urlscan.io logo urlscan.io
SecurityTrails logo

salda.ws Open in urlscan Pro
185.186.143.7  Public Scan

Go To Rescan Add Verdict Report
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Submission: On June 27 via manual from IL — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 70 HTTP transactions. The main IP is 185.186.143.7, located in Moscow, Russian Federation and belongs to ASKONTEL, RU. The main domain is salda.ws.
TLS certificate: Issued by R3 on May 13th 2022. Valid for: 3 months.
This is the only time salda.ws was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 185.186.143.7 204490 (ASKONTEL)
5 2a02:6b8:a::a 208722 (GLOBAL_DC)
2 46.4.104.244 24940 (HETZNER-AS)
20 2a00:1450:400... 15169 (GOOGLE)
2 6 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 5 95.163.52.67 47764 (MAILRU-AS...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2 88.212.202.52 39134 (UNITEDNET)
2 159.69.75.12 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 85.10.194.206 24940 (HETZNER-AS)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a02:6b8:20::215 208722 (GLOBAL_DC)
70 16
7    185.186.143.7 (Moscow, Russian Federation)

ASN204490 (ASKONTEL, RU)
salda.ws
5    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
2    46.4.104.244 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.244.104.4.46.clients.your-server.de
rbthre.work
20    2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
informer.yandex.ru
mc.yandex.ru
mc.yandex.com
5    95.163.52.67 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
8    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
2    88.212.202.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru
counter.yadro.ru
2    159.69.75.12 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de
salda.realpush.digital
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    85.10.194.206 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.85-10-194-206.clients.your-server.de
select4.pstatrbnew.bid
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
4    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
Apex Domain
Subdomains		 Transfer
20 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
85 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 107
711 KB
8 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1297
informer.yandex.ru — Cisco Umbrella Rank: 59651
mc.yandex.ru — Cisco Umbrella Rank: 3472
137 KB
7 salda.ws
salda.ws
292 KB
5 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 10338
16 KB
4 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6189
142 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 330
29 KB
3 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 10550
525 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
static.doubleclick.net — Cisco Umbrella Rank: 436
1 KB
2 pstatrbnew.bid
select4.pstatrbnew.bid
207 B
2 realpush.digital
salda.realpush.digital
477 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9125
1 KB
2 rbthre.work
rbthre.work — Cisco Umbrella Rank: 317297
12 KB
1 gstatic.com
fonts.gstatic.com
16 KB
70 14
Domain Requested by
20 i.ytimg.com salda.ws
8 www.youtube.com salda.ws
www.youtube.com
7 salda.ws salda.ws
rbthre.work
5 top-fwz1.mail.ru 1 redirects salda.ws
top-fwz1.mail.ru
5 yandex.ru salda.ws
yandex.ru
4 yastatic.net yandex.ru
4 jnn-pa.googleapis.com www.youtube.com
3 mc.yandex.com 1 redirects salda.ws
mc.yandex.ru
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 select4.pstatrbnew.bid rbthre.work
2 salda.realpush.digital rbthre.work
2 counter.yadro.ru 1 redirects salda.ws
2 mc.yandex.ru 1 redirects salda.ws
2 rbthre.work salda.ws
rbthre.work
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 informer.yandex.ru salda.ws
70 17
Subject Issuer Validity Valid
salda.ws
R3		 2022-05-13 -
2022-08-11		 3 months crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2022-03-04 -
2022-09-01		 6 months crt.sh
rbthre.work
R3		 2022-06-15 -
2022-09-13		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-05-21 -
2022-10-31		 5 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
realpush.digital
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
pstatrbnew.bid
R3		 2022-06-03 -
2022-09-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-04-01 -
2022-09-29		 6 months crt.sh

This page contains 2 frames:

Primary Page: https://salda.ws/video.php?id=UG-7B3hLOW4
Frame ID: 1C49A6E0E4E6811AC73B4649A85FE1A0
Requests: 54 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UG-7B3hLOW4
Frame ID: 4ED0FC28DDD980B26A95BDC596BD70AC
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daisy's Destruction REAL UNCUT FOOTAGE FROM THE DARK WEB!, Видео, Смотреть онлайн

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

70
Requests

89 %
HTTPS

60 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

1442 kB
Transfer

4505 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://top-fwz1.mail.ru/counter?id=1553192;t=487;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1
Request Chain 31
  • https://counter.yadro.ru/hit?t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.766299953501878 HTTP 302
  • https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.766299953501878
Request Chain 44
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 51
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9682.LK5IwgnzYxFAskXQ6jINTJ29Jk7dXuXIH9sj7mIPTw1Xfgx1GXVltGRdJbDD439Q.JAq3iV9FYWcLrzzdVBZxEc1k8Y0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9682.FM0pJ0HTGfYWUcEQ36qJNsBlW5kqbwia7C_S8A8_Rva2YWhmVsadKBZArlxmwESwt_mI_GWi5Rn-qYycBgKcKQ%2C%2C.LO-5xe2zigtDb9U7-6WVng46GBI%2C

