-protection: 0
server: sffe
etag: "1618333570"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 404 default.jpg
i.ytimg.com/vi/wYHPWFelXFQ/ 1 KB
1 KB 52ms
50ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/wYHPWFelXFQ/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Wed, 29 Jun 2022 13:40:13 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/Mw5pWGg-pEc/ 4 KB
4 KB 79ms
78ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Mw5pWGg-pEc/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfafcf961ba45b6864ce02644d2de333f39b623bbff892dab0e96eb6639d9ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4494
x-xss-protection: 0
server: sffe
etag: "1562322469"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/6TrQF0owL8E/ 3 KB
3 KB 60ms
59ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/6TrQF0owL8E/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2fdf159546d6199b5533e0409a360a687c02e4fbe2722f8b118756c15e8a0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3434
x-xss-protection: 0
server: sffe
etag: "1460354713"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 default.jpg
i.ytimg.com/vi/NoELaqsDNf0/ 4 KB
4 KB 130ms
129ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/NoELaqsDNf0/default.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7574f1c6b9de47c775f82d0cc949c4da2cff600a413f07a30f150ac6db5246eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4198
x-xss-protection: 0
server: sffe
etag: "1468991281"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 3_0_CCCCCCFF_CCCCCCFF_0_pageviews
informer.yandex.ru/informer/50728582/ 1 KB
1 KB 293ms
72ms Image
image/png 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/50728582/3_0_CCCCCCFF_CCCCCCFF_0_pageviews

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

640aa9eecea59fe602e652a14af07afaeda0fb91aa408405ff60f6d2f0e1f2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Wed, 29-Jun-2022 13:39:43 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1191
x-xss-protection: 1; mode=block
expires: Wed, 29-Jun-2022 13:39:43 GMT

GET
H2

200

counter2
top-fwz1.mail.ru/
Redirect Chain

https://top-fwz1.mail.ru/counter?id=1553192;t=487;l=1
https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1

1 KB
2 KB

72ms
72ms

Image
image/gif

95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

51ac825df3fcb01c72f76e76c4dd031e221381ff5971acfc27f69e43eb0be2df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 1508
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
location: https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Iin1sJx_uTs Show response
www.youtube.com/embed/ Frame 5E25 63 KB
27 KB 132ms
82ms Document
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/Iin1sJx_uTs

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b4edebfd784779bc03ec90a96734ac7b90ab22ea7e69478981b1631fa877448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://salda.ws/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Wed, 29 Jun 2022 13:39:43 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 285ms
136ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-dd8a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56714
expires: Wed, 29 Jun 2022 14:39:43 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%u0...
https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%...

227 B
713 B

60ms
59ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%u0442%u0435%u0440%u0430%u043D%u043E%u0432%20%u0431%u043E%u0435%u0432%u044B%u0445%20%u0434%u0435%u0439%u0441%u0442%u0432%u0438%u0439%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.6489743391431124

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

d6376421746364fc51126b30f95a1ffad53934d83363e31f674284807fcb25bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 13:39:43 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 227
Expires: Mon, 28 Jun 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 29 Jun 2022 13:39:43 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;h%u0418%u0433%u043D%u043E%u0440%u0438%u0440%u043E%u0432%u0430%u043D%u0438%u0435%20%u0412%u0435%u0442%u0435%u0440%u0430%u043D%u043E%u0432%20%u0431%u043E%u0435%u0432%u044B%u0445%20%u0434%u0435%u0439%u0441%u0442%u0432%u0438%u0439%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.6489743391431124
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 28 Jun 2021 21:00:00 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 27 KB
11 KB 290ms
143ms Script
application/javascript 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 22 Dec 2021 12:22:53 GMT
server: nginx
etag: W/"61c3189d-6a23"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Wed, 29 Jun 2022 14:39:43 GMT

GET
H2 200 mqdefault.jpg
i.ytimg.com/vi/Iin1sJx_uTs/ 14 KB
14 KB 66ms
65ms Image
image/jpeg 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/Iin1sJx_uTs/mqdefault.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2188144735b6c21230e7c3778c02626907da74a83e51ff955ad9bdc34c6a0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13985
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H2 200 bg_3.jpg
salda.ws/img/bg/ 3 KB
3 KB 66ms
66ms Image
image/jpeg 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://salda.ws/img/bg/bg_3.jpg

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

785a34cbb4b994c5f959804d4d49c0fbf7633f728d2f1483d0b4cd71a9f21bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
last-modified: Fri, 21 Dec 2018 07:47:42 GMT
server: nginx
etag: "5c1c9a9e-a45"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2629
expires: Fri, 29 Jul 2022 13:39:43 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/60c2da65/ Frame 5E25 339 KB
47 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 01:50:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47636
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Jun 2023 01:50:56 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/60c2da65/www-embed-player.vflset/ Frame 5E25 301 KB
93 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1811
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95238
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 29 Jun 2023 13:09:32 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 5E25 2 MB
535 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 547314
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:48:48 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/ Frame 5E25 9 KB
3 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 21:51:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 28 Jun 2023 21:51:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E25 15 KB
16 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 73982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
905 B 73ms
72ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=1553192;u=https%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;st=1656509983353;title=%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=48305b37480f938a;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9.4//4g/0/0/;lvid=1656509983690%3A1656509983708%3A1%3A06c4d4f723497ca49386288ebc73714f;visible=true;_=0.9916908287419086

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://salda.ws
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://salda.ws
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://salda.ws
access-control-allow-headers: *

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 5E25
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

69ms
28ms

XHR
application/json

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e6a6350caff46187d1bfcc64b7c1c4a73c04187d66d8e6c02a8b304d07d9693

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 5E25 29 B
587 B 69ms
20ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:29 GMT
x-content-type-options: nosniff
age: 14
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 29 Jun 2022 13:54:29 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 76ms
28ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 13:39:43 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5E25 64 KB
30 KB 80ms
36ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

18a43968bec3b5600153f35d6c8fe7f293eead4079bed932eb044f195464dacd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 30202
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 5E25 119 KB
37 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:48:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 147055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37797
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:48:48 GMT

GET
H2 200 iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js Show response
www.google.com/js/th/ Frame 5E25 36 KB
14 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/iJGTQv2FdKpczbKmCmcADXvJJkQivV5xufAsJBe2f-A.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 12:23:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13993
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Jun 2023 12:23:18 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/ Frame 5E25 27 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 20:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 146933
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8115
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 19:56:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 27 Jun 2023 20:50:50 GMT

POST
H2 200 nat-set Show response
salda.realpush.digital/ 129 B
476 B 32ms
32ms Fetch
text/html 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.realpush.digital/nat-set

Requested by

Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.75.12 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.12.75.69.159.clients.your-server.de

Software

nginx /

Resource Hash

e2a086e18982ed3bf075f978cadecfb00423ba6e58b4fb94fd43f33e4678853c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=63072000
access-control-allow-headers: *
content-length: 111
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 nat-set
salda.realpush.digital/ Frame 0
0 98ms
30ms Preflight
text/html 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.realpush.digital/nat-set

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

159.69.75.12 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.12.75.69.159.clients.your-server.de

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://salda.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-length: 2
content-type: text/html; charset=UTF-8
date: Wed, 29 Jun 2022 13:39:43 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=63072000

GET
DATA 200
OK truncated
/ Frame 5E25 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 5E25 2 KB
3 KB 85ms
35ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT1dy4XFSlRgseA9TgCwAcnGLN8hWI8XVeQQtilIA=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
server: fife
etag: "v115"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2458
x-xss-protection: 0
expires: Thu, 30 Jun 2022 13:39:43 GMT

GET
H3 200 maxresdefault.webp
i.ytimg.com/vi_webp/Iin1sJx_uTs/ Frame 5E25 75 KB
75 KB 127ms
83ms Image
image/webp 2a00:1450:4001:80f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/Iin1sJx_uTs/maxresdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8d080a03a252cde9c1865e36e0d9000066d7548a7182011ccd2894d8ade314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
x-content-type-options: nosniff
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76356
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 29 Jun 2022 15:39:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5E25 10 KB
10 KB 61ms
21ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 144617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Jun 2023 21:29:26 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9684.RuDIv8M4UDcAB2mV6-bmFjRa2XdFM0EbiYPzTi4fjjE21qefkuJRzdMt7aRUOcA0.r5MngrM6yLk9u61lyoRpLVV2-aU%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9684.QNpXKp56GECiaznYAREQKOos78Pa67nhcZ24YCZEZMAzoL-2v3648NupE500n5yRQljOdSvXucuuYHvY-6hH4A%2C%2C.PCNlDcxQl56_SM5C4LlhkMWyUIk%2C

75 B
75 B

76ms
76ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9684.QNpXKp56GECiaznYAREQKOos78Pa67nhcZ24YCZEZMAzoL-2v3648NupE500n5yRQljOdSvXucuuYHvY-6hH4A%2C%2C.PCNlDcxQl56_SM5C4LlhkMWyUIk%2C

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9684.QNpXKp56GECiaznYAREQKOos78Pa67nhcZ24YCZEZMAzoL-2v3648NupE500n5yRQljOdSvXucuuYHvY-6hH4A%2C%2C.PCNlDcxQl56_SM5C4LlhkMWyUIk%2C
date: Wed, 29 Jun 2022 13:39:43 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 f1729f96676f1316fe7e.js Show response
yastatic.net/partner-code-bundles/604978/ 13 KB
5 KB 182ms
63ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/604978/f1729f96676f1316fe7e.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e4824403c13a2cce09928f24902d8daa4006717b6977d4076cb2cd15ca954cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://salda.ws/
Origin: https://salda.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4470
last-modified: Tue, 28 Jun 2022 15:40:09 GMT
server: nginx/1.17.9
etag: "0d36cd185489a4998e97e116d30c1c73"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2052 20:11:23 GMT

GET
H2 200 4f50a5848157170d0447.js Show response
yastatic.net/partner-code-bundles/604978/ 85 KB
18 KB 238ms
120ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/604978/4f50a5848157170d0447.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1d370f1f8bb481d2e9e18f77d9df5680e60b3ef2cf00d4869ae69969e954e208

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://salda.ws/
Origin: https://salda.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17729
last-modified: Tue, 28 Jun 2022 15:40:08 GMT
server: nginx/1.17.9
etag: "df183961d87c73f908af14c266832037"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2052 20:11:23 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 328ms
211ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://salda.ws/
Origin: https://salda.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2052 20:11:41 GMT

GET
H2 200 323840 Show response
yandex.ru/ads/meta/ 419 B
771 B 117ms
116ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&pcode-test-ids=586231%2C0%2C54%3B586085%2C0%2C3%3B600588%2C0%2C9%3B593308%2C0%2C67%3B590118%2C0%2C72%3B594014%2C0%2C11%3B598479%2C0%2C37%3B601441%2C0%2C57%3B604978%2C0%2C90&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz8GCutCS9o2SaJuIJGpJypctFkTazVtQFN1sUWCRf%2B%2BhJF%2BkxHTymEDncDg8M3PGvxZbpm3Dd7ZgVWWNtKwwQjbW8L1ZfP791%2BLfh6efj4vPC6M6vrhbPD%2F%2BeBbf8TellKTx4uXb3YI3LK%2B47Rrdta1Uhpe2kqzkyupCidZYrQq7Y6oRzfoGZ0LjpOdUvOXM2G3NWqv4l45rY9nKgFM0SlaVnydJ4mDZ87jrFbLRog9nI3fWCINgWVPaXJYHy0rbMsVqDm4%2FabqkQXQiFdxqI1srzQbMZsMaW3eVEbeDSxMaLl%2FxfBgs1o1U3NZCayS8ZIYNF9F2JZXd4sISucLl61xOOB%2F%2F%2B3tCmZGY0lM8rDNyzRuumHvHlhX3yJqxZYd%2FQBgTpmjKExOSnXhGUThpnUm4RtS2liWf8MimOlhe8Zo3Bs9VieLega%2Bwj8w129sNF%2BuNOT0w9PXhy9MoCHta6B%2Fq6J%2BhBX3PMeTSrNkNjpicE6h4LbfcqmYUll0pWdtKNPf%2Bl82SIKaXmt1yZaysSlu0hatMCK3mltetOXiZloSkwbGKxsopV3KPcMzGtoqvxH5C8PD9xxQfReEg9JarFS9Qhu20NoJP0RQRJjS7VOXwAjVTa9H4crckcRCdi0qb%2Fmlxcz3XGqIKo3CGTWjaY7tGjB3HvRer20vo8z8%2FHy9gcZhGGRlgGsWnXUuZY%2BZxXoDQMDTnjZW55mo7axqPfz388fQ4QUbLMBteA3lHuTZH1TbGf2RMoyzogV95E0JXY%2FmEgf0SIVW8tZGXgIZhNuS2kF1jnIb2G%2BWFpEkaDk39gA7J91Z1tpQ1878iJUkYjS1tUnp21VUVhgDy5cUHeFtyylGu5D0SjPzYtRKlHwkJLN8M2JZCGyVyLzwMyDI%2B59iFa3eiRJ2Imq25FxsHcUrOWBzXizeXyglRsVJ0%2Brd3MhyYi3sI2LJqxw7aj4ySURvlyg1I3aIFcsy2mstuOrhDQsgUG5NouHNboBP33RON138eBc0of9dKFHf1djzP8r1XyjgyScLXcLFy43fnCv%2BWQq4wHAPYsqqbvFZE3kaPw2NQp2haPLJlqvafvQzGOmKla8pC9zZkJV939TmUEjI29YrDAGH0uebIlGCzhIdz2Pi8s3pSHD6qxGB%2BZ2GB6fjWTEEgsDnsLBeuFNplJSeujE7wKYmHd2%2BVkEqYg80P6O5854ye9%2Bhlshw7pvvcNtKIgsPv1GsvLAmB62Fat3ClxYa7CC1GUTFTaUAmj5zQIIsvJEL2BJMEzUBqI7xnpgEdz%2BxH98mvoGH2JeIHh7jp4uXu%2FMWfz0%2FTORXE8VisMDmGWzQ5POFOsRa3Oo6DD5iWFDNlIMS4K8b8zNrVbOrRNA3pUALHRlUK5WZ7ob0jgWZBkl60SAFvwqAbmIrCPYj2HZpFNAgm2L6tavRYs3F127KyhGvzk8R01GA%2FxpzbPrTcP%2FsAglO%2BEEONFWQrtMhFJab%2B6fVxWbK8irTYjXqDeuP0I4cy%2BUWtYiFiyPwKS5acZD34FEy9YJRGJ%2FyHQb2JzVkDF4%2BtTKwE1CZc5sDhF3OWhklycfmRZNCm2w5hait2yFEhbm4Yt7DMLdDc4YVxNAhvk8%2FsEs2yMCOTjyMSD5ZurVge3rCOcULO31otvk4uR4OQ%2BL5%2FY1gG9ApiyMY4LyABrKdIgxsConGqMAoZ6dePmbd%2BHTSl5%2BVv3BWKjWvO5r2bQroMo%2BDE0c%2FBtXJR6dot8W90yrc4SHreNgCHF9b2wODA0afdxv4R%2FDhVnXnDn%2BacDtBhiXGmvNW8K%2BWoJBQDjtly7T0Eiwza1vyQAl3TUWMOlXLXvGOxiiLiZYGthrm2uTBu6f0ImVsg3IY7OnM0by1qtz3qDqvBzMMVpprt3UHwKq6uLfvFu5bDzzAMi40a%2BW9EFmPOnOhaDD10Vxegq1EL%2B3H6h%2BYo3XIaHGpl1gjiJLvKNgRb3gjoRLHBo8%2Fm23nI5p0xuCm8oPslxbkxfv4JwDKNwpiGen28DsUEh%2FPm4L6O67%2Bdr3Io1SxJZ8Xr%2FvPy7eV%2FxEyU5Q%3D%3D&pcode-icookie=EJNY783bP6hGAQ%2FBaxQROHdEIfAPJXLv6qv3alJF83fcoXEadcrpFXQq4%2B50JG88wlIERaTMNdiO6wxOxzJSplfxABQ%3D&duid=MTY1NjUwOTk4NDE0NTI5MTkyOA%3D%3D&imp-id=26&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=449700255760386&ad-session-id=1914361656509983870&target-id=57879169&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=604978&pcodever=604978&flash-ver=0&available-width=1600&available-height=1151&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1600%2C%22h%22%3A1151%2C%22width%22%3A1600%2C%22height%22%3A1151%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=2892&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMDd9ChKmpLDkqO-BMFDHE6zcOqjtt9M4gpcqWMEK8KeUE8upk9A9eVuC_W15r-_b25Jdr_dbbu1Wgg_K5-RkQI8J4IoZZEwJ5VC2rm8N7f5BE0Yyg8wMMjNeXaAWeREWQURTJAsoKIqiWhCSIq2FuEgjqgWkOdzlrUW5kNKiiMgjIGuRLTiciHoZK5Y-DsqhLjkswYLBK9hLEtVSWaIjsrrUhEW0pOIUIWon2mFUUdsQqXV6qw2RMTFZbWqDWm-0guZCbe7GwqYzqpOqTXRGJKnJqGGkNzCoDbE2rYyxVm3UqpGkaFYAr8OKViSJz041NVZas6kClVQNA31CazTpDbSxRp26rTZ3f2GOTUBbbSYDbYam24zrDVZbYq0Fxi9WDKkRic2dLN3hDXkI35rg-Eg4eCDOJ8ta_r6lf8KfaIKijICISJbYZTvl-LLFW2JVk0tffAmWFHm-FHdZwlkI9g3TRPAKNgcvtF8q3p6w83Mq_-Zf_N6zrMk5ePCXeNwuPaLkKNs9P7l5xxw6sRbiiHqyowjj_tQXxj-KyP04IS8n1pYtiki2XSF7plDmzoUv71gtEkyMMbV8aERONHO_DU1nEN_KqE80GiQprTmGbxkPTdEMT9DqsrlA_8fCgsz6mBGh5fOcTp43MBd4g_uRknMsDia4glydFRUnaYhjel0AhIYh0fIxp1OrY63FbGaMTYu1zT18oFiDYo1O1oGg4WZhZjTr0-80tAfT7PSsHlU75y4uzj2VOiKbia4bNaKNlKG_tn1dTLYsl_35IupqawxneBP2kGG3GbJDwG9KA2tV6WNdRRjTco1jWLjOAN_SHkenMdJbzPFer0u5ijIlaqPGojUiWJ_C--RTbjXUdaZ_uxh1vssOq6-FaGuk_GJLh7lggZURRVv-Lob7JrfPstOZzXqjhd4ADCK1RR0zpNbqZK6LI9YP2UWoDpfDUYvcUx0OOwuL3eniKI-baH6Bm3mCr-VsoGSsVr6lFsA-kttPaAo5-8IACjP0v575EUZwPz_YbWy2hZmZoPENhCOm0hecRWMwGTune7uDqVdmJke5AfnTnT-dxY6cxe5i4nidk2yXy75AKJwBvPZ9n6ngsm5zK6QOBV9eyDfYik7DFVlZNkCbyVAZ56LtcwSfx8-y-8QKV2GWJJ1-l8YcKuqUrKORYJTEnMmlGQG5tMC1TcMwpUmmuyom6TLYOPXebGFPuaxb_0MJa9M5pEZwfy9uRD6fwpvQG4dlrW53LYCO5rbs1rJ4QnrYeyOZJ8hmway6Vl1MHheLZ3LAbzYJ9Ny61H4hPGm3HlO9rG7TgmuPe0THVyv-wmmCFRUqVH7kQRjVqe5AhqeLrrV-8iPY09eQo3qJsjkTd9zpoLOWibcFQq3eUe5GpaG-0ztQ-GHJL8leCyCN-Xd426t5klSbX9VgdmVlCiUssDbICPzII84xJ9m_dlgmEiUP2ivB4bv2OTcPZVdM3ZdOFE4fEOuMw1sY-tgo3-v7W2p3FMEoQG-QonWKOrgVeaulF_oVHNdX31aQMnmvt1B9wHBqHtKsS155nMxfm8Cpn8mrIlmTnCUSNq-i03OVhnrWd_MI8zCHgnAaDsYg21QTX78TtthbPziSR5f48QRzwtUzgvukQfLzSff6d6HMiZWPZ4A9Haov2lcNr4AvsOqlKYrG6G8Ipga84Hcbc4dcn550T7JF63DKi6GCMeHyS6HDZkJAhWFs7PObGfJ794Tjbq9kAgTClFALwO9thFPKDgRRe_tEKpQNPegFn_cx7o79_VIRyAYpSOj1h01TdSDzuFB4nEj9-iAcPeL3CFbkpQq9cUy7bKpmHUzHsT7J3Cs8qnd2JGUYKeMlwo9nB-XC70R1Oejvwa8ltk4IaanShLZtMKEcR-zsy48l1ixGjpBLzO2f98B6QqVvYeGQLu7ieXw2aVTtffu8WZc8Qvir9GtuDLHMm9dSMJXOyI8OPobodALCqpAXl4o7h3KW_ft6_HDzlPH2f51OeCdSdSxxphMMz8l-LOEvXQ8ZyatQ3M2oLpLmnd2S4czjPY1_6F7xTrOXktu7P_GtL091rQ_EdjycN_SB53kOAFzEAuNepsyRqbDzUOzvvngHxh8iZ_AXe1kOMR-X4VlJxZoB0o7WncCpi3WMQ8-t4sFK-aRLuLy8AzJPk-h6AVl9bIobAbPjF8yyGqKN47Qtm8kQXrfDav5bKGFLOIDvRBPzw06BTtnBgxlJ9RE-SLrXUEMk5VnVrKv9Znge9jZ_qE0KuN7c5qF3rufxh2JncPBvdVUWevOj7VnO9cK6oC5jny_wF1_lEbz3IW1_hLFnEy4g_kYGUQFo2UK19yTSdMlQLo6qnhYVSu6w63aakZi_uY8hyShGX-iQJfgfBae9YWIPxo8A1xXzqI3WJMjrrsLAcHUu-JrsPyS6PjMJnTHCeyzBbmt49fwWYRslr2y1SqJdbHlmjK7ori0bfqkc3HkIiHAx_YqpRr2FdlWSWFP1Bi1CS4staSM0iu9IeWKkEUUEEyNVJIhG1iJL71zl6aCjQWIkaWKS-RHHsXrFJEajdiFHjnW5kHlbkOMUNp_V_djbSkZGexLzxWgyXlr5HdeMXDcDr2oUS5pVt4S70Nekp53hDhHfsvbGUe9y4B9LUbiaITqaoKXhHWWqjCqVzFCEoookREFQzuKMlVAu0dIAO_mQFS54iPDE_YQm0ZsSDwJNKPmEIHSJQe-hpwvhMHmRInd5mZE7vMzMzCh8JNB8x8WRtJF12CLm2ysLExMYpiKIDwjAp5hBAJf6sQQxzXUEzwcbOC4kaLbtA5ti7q0BXO8-gIkB_A%3D%3D&uniformat=true&callback=Ya%5B7580620180089%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cae002086756a5a1c5a2caf94c879d8dd799b29b93a73385232163200c2c6633