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request video.php
salda.ws/ 		52 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d1f03b99895c2b6ae3754ed46763ad471693f55d5ea463adc4ecdb5530503f62
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work ; object-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; img-src * data: https: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru; media-src 'self' blob: * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; frame-src 'self' youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru rutube.ru *.rutube.ru ; font-src 'self' data: gstatic.com *.gstatic.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news ;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, public
content-encoding
gzip
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work ; object-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; img-src * data: https: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru; media-src 'self' blob: * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; frame-src 'self' youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru rutube.ru *.rutube.ru ; font-src 'self' data: gstatic.com *.gstatic.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news ;
content-type
text/html; charset=UTF-8
date
Mon, 27 Jun 2022 18:11:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT, Tue, 28 Jun 2022 18:12:00 GMT
link
</css/css.min.css?v=79_6792>; rel=preload; as=style, </js/js.min.js?v=79_6792>; rel=preload; as=script, </img/s17.png>; rel=preload; as=image, </img/logo.png>; rel=preload; as=image
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000;
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css.min.css
salda.ws/css/ 		102 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://salda.ws/css/css.min.css?v=79_6792
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
4347c20ac1a31a02056bf128cc6f9eeeef94abca0d44fc8a649fa5b8c92dc5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 09:45:36 GMT
server
nginx
etag
W/"62876340-196bd"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Wed, 27 Jul 2022 18:11:59 GMT
js.min.js
salda.ws/js/ 		178 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://salda.ws/js/js.min.js?v=79_6792
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
cfcfcb98375f60c9dcad4d2039314935421dbef6c2d5240057d3665ecab6c550
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2022 09:45:45 GMT
server
nginx
etag
W/"62876349-2c98b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;
expires
Wed, 27 Jul 2022 18:11:59 GMT
s17.png
salda.ws/img/ 		128 KB
128 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salda.ws/img/s17.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
fc81f1042732040a255e9fa80134d91baf8e35e1528b68d53203942d09eee7f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
last-modified
Mon, 08 Apr 2019 11:56:14 GMT
server
nginx
etag
"5cab36de-1ff4d"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
130893
expires
Wed, 27 Jul 2022 18:11:59 GMT
logo.png
salda.ws/img/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salda.ws/img/logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e14930f270e3be1c0c36c3ee34b7e4a28afe49f7ac7a68a5a76f5c7b805a4ada
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
last-modified
Fri, 21 Dec 2018 07:47:23 GMT
server
nginx
etag
"5c1c9a8b-1138b"
strict-transport-security
max-age=31536000;
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
70539
expires
Wed, 27 Jul 2022 18:11:59 GMT
context.js
yandex.ru/ads/system/ 		285 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
02c887d0f137c38b67b41a1b723131d9966cf8fab642dd893d7aa69fd7f9cd0e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1656353519737406-7054810863540946040-sas3-0969-abf-sas-l7-balancer-8080-BAL-1919
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 27 Jun 2022 19:11:59 GMT
0tgc8XWV.js
rbthre.work/pjs/ 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rbthre.work/pjs/0tgc8XWV.js
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
e03f4c054e0ede2eb6312ec6fb77f6752ef657602e1c7828bed4a76e7fbf1145
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
br
last-modified
Mon, 27 Jun 2022 01:45:12 GMT
server
nginx
etag
W/"62b90ba8-b4c4"
strict-transport-security
max-age=63072000
content-type
application/javascript
cache-control
max-age=600, public, must_revalidate
expires
Mon, 27 Jun 2022 18:21:59 GMT
default.jpg
i.ytimg.com/vi/p2IC4VQcxyo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/p2IC4VQcxyo/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a06a1231bec3c91bbdf9969e7e63d1442513a2e270af8834a00df1429ff646ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3473
x-xss-protection
0
server
sffe
etag
"1593191744"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/YSluwQoIfnE/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YSluwQoIfnE/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8384ae605eededff747271230017c369f7cb18e46f988d52d354ccbc6aa8c118
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3101
x-xss-protection
0
server
sffe
etag
"1530685147"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/9zwh_mLgec8/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/9zwh_mLgec8/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0b6b00746d13f670f0ea08f8f689d152ea5fdadfcb0267331f7573d1b17d1ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8666
x-xss-protection
0
server
sffe
etag
"1485834781"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/TjP0UgI8CTg/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/TjP0UgI8CTg/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a0813d4ff9797274632a542078c69337cc4ec75fd574d971ac640f4c05819a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4521
x-xss-protection
0
server
sffe
etag
"1564790222"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/uOtawTLvxEg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/uOtawTLvxEg/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5e2e0ba5de255cfa8d5935dc04f5ea5982aefa8de5a638331b51e5556d879f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2612
x-xss-protection
0
server
sffe
etag