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1656509983927100-16079134396285024916-sas3-0778-625-sas-l7-balancer-8080-BAL-7058
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Jun 2022 13:39:43 GMT
uniformat: true
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://salda.ws
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:39:43 GMT

GET
H2 200 425c3c4c1b98179224aa.js Show response
yastatic.net/partner-code-bundles/604978/ 538 KB
110 KB 226ms
150ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/604978/425c3c4c1b98179224aa.js

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ec782d8c2ce19f757e2f5f18c3ac3ac1313953a8d1b78a61ce6fb3c10c93c2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://salda.ws/
Origin: https://salda.ws
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 111991
last-modified: Tue, 28 Jun 2022 15:40:08 GMT
server: nginx/1.17.9
etag: "826b66e11846f455b93e85e697f5ec45"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 Jun 2052 20:11:36 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 70ms
70ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: salda.ws
URL: https://salda.ws/video.php?id=Iin1sJx_uTs

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:43 GMT
last-modified: Fri, 24 Jun 2022 09:57:02 GMT
etag: "62b5603e-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 29 Jun 2022 14:39:43 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 5E25 4 KB
3 KB 91ms
36ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 29 Jun 2022 13:39:44 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 5E25 0
9 B 21ms
20ms Image
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?O7unAA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/Iin1sJx_uTs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 push-get Show response
select1.pstatrbnew.bid/ 4 B
207 B 885ms
885ms Fetch
application/json 136.243.105.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://select1.pstatrbnew.bid/push-get

Requested by

Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

136.243.105.133 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.133.105.243.136.clients.your-server.de

Software

cloudflare-nginx /

Resource Hash

74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 29 Jun 2022 13:39:45 GMT
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 4

OPTIONS
H2 204 push-get
select1.pstatrbnew.bid/ Frame 0
0 102ms
38ms Preflight
text/plain 136.243.105.133
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://select1.pstatrbnew.bid/push-get
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.105.133 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.133.105.243.136.clients.your-server.de
Software: cloudflare-nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://salda.ws
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
content-type: text/plain; charset=utf-8
date: Wed, 29 Jun 2022 13:39:44 GMT
server: cloudflare-nginx

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/103/ Frame 5E25 52 KB
15 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/103/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15123
x-xss-protection: 0
last-modified: Mon, 02 May 2022 15:04:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 30 Jun 2022 13:39:36 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 5E25 98 B
142 B 33ms
33ms XHR
application/json+protobuf 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d93ce9bc3e24b930ee5636de503334966e856396a3101197a28842ab0d97ed12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 29ms
28ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Wed, 29 Jun 2022 13:39:44 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET 50728582
mc.yandex.com/watch/ 0
0

GET 323840
mc.yandex.com/watch/ 0
0

GET
H2 200 323840 Show response
yandex.ru/ads/meta/ 420 B
675 B 220ms
219ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&pcode-test-ids=586231%2C0%2C54%3B586085%2C0%2C3%3B600588%2C0%2C9%3B593308%2C0%2C67%3B590118%2C0%2C72%3B594014%2C0%2C11%3B598479%2C0%2C37%3B601441%2C0%2C57%3B604978%2C0%2C90&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz8GCutCS9o2SaJuIJGpJypctFkTazVtQFN1sUWCRf%2B%2BhJF%2BkxHTymEDncDg8M3PGvxZbpm3Dd7ZgVWWNtKwwQjbW8L1ZfP791%2BLfh6efj4vPC6M6vrhbPD%2F%2BeBbf8TellKTx4uXb3YI3LK%2B47Rrdta1Uhpe2kqzkyupCidZYrQq7Y6oRzfoGZ0LjpOdUvOXM2G3NWqv4l45rY9nKgFM0SlaVnydJ4mDZ87jrFbLRog9nI3fWCINgWVPaXJYHy0rbMsVqDm4%2FabqkQXQiFdxqI1srzQbMZsMaW3eVEbeDSxMaLl%2FxfBgs1o1U3NZCayS8ZIYNF9F2JZXd4sISucLl61xOOB%2F%2F%2B3tCmZGY0lM8rDNyzRuumHvHlhX3yJqxZYd%2FQBgTpmjKExOSnXhGUThpnUm4RtS2liWf8MimOlhe8Zo3Bs9VieLega%2Bwj8w129sNF%2BuNOT0w9PXhy9MoCHta6B%2Fq6J%2BhBX3PMeTSrNkNjpicE6h4LbfcqmYUll0pWdtKNPf%2Bl82SIKaXmt1yZaysSlu0hatMCK3mltetOXiZloSkwbGKxsopV3KPcMzGtoqvxH5C8PD9xxQfReEg9JarFS9Qhu20NoJP0RQRJjS7VOXwAjVTa9H4crckcRCdi0qb%2Fmlxcz3XGqIKo3CGTWjaY7tGjB3HvRer20vo8z8%2FHy9gcZhGGRlgGsWnXUuZY%2BZxXoDQMDTnjZW55mo7axqPfz388fQ4QUbLMBteA3lHuTZH1TbGf2RMoyzogV95E0JXY%2FmEgf0SIVW8tZGXgIZhNuS2kF1jnIb2G%2BWFpEkaDk39gA7J91Z1tpQ1878iJUkYjS1tUnp21VUVhgDy5cUHeFtyylGu5D0SjPzYtRKlHwkJLN8M2JZCGyVyLzwMyDI%2B59iFa3eiRJ2Imq25FxsHcUrOWBzXizeXyglRsVJ0%2Brd3MhyYi3sI2LJqxw7aj4ySURvlyg1I3aIFcsy2mstuOrhDQsgUG5NouHNboBP33RON138eBc0of9dKFHf1djzP8r1XyjgyScLXcLFy43fnCv%2BWQq4wHAPYsqqbvFZE3kaPw2NQp2haPLJlqvafvQzGOmKla8pC9zZkJV939TmUEjI29YrDAGH0uebIlGCzhIdz2Pi8s3pSHD6qxGB%2BZ2GB6fjWTEEgsDnsLBeuFNplJSeujE7wKYmHd2%2BVkEqYg80P6O5854ye9%2Bhlshw7pvvcNtKIgsPv1GsvLAmB62Fat3ClxYa7CC1GUTFTaUAmj5zQIIsvJEL2BJMEzUBqI7xnpgEdz%2BxH98mvoGH2JeIHh7jp4uXu%2FMWfz0%2FTORXE8VisMDmGWzQ5POFOsRa3Oo6DD5iWFDNlIMS4K8b8zNrVbOrRNA3pUALHRlUK5WZ7ob0jgWZBkl60SAFvwqAbmIrCPYj2HZpFNAgm2L6tavRYs3F127KyhGvzk8R01GA%2FxpzbPrTcP%2FsAglO%2BEEONFWQrtMhFJab%2B6fVxWbK8irTYjXqDeuP0I4cy%2BUWtYiFiyPwKS5acZD34FEy9YJRGJ%2FyHQb2JzVkDF4%2BtTKwE1CZc5sDhF3OWhklycfmRZNCm2w5hait2yFEhbm4Yt7DMLdDc4YVxNAhvk8%2FsEs2yMCOTjyMSD5ZurVge3rCOcULO31otvk4uR4OQ%2BL5%2FY1gG9ApiyMY4LyABrKdIgxsConGqMAoZ6dePmbd%2BHTSl5%2BVv3BWKjWvO5r2bQroMo%2BDE0c%2FBtXJR6dot8W90yrc4SHreNgCHF9b2wODA0afdxv4R%2FDhVnXnDn%2BacDtBhiXGmvNW8K%2BWoJBQDjtly7T0Eiwza1vyQAl3TUWMOlXLXvGOxiiLiZYGthrm2uTBu6f0ImVsg3IY7OnM0by1qtz3qDqvBzMMVpprt3UHwKq6uLfvFu5bDzzAMi40a%2BW9EFmPOnOhaDD10Vxegq1EL%2B3H6h%2BYo3XIaHGpl1gjiJLvKNgRb3gjoRLHBo8%2Fm23nI5p0xuCm8oPslxbkxfv4JwDKNwpiGen28DsUEh%2FPm4L6O67%2Bdr3Io1SxJZ8Xr%2FvPy7eV%2FxEyU5Q%3D%3D&pcode-icookie=EJNY783bP6hGAQ%2FBaxQROHdEIfAPJXLv6qv3alJF83fcoXEadcrpFXQq4%2B50JG88wlIERaTMNdiO6wxOxzJSplfxABQ%3D&duid=MTY1NjUwOTk4NDE0NTI5MTkyOA%3D%3D&imp-id=21&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=449700255760386&ad-session-id=1914361656509983870&target-id=37265945&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=604978&pcodever=604978&flash-ver=0&available-width=914&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A914%2C%22h%22%3A0%2C%22width%22%3A914%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A198%2C%22top%22%3A265%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=2892&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMDd9ChKmpLDkqO-BMFDHE6zcOqjtt9M4gpcqWMEK8KeUE8upk9A9eVuC_W15r-_b25Jdr_dbbu1Wgg_K5-RkQI8J4IoZZEwJ5VC2rm8N7f5BE0Yyg8wMMjNeXaAWeREWQURTJAsoKIqiWhCSIq2FuEgjqgWkOdzlrUW5kNKiiMgjIGuRLTiciHoZK5Y-DsqhLjkswYLBK9hLEtVSWaIjsrrUhEW0pOIUIWon2mFUUdsQqXV6qw2RMTFZbWqDWm-0guZCbe7GwqYzqpOqTXRGJKnJqGGkNzCoDbE2rYyxVm3UqpGkaFYAr8OKViSJz041NVZas6kClVQNA31CazTpDbSxRp26rTZ3f2GOTUBbbSYDbYam24zrDVZbYq0Fxi9WDKkRic2dLN3hDXkI35rg-Eg4eCDOJ8ta_r6lf8KfaIKijICISJbYZTvl-LLFW2JVk0tffAmWFHm-FHdZwlkI9g3TRPAKNgcvtF8q3p6w83Mq_-Zf_N6zrMk5ePCXeNwuPaLkKNs9P7l5xxw6sRbiiHqyowjj_tQXxj-KyP04IS8n1pYtiki2XSF7plDmzoUv71gtEkyMMbV8aERONHO_DU1nEN_KqE80GiQprTmGbxkPTdEMT9DqsrlA_8fCgsz6mBGh5fOcTp43MBd4g_uRknMsDia4glydFRUnaYhjel0AhIYh0fIxp1OrY63FbGaMTYu1zT18oFiDYo1O1oGg4WZhZjTr0-80tAfT7PSsHlU75y4uzj2VOiKbia4bNaKNlKG_tn1dTLYsl_35IupqawxneBP2kGG3GbJDwG9KA2tV6WNdRRjTco1jWLjOAN_SHkenMdJbzPFer0u5ijIlaqPGojUiWJ_C--RTbjXUdaZ_uxh1vssOq6-FaGuk_GJLh7lggZURRVv-Lob7JrfPstOZzXqjhd4ADCK1RR0zpNbqZK6LI9YP2UWoDpfDUYvcUx0OOwuL3eniKI-baH6Bm3mCr-VsoGSsVr6lFsA-kttPaAo5-8IACjP0v575EUZwPz_YbWy2hZmZoPENhCOm0hecRWMwGTune7uDqVdmJke5AfnTnT-dxY6cxe5i4nidk2yXy75AKJwBvPZ9n6ngsm5zK6QOBV9eyDfYik7DFVlZNkCbyVAZ56LtcwSfx8-y-8QKV2GWJJ1-l8YcKuqUrKORYJTEnMmlGQG5tMC1TcMwpUmmuyom6TLYOPXebGFPuaxb_0MJa9M5pEZwfy9uRD6fwpvQG4dlrW53LYCO5rbs1rJ4QnrYeyOZJ8hmway6Vl1MHheLZ3LAbzYJ9Ny61H4hPGm3HlO9rG7TgmuPe0THVyv-wmmCFRUqVH7kQRjVqe5AhqeLrrV-8iPY09eQo3qJsjkTd9zpoLOWibcFQq3eUe5GpaG-0ztQ-GHJL8leCyCN-Xd426t5klSbX9VgdmVlCiUssDbICPzII84xJ9m_dlgmEiUP2ivB4bv2OTcPZVdM3ZdOFE4fEOuMw1sY-tgo3-v7W2p3FMEoQG-QonWKOrgVeaulF_oVHNdX31aQMnmvt1B9wHBqHtKsS155nMxfm8Cpn8mrIlmTnCUSNq-i03OVhnrWd_MI8zCHgnAaDsYg21QTX78TtthbPziSR5f48QRzwtUzgvukQfLzSff6d6HMiZWPZ4A9Haov2lcNr4AvsOqlKYrG6G8Ipga84Hcbc4dcn550T7JF63DKi6GCMeHyS6HDZkJAhWFs7PObGfJ794Tjbq9kAgTClFALwO9thFPKDgRRe_tEKpQNPegFn_cx7o79_VIRyAYpSOj1h01TdSDzuFB4nEj9-iAcPeL3CFbkpQq9cUy7bKpmHUzHsT7J3Cs8qnd2JGUYKeMlwo9nB-XC70R1Oejvwa8ltk4IaanShLZtMKEcR-zsy48l1ixGjpBLzO2f98B6QqVvYeGQLu7ieXw2aVTtffu8WZc8Qvir9GtuDLHMm9dSMJXOyI8OPobodALCqpAXl4o7h3KW_ft6_HDzlPH2f51OeCdSdSxxphMMz8l-LOEvXQ8ZyatQ3M2oLpLmnd2S4czjPY1_6F7xTrOXktu7P_GtL091rQ_EdjycN_SB53kOAFzEAuNepsyRqbDzUOzvvngHxh8iZ_AXe1kOMR-X4VlJxZoB0o7WncCpi3WMQ8-t4sFK-aRLuLy8AzJPk-h6AVl9bIobAbPjF8yyGqKN47Qtm8kQXrfDav5bKGFLOIDvRBPzw06BTtnBgxlJ9RE-SLrXUEMk5VnVrKv9Znge9jZ_qE0KuN7c5qF3rufxh2JncPBvdVUWevOj7VnO9cK6oC5jny_wF1_lEbz3IW1_hLFnEy4g_kYGUQFo2UK19yTSdMlQLo6qnhYVSu6w63aakZi_uY8hyShGX-iQJfgfBae9YWIPxo8A1xXzqI3WJMjrrsLAcHUu-JrsPyS6PjMJnTHCeyzBbmt49fwWYRslr2y1SqJdbHlmjK7ori0bfqkc3HkIiHAx_YqpRr2FdlWSWFP1Bi1CS4staSM0iu9IeWKkEUUEEyNVJIhG1iJL71zl6aCjQWIkaWKS-RHHsXrFJEajdiFHjnW5kHlbkOMUNp_V_djbSkZGexLzxWgyXlr5HdeMXDcDr2oUS5pVt4S70Nekp53hDhHfsvbGUe9y4B9LUbiaITqaoKXhHWWqjCqVzFCEoookREFQzuKMlVAu0dIAO_mQFS54iPDE_YQm0ZsSDwJNKPmEIHSJQe-hpwvhMHmRInd5mZE7vMzMzCh8JNB8x8WRtJF12CLm2ysLExMYpiKIDwjAp5hBAJf6sQQxzXUEzwcbOC4kaLbtA5ti7q0BXO8-gIkB_A%3D%3D&uniformat=true&callback=Ya%5B7034350675614%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

a3622bfab82d7d876d214926e7bf247a2357df04ddcaa303b9053bf4fde07f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1656509984261544-17670111870028900642-sas3-0778-625-sas-l7-balancer-8080-BAL-1536
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Jun 2022 13:39:44 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://salda.ws
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:39:44 GMT

GET 323840
mc.yandex.com/watch/ 0
0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
908 B 73ms
72ms Ping
image/gif 95.163.52.67
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=1553192;u=https%3A//salda.ws/video.php%3Fid%3DIin1sJx_uTs;st=1656509983353;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=48305b37480f938a;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1656509982971/////0/0/18/18/139/74/139/252/345/266/382/382/382/1260/1260/;ni=9.4//4g/0/0/;lvid=1656509983690%3A1656509984232%3A2%3A06c4d4f723497ca49386288ebc73714f;visible=true;_=0.7987410745902841;e=RT/load;et=1656509984231

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://salda.ws
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://salda.ws
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://salda.ws
access-control-allow-headers: *