"1524016307"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/vayJoJan00A/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/vayJoJan00A/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3a5e8127eb139a6b9a96df1f93809e84a40bad54f7224e2f02585fcdc8439012
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3648
x-xss-protection
0
server
sffe
etag
"1553798921"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/0TfjMJEvG8g/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/0TfjMJEvG8g/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1db5105bea53fadbe2524a7942923f4712abd9b2ff6cc1b4235cfd2963ebf4a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4730
x-xss-protection
0
server
sffe
etag
"1539290896"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/HWrVtwhoAUA/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/HWrVtwhoAUA/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6835b86b0aa9f0d05d9c788a970b8f7c8855af7916c5747c697c10397efe719f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1486
x-xss-protection
0
server
sffe
etag
"1488208031"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/HE2wxi3RfJc/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/HE2wxi3RfJc/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71ad4af458ae1422bc7606df10d3489fe8788b5107d6c088c070145761c2e143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:21:13 GMT
x-content-type-options
nosniff
age
3046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3246
x-xss-protection
0
server
sffe
etag
"1562342414"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 19:21:13 GMT
default.jpg
i.ytimg.com/vi/ZaHi3F78jPs/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/ZaHi3F78jPs/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ade2235d63a3cb2381558669458c1f4ccb3dc763da058c4178fb9171c03a06bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3518
x-xss-protection
0
server
sffe
etag
"1544674405"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/r1N2NkLYDfc/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/r1N2NkLYDfc/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
11697d6b7e685d69254e60c4af12439bd958317f24cf460248022cfdd16e9146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4283
x-xss-protection
0
server
sffe
etag
"1556219272"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/Hy4WGJiPt9c/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Hy4WGJiPt9c/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c459a03c951a9a6297e66735d158ea83f49eb78a13b45192ad35bfa0b71dc7e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3946
x-xss-protection
0
server
sffe
etag
"1592768286"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/-OKtcGEEtf4/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/-OKtcGEEtf4/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb555efc6eab81f11f03f9ec43cbb959a390c95acad6b5611f1a6ad51f07c616
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4149
x-xss-protection
0
server
sffe
etag
"1548889642"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/kv9nmHNQ3aw/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/kv9nmHNQ3aw/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
210ca579479d15fbc0c28ee93bda24a4ca2e8a583111ee4ad7e532429df09ffb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4497
x-xss-protection
0
server
sffe
etag
"1504637054"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/9ZAB64bqdI0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/9ZAB64bqdI0/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4670a1ef2158ade50993ba16cecef167b4cff784f43d9708d6dd598d50f9eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4089
x-xss-protection
0
server
sffe
etag
"1490398891"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/Ye-fPEOzmCk/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/Ye-fPEOzmCk/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
323f267bff0f879cfc627265d6cc65929748fe98064c608ad4de524758207aa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3890
x-xss-protection
0
server
sffe
etag
"1493462051"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/8JGjnq5NySg/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/8JGjnq5NySg/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
769a8fa1316d34b534110cc17d1ccc0e38c1af3db4926537e0a6a0dbc16b1004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4068
x-xss-protection
0
server
sffe
etag
"1620465290"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/2bV82zZZIys/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/2bV82zZZIys/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84a6ed93324709f11acdac75783b091dc9f3e5ccf9f1f399c084f25bc44c6254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8277
x-xss-protection
0
server
sffe
etag
"1486151903"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/MpKM_JzvapU/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/MpKM_JzvapU/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27a57a1f5bd68dd4d932c54e39cf3af3becfff0d99aa8a868d993a13e8e0bcde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4013
x-xss-protection
0
server
sffe
etag
"1507044374"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 20:11:59 GMT
default.jpg
i.ytimg.com/vi/pGK2Nb25Yjc/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/pGK2Nb25Yjc/default.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5f9ef42dfd2e3155724a4f0da207de04593240ff95ba7a4a3bed3588abf1a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:43:28 GMT
x-content-type-options
nosniff
age
1711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4522
x-xss-protection
0
server
sffe
etag
"1570471005"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 27 Jun 2022 19:43:28 GMT
3_0_CCCCCCFF_CCCCCCFF_0_pageviews
informer.yandex.ru/informer/50728582/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://informer.yandex.ru/informer/50728582/3_0_CCCCCCFF_CCCCCCFF_0_pageviews
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
0738b800515f578917fe20128202c356b14da87f0125731ec04e9e9922a228d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Mon, 27-Jun-2022 18:11:59 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1158
x-xss-protection
1; mode=block
expires
Mon, 27-Jun-2022 18:11:59 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=1553192;t=487;l=1