GET
H2 200 323840 Show response
yandex.ru/ads/meta/ 420 B
372 B 207ms
207ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&pcode-test-ids=586231%2C0%2C54%3B586085%2C0%2C3%3B600588%2C0%2C9%3B593308%2C0%2C67%3B590118%2C0%2C72%3B594014%2C0%2C11%3B598479%2C0%2C37%3B601441%2C0%2C57%3B604978%2C0%2C90&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz8GCutCS9o2SaJuIJGpJypctFkTazVtQFN1sUWCRf%2B%2BhJF%2BkxHTymEDncDg8M3PGvxZbpm3Dd7ZgVWWNtKwwQjbW8L1ZfP791%2BLfh6efj4vPC6M6vrhbPD%2F%2BeBbf8TellKTx4uXb3YI3LK%2B47Rrdta1Uhpe2kqzkyupCidZYrQq7Y6oRzfoGZ0LjpOdUvOXM2G3NWqv4l45rY9nKgFM0SlaVnydJ4mDZ87jrFbLRog9nI3fWCINgWVPaXJYHy0rbMsVqDm4%2FabqkQXQiFdxqI1srzQbMZsMaW3eVEbeDSxMaLl%2FxfBgs1o1U3NZCayS8ZIYNF9F2JZXd4sISucLl61xOOB%2F%2F%2B3tCmZGY0lM8rDNyzRuumHvHlhX3yJqxZYd%2FQBgTpmjKExOSnXhGUThpnUm4RtS2liWf8MimOlhe8Zo3Bs9VieLega%2Bwj8w129sNF%2BuNOT0w9PXhy9MoCHta6B%2Fq6J%2BhBX3PMeTSrNkNjpicE6h4LbfcqmYUll0pWdtKNPf%2Bl82SIKaXmt1yZaysSlu0hatMCK3mltetOXiZloSkwbGKxsopV3KPcMzGtoqvxH5C8PD9xxQfReEg9JarFS9Qhu20NoJP0RQRJjS7VOXwAjVTa9H4crckcRCdi0qb%2Fmlxcz3XGqIKo3CGTWjaY7tGjB3HvRer20vo8z8%2FHy9gcZhGGRlgGsWnXUuZY%2BZxXoDQMDTnjZW55mo7axqPfz388fQ4QUbLMBteA3lHuTZH1TbGf2RMoyzogV95E0JXY%2FmEgf0SIVW8tZGXgIZhNuS2kF1jnIb2G%2BWFpEkaDk39gA7J91Z1tpQ1878iJUkYjS1tUnp21VUVhgDy5cUHeFtyylGu5D0SjPzYtRKlHwkJLN8M2JZCGyVyLzwMyDI%2B59iFa3eiRJ2Imq25FxsHcUrOWBzXizeXyglRsVJ0%2Brd3MhyYi3sI2LJqxw7aj4ySURvlyg1I3aIFcsy2mstuOrhDQsgUG5NouHNboBP33RON138eBc0of9dKFHf1djzP8r1XyjgyScLXcLFy43fnCv%2BWQq4wHAPYsqqbvFZE3kaPw2NQp2haPLJlqvafvQzGOmKla8pC9zZkJV939TmUEjI29YrDAGH0uebIlGCzhIdz2Pi8s3pSHD6qxGB%2BZ2GB6fjWTEEgsDnsLBeuFNplJSeujE7wKYmHd2%2BVkEqYg80P6O5854ye9%2Bhlshw7pvvcNtKIgsPv1GsvLAmB62Fat3ClxYa7CC1GUTFTaUAmj5zQIIsvJEL2BJMEzUBqI7xnpgEdz%2BxH98mvoGH2JeIHh7jp4uXu%2FMWfz0%2FTORXE8VisMDmGWzQ5POFOsRa3Oo6DD5iWFDNlIMS4K8b8zNrVbOrRNA3pUALHRlUK5WZ7ob0jgWZBkl60SAFvwqAbmIrCPYj2HZpFNAgm2L6tavRYs3F127KyhGvzk8R01GA%2FxpzbPrTcP%2FsAglO%2BEEONFWQrtMhFJab%2B6fVxWbK8irTYjXqDeuP0I4cy%2BUWtYiFiyPwKS5acZD34FEy9YJRGJ%2FyHQb2JzVkDF4%2BtTKwE1CZc5sDhF3OWhklycfmRZNCm2w5hait2yFEhbm4Yt7DMLdDc4YVxNAhvk8%2FsEs2yMCOTjyMSD5ZurVge3rCOcULO31otvk4uR4OQ%2BL5%2FY1gG9ApiyMY4LyABrKdIgxsConGqMAoZ6dePmbd%2BHTSl5%2BVv3BWKjWvO5r2bQroMo%2BDE0c%2FBtXJR6dot8W90yrc4SHreNgCHF9b2wODA0afdxv4R%2FDhVnXnDn%2BacDtBhiXGmvNW8K%2BWoJBQDjtly7T0Eiwza1vyQAl3TUWMOlXLXvGOxiiLiZYGthrm2uTBu6f0ImVsg3IY7OnM0by1qtz3qDqvBzMMVpprt3UHwKq6uLfvFu5bDzzAMi40a%2BW9EFmPOnOhaDD10Vxegq1EL%2B3H6h%2BYo3XIaHGpl1gjiJLvKNgRb3gjoRLHBo8%2Fm23nI5p0xuCm8oPslxbkxfv4JwDKNwpiGen28DsUEh%2FPm4L6O67%2Bdr3Io1SxJZ8Xr%2FvPy7eV%2FxEyU5Q%3D%3D&pcode-icookie=EJNY783bP6hGAQ%2FBaxQROHdEIfAPJXLv6qv3alJF83fcoXEadcrpFXQq4%2B50JG88wlIERaTMNdiO6wxOxzJSplfxABQ%3D&duid=MTY1NjUwOTk4NDE0NTI5MTkyOA%3D%3D&imp-id=24&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=449700255760386&ad-session-id=1914361656509983870&target-id=3601441&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=604978&pcodever=604978&flash-ver=0&available-width=280&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A280%2C%22h%22%3A0%2C%22width%22%3A280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1127%2C%22top%22%3A553%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A2%7D&grab-orig-len=2892&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMDd9ChKmpLDkqO-BMFDHE6zcOqjtt9M4gpcqWMEK8KeUE8upk9A9eVuC_W15r-_b25Jdr_dbbu1Wgg_K5-RkQI8J4IoZZEwJ5VC2rm8N7f5BE0Yyg8wMMjNeXaAWeREWQURTJAsoKIqiWhCSIq2FuEgjqgWkOdzlrUW5kNKiiMgjIGuRLTiciHoZK5Y-DsqhLjkswYLBK9hLEtVSWaIjsrrUhEW0pOIUIWon2mFUUdsQqXV6qw2RMTFZbWqDWm-0guZCbe7GwqYzqpOqTXRGJKnJqGGkNzCoDbE2rYyxVm3UqpGkaFYAr8OKViSJz041NVZas6kClVQNA31CazTpDbSxRp26rTZ3f2GOTUBbbSYDbYam24zrDVZbYq0Fxi9WDKkRic2dLN3hDXkI35rg-Eg4eCDOJ8ta_r6lf8KfaIKijICISJbYZTvl-LLFW2JVk0tffAmWFHm-FHdZwlkI9g3TRPAKNgcvtF8q3p6w83Mq_-Zf_N6zrMk5ePCXeNwuPaLkKNs9P7l5xxw6sRbiiHqyowjj_tQXxj-KyP04IS8n1pYtiki2XSF7plDmzoUv71gtEkyMMbV8aERONHO_DU1nEN_KqE80GiQprTmGbxkPTdEMT9DqsrlA_8fCgsz6mBGh5fOcTp43MBd4g_uRknMsDia4glydFRUnaYhjel0AhIYh0fIxp1OrY63FbGaMTYu1zT18oFiDYo1O1oGg4WZhZjTr0-80tAfT7PSsHlU75y4uzj2VOiKbia4bNaKNlKG_tn1dTLYsl_35IupqawxneBP2kGG3GbJDwG9KA2tV6WNdRRjTco1jWLjOAN_SHkenMdJbzPFer0u5ijIlaqPGojUiWJ_C--RTbjXUdaZ_uxh1vssOq6-FaGuk_GJLh7lggZURRVv-Lob7JrfPstOZzXqjhd4ADCK1RR0zpNbqZK6LI9YP2UWoDpfDUYvcUx0OOwuL3eniKI-baH6Bm3mCr-VsoGSsVr6lFsA-kttPaAo5-8IACjP0v575EUZwPz_YbWy2hZmZoPENhCOm0hecRWMwGTune7uDqVdmJke5AfnTnT-dxY6cxe5i4nidk2yXy75AKJwBvPZ9n6ngsm5zK6QOBV9eyDfYik7DFVlZNkCbyVAZ56LtcwSfx8-y-8QKV2GWJJ1-l8YcKuqUrKORYJTEnMmlGQG5tMC1TcMwpUmmuyom6TLYOPXebGFPuaxb_0MJa9M5pEZwfy9uRD6fwpvQG4dlrW53LYCO5rbs1rJ4QnrYeyOZJ8hmway6Vl1MHheLZ3LAbzYJ9Ny61H4hPGm3HlO9rG7TgmuPe0THVyv-wmmCFRUqVH7kQRjVqe5AhqeLrrV-8iPY09eQo3qJsjkTd9zpoLOWibcFQq3eUe5GpaG-0ztQ-GHJL8leCyCN-Xd426t5klSbX9VgdmVlCiUssDbICPzII84xJ9m_dlgmEiUP2ivB4bv2OTcPZVdM3ZdOFE4fEOuMw1sY-tgo3-v7W2p3FMEoQG-QonWKOrgVeaulF_oVHNdX31aQMnmvt1B9wHBqHtKsS155nMxfm8Cpn8mrIlmTnCUSNq-i03OVhnrWd_MI8zCHgnAaDsYg21QTX78TtthbPziSR5f48QRzwtUzgvukQfLzSff6d6HMiZWPZ4A9Haov2lcNr4AvsOqlKYrG6G8Ipga84Hcbc4dcn550T7JF63DKi6GCMeHyS6HDZkJAhWFs7PObGfJ794Tjbq9kAgTClFALwO9thFPKDgRRe_tEKpQNPegFn_cx7o79_VIRyAYpSOj1h01TdSDzuFB4nEj9-iAcPeL3CFbkpQq9cUy7bKpmHUzHsT7J3Cs8qnd2JGUYKeMlwo9nB-XC70R1Oejvwa8ltk4IaanShLZtMKEcR-zsy48l1ixGjpBLzO2f98B6QqVvYeGQLu7ieXw2aVTtffu8WZc8Qvir9GtuDLHMm9dSMJXOyI8OPobodALCqpAXl4o7h3KW_ft6_HDzlPH2f51OeCdSdSxxphMMz8l-LOEvXQ8ZyatQ3M2oLpLmnd2S4czjPY1_6F7xTrOXktu7P_GtL091rQ_EdjycN_SB53kOAFzEAuNepsyRqbDzUOzvvngHxh8iZ_AXe1kOMR-X4VlJxZoB0o7WncCpi3WMQ8-t4sFK-aRLuLy8AzJPk-h6AVl9bIobAbPjF8yyGqKN47Qtm8kQXrfDav5bKGFLOIDvRBPzw06BTtnBgxlJ9RE-SLrXUEMk5VnVrKv9Znge9jZ_qE0KuN7c5qF3rufxh2JncPBvdVUWevOj7VnO9cK6oC5jny_wF1_lEbz3IW1_hLFnEy4g_kYGUQFo2UK19yTSdMlQLo6qnhYVSu6w63aakZi_uY8hyShGX-iQJfgfBae9YWIPxo8A1xXzqI3WJMjrrsLAcHUu-JrsPyS6PjMJnTHCeyzBbmt49fwWYRslr2y1SqJdbHlmjK7ori0bfqkc3HkIiHAx_YqpRr2FdlWSWFP1Bi1CS4staSM0iu9IeWKkEUUEEyNVJIhG1iJL71zl6aCjQWIkaWKS-RHHsXrFJEajdiFHjnW5kHlbkOMUNp_V_djbSkZGexLzxWgyXlr5HdeMXDcDr2oUS5pVt4S70Nekp53hDhHfsvbGUe9y4B9LUbiaITqaoKXhHWWqjCqVzFCEoookREFQzuKMlVAu0dIAO_mQFS54iPDE_YQm0ZsSDwJNKPmEIHSJQe-hpwvhMHmRInd5mZE7vMzMzCh8JNB8x8WRtJF12CLm2ysLExMYpiKIDwjAp5hBAJf6sQQxzXUEzwcbOC4kaLbtA5ti7q0BXO8-gIkB_A%3D%3D&uniformat=true&callback=Ya%5B7353985929478%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

2ff379034621beddeaae0c8a5cb423d54e59a4acb19d5cf0213ec2c1240c6896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1656509984484962-3597139341728977263-sas3-0778-625-sas-l7-balancer-8080-BAL-9301
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Jun 2022 13:39:44 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://salda.ws
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:39:44 GMT

GET
H2 200 323840 Show response
yandex.ru/ads/meta/ 420 B
370 B 233ms
233ms XHR
application/json 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&pcode-test-ids=586231%2C0%2C54%3B586085%2C0%2C3%3B600588%2C0%2C9%3B593308%2C0%2C67%3B590118%2C0%2C72%3B594014%2C0%2C11%3B598479%2C0%2C37%3B601441%2C0%2C57%3B604978%2C0%2C90&pcode-flags-map=eJyVWNtu4zYQ%2FZXCz8GCutCS9o2SaJuIJGpJypctFkTazVtQFN1sUWCRf%2B%2BhJF%2BkxHTymEDncDg8M3PGvxZbpm3Dd7ZgVWWNtKwwQjbW8L1ZfP791%2BLfh6efj4vPC6M6vrhbPD%2F%2BeBbf8TellKTx4uXb3YI3LK%2B47Rrdta1Uhpe2kqzkyupCidZYrQq7Y6oRzfoGZ0LjpOdUvOXM2G3NWqv4l45rY9nKgFM0SlaVnydJ4mDZ87jrFbLRog9nI3fWCINgWVPaXJYHy0rbMsVqDm4%2FabqkQXQiFdxqI1srzQbMZsMaW3eVEbeDSxMaLl%2FxfBgs1o1U3NZCayS8ZIYNF9F2JZXd4sISucLl61xOOB%2F%2F%2B3tCmZGY0lM8rDNyzRuumHvHlhX3yJqxZYd%2FQBgTpmjKExOSnXhGUThpnUm4RtS2liWf8MimOlhe8Zo3Bs9VieLega%2Bwj8w129sNF%2BuNOT0w9PXhy9MoCHta6B%2Fq6J%2BhBX3PMeTSrNkNjpicE6h4LbfcqmYUll0pWdtKNPf%2Bl82SIKaXmt1yZaysSlu0hatMCK3mltetOXiZloSkwbGKxsopV3KPcMzGtoqvxH5C8PD9xxQfReEg9JarFS9Qhu20NoJP0RQRJjS7VOXwAjVTa9H4crckcRCdi0qb%2Fmlxcz3XGqIKo3CGTWjaY7tGjB3HvRer20vo8z8%2FHy9gcZhGGRlgGsWnXUuZY%2BZxXoDQMDTnjZW55mo7axqPfz388fQ4QUbLMBteA3lHuTZH1TbGf2RMoyzogV95E0JXY%2FmEgf0SIVW8tZGXgIZhNuS2kF1jnIb2G%2BWFpEkaDk39gA7J91Z1tpQ1878iJUkYjS1tUnp21VUVhgDy5cUHeFtyylGu5D0SjPzYtRKlHwkJLN8M2JZCGyVyLzwMyDI%2B59iFa3eiRJ2Imq25FxsHcUrOWBzXizeXyglRsVJ0%2Brd3MhyYi3sI2LJqxw7aj4ySURvlyg1I3aIFcsy2mstuOrhDQsgUG5NouHNboBP33RON138eBc0of9dKFHf1djzP8r1XyjgyScLXcLFy43fnCv%2BWQq4wHAPYsqqbvFZE3kaPw2NQp2haPLJlqvafvQzGOmKla8pC9zZkJV939TmUEjI29YrDAGH0uebIlGCzhIdz2Pi8s3pSHD6qxGB%2BZ2GB6fjWTEEgsDnsLBeuFNplJSeujE7wKYmHd2%2BVkEqYg80P6O5854ye9%2Bhlshw7pvvcNtKIgsPv1GsvLAmB62Fat3ClxYa7CC1GUTFTaUAmj5zQIIsvJEL2BJMEzUBqI7xnpgEdz%2BxH98mvoGH2JeIHh7jp4uXu%2FMWfz0%2FTORXE8VisMDmGWzQ5POFOsRa3Oo6DD5iWFDNlIMS4K8b8zNrVbOrRNA3pUALHRlUK5WZ7ob0jgWZBkl60SAFvwqAbmIrCPYj2HZpFNAgm2L6tavRYs3F127KyhGvzk8R01GA%2FxpzbPrTcP%2FsAglO%2BEEONFWQrtMhFJab%2B6fVxWbK8irTYjXqDeuP0I4cy%2BUWtYiFiyPwKS5acZD34FEy9YJRGJ%2FyHQb2JzVkDF4%2BtTKwE1CZc5sDhF3OWhklycfmRZNCm2w5hait2yFEhbm4Yt7DMLdDc4YVxNAhvk8%2FsEs2yMCOTjyMSD5ZurVge3rCOcULO31otvk4uR4OQ%2BL5%2FY1gG9ApiyMY4LyABrKdIgxsConGqMAoZ6dePmbd%2BHTSl5%2BVv3BWKjWvO5r2bQroMo%2BDE0c%2FBtXJR6dot8W90yrc4SHreNgCHF9b2wODA0afdxv4R%2FDhVnXnDn%2BacDtBhiXGmvNW8K%2BWoJBQDjtly7T0Eiwza1vyQAl3TUWMOlXLXvGOxiiLiZYGthrm2uTBu6f0ImVsg3IY7OnM0by1qtz3qDqvBzMMVpprt3UHwKq6uLfvFu5bDzzAMi40a%2BW9EFmPOnOhaDD10Vxegq1EL%2B3H6h%2BYo3XIaHGpl1gjiJLvKNgRb3gjoRLHBo8%2Fm23nI5p0xuCm8oPslxbkxfv4JwDKNwpiGen28DsUEh%2FPm4L6O67%2Bdr3Io1SxJZ8Xr%2FvPy7eV%2FxEyU5Q%3D%3D&pcode-icookie=EJNY783bP6hGAQ%2FBaxQROHdEIfAPJXLv6qv3alJF83fcoXEadcrpFXQq4%2B50JG88wlIERaTMNdiO6wxOxzJSplfxABQ%3D&duid=MTY1NjUwOTk4NDE0NTI5MTkyOA%3D%3D&imp-id=22&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=449700255760386&ad-session-id=1914361656509983870&target-id=7073816&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=604978&pcodever=604978&flash-ver=0&available-width=914&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A914%2C%22h%22%3A0%2C%22width%22%3A914%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A198%2C%22top%22%3A1059%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A3%7D&grab-orig-len=2892&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxMDd9ChKmpLDkqO-BMFDHE6zcOqjtt9M4gpcqWMEK8KeUE8upk9A9eVuC_W15r-_b25Jdr_dbbu1Wgg_K5-RkQI8J4IoZZEwJ5VC2rm8N7f5BE0Yyg8wMMjNeXaAWeREWQURTJAsoKIqiWhCSIq2FuEgjqgWkOdzlrUW5kNKiiMgjIGuRLTiciHoZK5Y-DsqhLjkswYLBK9hLEtVSWaIjsrrUhEW0pOIUIWon2mFUUdsQqXV6qw2RMTFZbWqDWm-0guZCbe7GwqYzqpOqTXRGJKnJqGGkNzCoDbE2rYyxVm3UqpGkaFYAr8OKViSJz041NVZas6kClVQNA31CazTpDbSxRp26rTZ3f2GOTUBbbSYDbYam24zrDVZbYq0Fxi9WDKkRic2dLN3hDXkI35rg-Eg4eCDOJ8ta_r6lf8KfaIKijICISJbYZTvl-LLFW2JVk0tffAmWFHm-FHdZwlkI9g3TRPAKNgcvtF8q3p6w83Mq_-Zf_N6zrMk5ePCXeNwuPaLkKNs9P7l5xxw6sRbiiHqyowjj_tQXxj-KyP04IS8n1pYtiki2XSF7plDmzoUv71gtEkyMMbV8aERONHO_DU1nEN_KqE80GiQprTmGbxkPTdEMT9DqsrlA_8fCgsz6mBGh5fOcTp43MBd4g_uRknMsDia4glydFRUnaYhjel0AhIYh0fIxp1OrY63FbGaMTYu1zT18oFiDYo1O1oGg4WZhZjTr0-80tAfT7PSsHlU75y4uzj2VOiKbia4bNaKNlKG_tn1dTLYsl_35IupqawxneBP2kGG3GbJDwG9KA2tV6WNdRRjTco1jWLjOAN_SHkenMdJbzPFer0u5ijIlaqPGojUiWJ_C--RTbjXUdaZ_uxh1vssOq6-FaGuk_GJLh7lggZURRVv-Lob7JrfPstOZzXqjhd4ADCK1RR0zpNbqZK6LI9YP2UWoDpfDUYvcUx0OOwuL3eniKI-baH6Bm3mCr-VsoGSsVr6lFsA-kttPaAo5-8IACjP0v575EUZwPz_YbWy2hZmZoPENhCOm0hecRWMwGTune7uDqVdmJke5AfnTnT-dxY6cxe5i4nidk2yXy75AKJwBvPZ9n6ngsm5zK6QOBV9eyDfYik7DFVlZNkCbyVAZ56LtcwSfx8-y-8QKV2GWJJ1-l8YcKuqUrKORYJTEnMmlGQG5tMC1TcMwpUmmuyom6TLYOPXebGFPuaxb_0MJa9M5pEZwfy9uRD6fwpvQG4dlrW53LYCO5rbs1rJ4QnrYeyOZJ8hmway6Vl1MHheLZ3LAbzYJ9Ny61H4hPGm3HlO9rG7TgmuPe0THVyv-wmmCFRUqVH7kQRjVqe5AhqeLrrV-8iPY09eQo3qJsjkTd9zpoLOWibcFQq3eUe5GpaG-0ztQ-GHJL8leCyCN-Xd426t5klSbX9VgdmVlCiUssDbICPzII84xJ9m_dlgmEiUP2ivB4bv2OTcPZVdM3ZdOFE4fEOuMw1sY-tgo3-v7W2p3FMEoQG-QonWKOrgVeaulF_oVHNdX31aQMnmvt1B9wHBqHtKsS155nMxfm8Cpn8mrIlmTnCUSNq-i03OVhnrWd_MI8zCHgnAaDsYg21QTX78TtthbPziSR5f48QRzwtUzgvukQfLzSff6d6HMiZWPZ4A9Haov2lcNr4AvsOqlKYrG6G8Ipga84Hcbc4dcn550T7JF63DKi6GCMeHyS6HDZkJAhWFs7PObGfJ794Tjbq9kAgTClFALwO9thFPKDgRRe_tEKpQNPegFn_cx7o79_VIRyAYpSOj1h01TdSDzuFB4nEj9-iAcPeL3CFbkpQq9cUy7bKpmHUzHsT7J3Cs8qnd2JGUYKeMlwo9nB-XC70R1Oejvwa8ltk4IaanShLZtMKEcR-zsy48l1ixGjpBLzO2f98B6QqVvYeGQLu7ieXw2aVTtffu8WZc8Qvir9GtuDLHMm9dSMJXOyI8OPobodALCqpAXl4o7h3KW_ft6_HDzlPH2f51OeCdSdSxxphMMz8l-LOEvXQ8ZyatQ3M2oLpLmnd2S4czjPY1_6F7xTrOXktu7P_GtL091rQ_EdjycN_SB53kOAFzEAuNepsyRqbDzUOzvvngHxh8iZ_AXe1kOMR-X4VlJxZoB0o7WncCpi3WMQ8-t4sFK-aRLuLy8AzJPk-h6AVl9bIobAbPjF8yyGqKN47Qtm8kQXrfDav5bKGFLOIDvRBPzw06BTtnBgxlJ9RE-SLrXUEMk5VnVrKv9Znge9jZ_qE0KuN7c5qF3rufxh2JncPBvdVUWevOj7VnO9cK6oC5jny_wF1_lEbz3IW1_hLFnEy4g_kYGUQFo2UK19yTSdMlQLo6qnhYVSu6w63aakZi_uY8hyShGX-iQJfgfBae9YWIPxo8A1xXzqI3WJMjrrsLAcHUu-JrsPyS6PjMJnTHCeyzBbmt49fwWYRslr2y1SqJdbHlmjK7ori0bfqkc3HkIiHAx_YqpRr2FdlWSWFP1Bi1CS4staSM0iu9IeWKkEUUEEyNVJIhG1iJL71zl6aCjQWIkaWKS-RHHsXrFJEajdiFHjnW5kHlbkOMUNp_V_djbSkZGexLzxWgyXlr5HdeMXDcDr2oUS5pVt4S70Nekp53hDhHfsvbGUe9y4B9LUbiaITqaoKXhHWWqjCqVzFCEoookREFQzuKMlVAu0dIAO_mQFS54iPDE_YQm0ZsSDwJNKPmEIHSJQe-hpwvhMHmRInd5mZE7vMzMzCh8JNB8x8WRtJF12CLm2ysLExMYpiKIDwjAp5hBAJf6sQQxzXUEzwcbOC4kaLbtA5ti7q0BXO8-gIkB_A%3D%3D&uniformat=true&callback=Ya%5B3030296556019%5D

Requested by

Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9adc2b8d1700893d3fcd74ae52b349664b9fd71904bed448f30398e1b5944467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://salda.ws/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Jun 2022 13:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1656509984694583-13468404793988231139-sas3-0778-625-sas-l7-balancer-8080-BAL-672
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 29 Jun 2022 13:39:44 GMT
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://salda.ws
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 29 Jun 2022 13:39:44 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 5E25 28 B
54 B 35ms
34ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/60c2da65/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/Iin1sJx_uTs
X-YouTube-Client-Version: 1.20220626.00.02
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtlbEg3M21XWUk4VSifrPGVBg%3D%3D
X-YouTube-Ad-Signals: dt=1656509983637&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C924%2C517&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 29 Jun 2022 13:39:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 29 Jun 2022 13:39:46 GMT

GET
H2 200 s0tgc8XWV.js Show response
salda.ws/ 47 B
272 B 56ms
56ms XHR
application/javascript 185.186.143.7
ASKONTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://salda.ws/s0tgc8XWV.js

Requested by

Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

e8cb1d4a23227fb9426aab7d4b3c7768cbb452ebf07e7f5583ee6f2d9172250f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/video.php?id=Iin1sJx_uTs
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 29 Jun 2022 13:39:48 GMT
last-modified: Sun, 18 Jul 2021 09:23:01 GMT
server: nginx
etag: "60f3f2f5-2f"
strict-transport-security: max-age=31536000;
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 47
expires: Fri, 29 Jul 2022 13:39:48 GMT

GET
H2 200 cookie Show response
rbthre.work/ 2 B
184 B 42ms
42ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rbthre.work/cookie?sub_u=1

Requested by

Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://salda.ws/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://salda.ws
date: Wed, 29 Jun 2022 13:39:48 GMT
access-control-allow-credentials: true
server: cloudflare-nginx
content-length: 2
strict-transport-security: max-age=63072000
content-type: application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/50728582?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A378%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1277297057178%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133943%3Aet%3A1656509984%3Ac%3A1%3Arn%3A991156068%3Arqn%3A1%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Ads%3A17%2C121%2C112%2C93%2C0%2C0%2C%2C38%2C0%2C%2C%2C%2C383%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/50728582?callback=_ymjsp1051600937&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A378%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1277297057178%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133943%3Aet%3A1656509984%3Ac%3A1%3Arn%3A991156068%3Arqn%3A1%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Ads%3A17%2C121%2C112%2C93%2C0%2C0%2C%2C38%2C0%2C%2C%2C%2C383%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(3)&wmode=5

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/323840?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A614652909687%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133944%3Aet%3A1656509984%3Ac%3A1%3Arn%3A424050236%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Anp%3AV2luMzI%3D%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5500)aw(1)rqnl(1)ti(2)

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/323840?callback=_ymjsp610878387&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A614652909687%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133944%3Aet%3A1656509984%3Ac%3A1%3Arn%3A424050236%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Anp%3AV2luMzI%3D%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5500)aw(1)rqnl(1)ti(3)&wmode=5

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
salda.ws/	1970-02-11 23:52:59	Name: WS Value: 0lmv38c7d9e1hdaofuj36rfsf4
salda.ws/	1970-01-23 19:44:29	Name: _COOKIE_TEST Value: SALDA.WS
salda.ws/	1970-01-23 19:44:29	Name: _BG Value: 21
salda.ws/	1970-01-23 19:44:29	Name: _BG_PRIV Value: 65
salda.ws/	1970-01-23 19:44:29	Name: _PRIV_NOTIFY Value: 5
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: pqE4Ight6TA
.youtube.com/	1970-01-20 08:27:41	Name: VISITOR_INFO1_LIVE Value: elH73mWYI8U
.yadro.ru/	1970-01-20 12:53:06	Name: FTID Value: 1Yl5OV0Yr18L1Yl5OV001K4n
.yadro.ru/	1970-01-20 12:53:06	Name: VID Value: 2T5tnj34mfuL1Yl5OV001K5E
.salda.ws/	1970-01-20 12:08:01	Name: tmr_lvid Value: 06c4d4f723497ca49386288ebc73714f
.salda.ws/	1970-01-20 12:08:01	Name: tmr_lvidTS Value: 1656509983690
.salda.ws/	1970-01-20 12:54:05	Name: _ym_uid Value: 1656509984145291928
.salda.ws/	1970-01-20 12:54:05	Name: _ym_d Value: 1656509984
.mc.yandex.com/	1970-01-20 04:08:30	Name: sync_cookie_csrf Value: 3860438344fake
.mc.yandex.ru/	1970-01-20 04:08:30	Name: sync_cookie_csrf Value: 327428019fake
.yandex.ru/	1970-01-23 19:44:29	Name: yandexuid Value: 8369090571656509983
.salda.ws/	1970-01-20 04:09:41	Name: _ym_isad Value: 2
.salda.ws/	1970-01-20 12:08:01	Name: tmr_reqNum Value: 2
.mail.ru/	1970-01-20 12:55:32	Name: VID Value: 2nht8C0VONoA00000e1GL42A:::0-0-0-7d6aedf:CAASEBEmOXGu8XKxKTnWbGNC9ZoaYJ7HEg2RPYR9wvMXsrtIKiqLniBW2y0uyFc4lWL7HrEvRbO_zzJwxHUKPRSg1EKFmeAnQNjFHQ6AEvOVcz3o52kfD7RdKf5mJ9GL0D-mt2t8xVvAtRgsyDYRlMUMFdtVkQ
.yandex.ru/	1970-01-20 21:39:41	Name: i Value: jqK/3gtEy8Dq+xyfDVZCAuGXHanMGGP1KGpOuySfd4KfQld44cEfmYWB7WOx/CJkwF1mTkUWrHWj48/jJ1x2TZAFsvQ=
salda.ws/	1970-01-20 04:09:56	Name: tmr_detect Value: 0%7C1656509986033

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.ytimg.com/vi/wYHPWFelXFQ/default.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9684.QNpXKp56GECiaznYAREQKOos78Pa67nhcZ24YCZEZMAzoL-2v3648NupE500n5yRQljOdSvXucuuYHvY-6hH4A%2C%2C.PCNlDcxQl56_SM5C4LlhkMWyUIk%2C Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://mc.yandex.ru/metrika/watch.js(Line 114) Message: Refused to connect to 'https://mc.yandex.com/watch/50728582?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A378%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1277297057178%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133943%3Aet%3A1656509984%3Ac%3A1%3Arn%3A991156068%3Arqn%3A1%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Ads%3A17%2C121%2C112%2C93%2C0%2C0%2C%2C38%2C0%2C%2C%2C%2C383%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)' because it violates the following Content Security Policy directive: "connect-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru statforweb.bid .statforweb.bid tword.ru .tword.ru realpush.digital .realpush.digital rbthre.work .rbthre.work pstatrbnew.bid .pstatrbnew.bid pushreal.media .pushreal.media realpush.news *.realpush.news".
security	error	URL: https://mc.yandex.ru/metrika/watch.js(Line 104) Message: Refused to load the script 'https://mc.yandex.com/watch/50728582?callback=_ymjsp1051600937&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A378%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A1277297057178%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133943%3Aet%3A1656509984%3Ac%3A1%3Arn%3A991156068%3Arqn%3A1%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Ads%3A17%2C121%2C112%2C93%2C0%2C0%2C%2C38%2C0%2C%2C%2C%2C383%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(3)&wmode=5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com .ytimg.com youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru liveinternet.ru .liveinternet.ru mail.ru .mail.ru imgsmail.ru .imgsmail.ru rbthre.work *.rbthre.work". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security	error	URL: https://mc.yandex.ru/metrika/watch.js(Line 114) Message: Refused to connect to 'https://mc.yandex.com/watch/323840?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A614652909687%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133944%3Aet%3A1656509984%3Ac%3A1%3Arn%3A424050236%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Anp%3AV2luMzI%3D%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5500)aw(1)rqnl(1)ti(2)' because it violates the following Content Security Policy directive: "connect-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru statforweb.bid .statforweb.bid tword.ru .tword.ru realpush.digital .realpush.digital rbthre.work .rbthre.work pstatrbnew.bid .pstatrbnew.bid pushreal.media .pushreal.media realpush.news *.realpush.news".
security	error	URL: https://mc.yandex.ru/metrika/watch.js(Line 104) Message: Refused to load the script 'https://mc.yandex.com/watch/323840?callback=_ymjsp610878387&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DIin1sJx_uTs&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A614652909687%3Ahid%3A947022004%3Az%3A0%3Ai%3A20220629133944%3Aet%3A1656509984%3Ac%3A1%3Arn%3A424050236%3Au%3A1656509984145291928%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656509982971%3Anp%3AV2luMzI%3D%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656509984%3At%3A%D0%98%D0%B3%D0%BD%D0%BE%D1%80%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%20%D0%92%D0%B5%D1%82%D0%B5%D1%80%D0%B0%D0%BD%D0%BE%D0%B2%20%D0%B1%D0%BE%D0%B5%D0%B2%D1%8B%D1%85%20%D0%B4%D0%B5%D0%B9%D1%81%D1%82%D0%B2%D0%B8%D0%B9%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5500)aw(1)rqnl(1)ti(3)&wmode=5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com .ytimg.com youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru liveinternet.ru .liveinternet.ru mail.ru .mail.ru imgsmail.ru .imgsmail.ru rbthre.work *.rbthre.work". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com .ytimg.com youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru liveinternet.ru .liveinternet.ru mail.ru .mail.ru imgsmail.ru .imgsmail.ru rbthre.work .rbthre.work ; object-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; img-src data: https: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru; media-src 'self' blob: data: yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; frame-src 'self' youtube.com .youtube.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru rutube.ru .rutube.ru ; font-src 'self' data: gstatic.com .gstatic.com yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru ; connect-src 'self' yandex.ru .yandex.ru yandex.net .yandex.net yastatic.net .yastatic.net yandexadexchange.net .yandexadexchange.net yandex.st .yandex.st yastat.net .yastat.net adfox.ru .adfox.ru mail.ru .mail.ru statforweb.bid .statforweb.bid tword.ru .tword.ru realpush.digital .realpush.digital rbthre.work .rbthre.work pstatrbnew.bid .pstatrbnew.bid pushreal.media .pushreal.media realpush.news .realpush.news ;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
informer.yandex.ru
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
rbthre.work
salda.realpush.digital
salda.ws
select1.pstatrbnew.bid
static.doubleclick.net
top-fwz1.mail.ru
www.google.com
www.gstatic.com
www.youtube.com
yandex.ru
yastatic.net
yt3.ggpht.com
mc.yandex.com
136.243.105.133
159.69.75.12
185.186.143.7
2a00:1450:4001:800::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2016
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2003
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
88.212.201.198
95.163.52.67
95.216.65.102
0a4103bea5815578a18362be4a7e5ac91a9975436d7da9387a88ef415506f790
18610afcae99dd8d7a5a2feff2ba32ea4eaa68025a8c187278d794e9c0cae231
18a43968bec3b5600153f35d6c8fe7f293eead4079bed932eb044f195464dacd
1984d2ef5377effdc5f96f759be1542891760ddeadf9b730f73b4756c583d2ba
1d370f1f8bb481d2e9e18f77d9df5680e60b3ef2cf00d4869ae69969e954e208
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
2ff379034621beddeaae0c8a5cb423d54e59a4acb19d5cf0213ec2c1240c6896
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36814547d49fcc6b586b2d01f44c142c033339835599b2cf3f02d0015c0bba40
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4347c20ac1a31a02056bf128cc6f9eeeef94abca0d44fc8a649fa5b8c92dc5f1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
51614c1546ac410e2be9bb97a1763cbc7cde05ef4c66517dcf972777390e3b52
51ac825df3fcb01c72f76e76c4dd031e221381ff5971acfc27f69e43eb0be2df
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57a63c378629d9e01d613835e680b857c637e13274325d8a432a058931ef9c18
5e6a6350caff46187d1bfcc64b7c1c4a73c04187d66d8e6c02a8b304d07d9693
61cb45860644b493b736e5a35511195ca1787626524efc518b2e9d764307e769
640aa9eecea59fe602e652a14af07afaeda0fb91aa408405ff60f6d2f0e1f2c4
676ef4edd50a39df0808976793adc82efb41cfb7e36ed71347d1b1b1190fc704
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6b4edebfd784779bc03ec90a96734ac7b90ab22ea7e69478981b1631fa877448
6bf8a2459dfb1cc1111430fc4473929327dc3894793927b7ad81bf1368d53dd7
6c70a7610c128356bf797cfe5d43d154e155a43215ae1313e222df1806714122
72468e37ff50d81d05ab1b24e1475981a1e5b9714e15f452a721f58d6a469634
728f5737e4cce4a4fb6784cd605585245067e52c947f8d18e259dbb9c78bc7b0
731a502b5a220b4165d05cc8112efca1105eb78e97340800798ac66246eac107
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
7574f1c6b9de47c775f82d0cc949c4da2cff600a413f07a30f150ac6db5246eb
785a34cbb4b994c5f959804d4d49c0fbf7633f728d2f1483d0b4cd71a9f21bb7
7b8d080a03a252cde9c1865e36e0d9000066d7548a7182011ccd2894d8ade314
7de0a80fe74b17b3b868d9693dadfe5894a2c317927220e403cb8ca24a25af2d
808525f022a23e79b43e489e3e38bec792fd4d620735d47a6bb38bec0486cb70
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
88919342fd8574aa5ccdb2a60a67000d7bc9264422bd5e71b9f02c2417b67fe0
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9adc2b8d1700893d3fcd74ae52b349664b9fd71904bed448f30398e1b5944467
9bfafcf961ba45b6864ce02644d2de333f39b623bbff892dab0e96eb6639d9ab
a13d26ff9013f4c9c6109686d261736147a7934395e651549493aaba25136bc1
a3622bfab82d7d876d214926e7bf247a2357df04ddcaa303b9053bf4fde07f7e
afec3a25a8635a2cfd8724c70775814777cca0086abcfc63610d04df86d8ec57
b04181139e0ce3b79b3fa9095394070d16ab4a1b6bb8419c4d523c05712b3a95
bfd22f5124e1dcfcb43868204d7edf24738c04a2bcf06c9ff5031de2b999fab4
c2f3794752fc089949bb8d04baa11f5817eed07560b1bbce55a5d394f31ad228
c2fdf159546d6199b5533e0409a360a687c02e4fbe2722f8b118756c15e8a0a9
cae002086756a5a1c5a2caf94c879d8dd799b29b93a73385232163200c2c6633
cfcfcb98375f60c9dcad4d2039314935421dbef6c2d5240057d3665ecab6c550
d6376421746364fc51126b30f95a1ffad53934d83363e31f674284807fcb25bb
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d93ce9bc3e24b930ee5636de503334966e856396a3101197a28842ab0d97ed12
dd4782cc24968a493a76dbf40aa93aa4bb95e933818b8f5ad874ededaf8b1822
e14930f270e3be1c0c36c3ee34b7e4a28afe49f7ac7a68a5a76f5c7b805a4ada
e2188144735b6c21230e7c3778c02626907da74a83e51ff955ad9bdc34c6a0b9
e2a086e18982ed3bf075f978cadecfb00423ba6e58b4fb94fd43f33e4678853c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4824403c13a2cce09928f24902d8daa4006717b6977d4076cb2cd15ca954cf4
e7748c5486caa9e9cf6e7a74546e9fcb91f579048afdf996787858b9e6a170c7
e8cb1d4a23227fb9426aab7d4b3c7768cbb452ebf07e7f5583ee6f2d9172250f
ea430af257d76f255b08fde85566f4e8fc0b92aeb2b21fc9b0b39198f1b9fad0
ec782d8c2ce19f757e2f5f18c3ac3ac1313953a8d1b78a61ce6fb3c10c93c2ce
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee24943d40c8d188a5481343b77571373ed18c83c97b878027256bc3e4addc8c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f9b6fcdcf9605ef406d40aaa3f3b58fff825ab581ed48bb0c9e4860301815fcc
fc81f1042732040a255e9fa80134d91baf8e35e1528b68d53203942d09eee7f0
fcc6cb61197700fc1c710d08cd9294be7f55c21f568b2459f938b5bc299d9179

salda.ws Open in urlscan Pro 185.186.143.7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

90 %HTTPS

67 %IPv6

16 Domains

20 Subdomains

19 IPs

3 Countries

1612 kBTransfer

4826 kBSize

21 Cookies

7 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

salda.ws Open in urlscan Pro
185.186.143.7 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

90 %
HTTPS

67 %
IPv6

16
Domains

20
Subdomains

19
IPs

3
Countries

1612 kB
Transfer

4826 kB
Size

21
Cookies

79 HTTP transactions
2 data transactions