  • https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
85f33cc0e89c76e90ba10188f1a02e0afc7feade28d23fbc967c9bc52180a81d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
1520
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=1553192;t=487;l=1
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
UG-7B3hLOW4
www.youtube.com/embed/ Frame 4ED0 		57 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/UG-7B3hLOW4
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
30b77db0734e4305ec1bc02092306e77c52cc2630dd225ca3ec56317b4fc9d7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://salda.ws/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Mon, 27 Jun 2022 18:11:59 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
watch.js
mc.yandex.ru/metrika/ 		158 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
br
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-dd8a"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
56714
expires
Mon, 27 Jun 2022 19:11:59 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u0438%...
  • https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u043...
224 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.766299953501878
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
HTTP/1.1
Server
88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host152.rax.ru
Software
nginx/1.17.9 /
Resource Hash
cdc9c4f994cc799465bfa64ab71b84ed4f0c1b165675c4d0d397ec7261683406
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 27 Jun 2022 18:11:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
224
Expires
Sat, 26 Jun 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 27 Jun 2022 18:11:59 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t17.3;r;s1600*1200*24;uhttps%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;hDaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB%21%2C%20%u0412%u0438%u0434%u0435%u043E%2C%20%u0421%u043C%u043E%u0442%u0440%u0435%u0442%u044C%20%u043E%u043D%u043B%u0430%u0439%u043D;0.766299953501878
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sat, 26 Jun 2021 21:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Wed, 22 Dec 2021 12:22:53 GMT
server
nginx
etag
W/"61c3189d-6a23"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Mon, 27 Jun 2022 19:11:59 GMT
bg_3.jpg
salda.ws/img/bg/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://salda.ws/img/bg/bg_3.jpg
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
785a34cbb4b994c5f959804d4d49c0fbf7633f728d2f1483d0b4cd71a9f21bb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
last-modified
Fri, 21 Dec 2018 07:47:42 GMT
server
nginx
etag
"5c1c9a9e-a45"
strict-transport-security
max-age=31536000;
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2629
expires
Wed, 27 Jul 2022 18:11:59 GMT
nat-set
salda.realpush.digital/ 		129 B
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://salda.realpush.digital/nat-set
Requested by
Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.75.12 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.75.69.159.clients.your-server.de
Software
nginx /
Resource Hash
e2a086e18982ed3bf075f978cadecfb00423ba6e58b4fb94fd43f33e4678853c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 18:11:59 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
strict-transport-security
max-age=63072000
access-control-allow-headers
*
content-length
111
expires
Thu, 19 Nov 1981 08:52:00 GMT
nat-set
salda.realpush.digital/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://salda.realpush.digital/nat-set
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
159.69.75.12 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.12.75.69.159.clients.your-server.de
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://salda.ws
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
2
content-type
text/html; charset=UTF-8
date
Mon, 27 Jun 2022 18:11:59 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
strict-transport-security
max-age=63072000
www-player.css
www.youtube.com/s/player/9c24c545/ Frame 4ED0 		339 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c24c545/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
738549fad732c39ac3177e7916e8234c2f5a8d3d82f9f428af53d623a0536ead
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 12:51:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
19211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47707
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:15:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 12:51:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4ED0 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 11:18:05 GMT
x-content-type-options
nosniff
age
543234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 21 Jun 2023 11:18:05 GMT
www-embed-player.js
www.youtube.com/s/player/9c24c545/www-embed-player.vflset/ Frame 4ED0 		301 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c24c545/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 07:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
38506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95238
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:15:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 07:30:13 GMT
base.js
www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/ Frame 4ED0 		2 MB
535 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f78469df942a22b446079a57b09b2e1dbf29c6e545e6b90d26f4f535738db9e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 18:32:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
257974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
547464
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:15:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Jun 2023 18:32:25 GMT
fetch-polyfill.js
www.youtube.com/s/player/9c24c545/fetch-polyfill.vflset/ Frame 4ED0 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c24c545/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 17:42:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
1786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:15:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 27 Jun 2023 17:42:13 GMT
push-get
select4.pstatrbnew.bid/ 		4 B
207 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://select4.pstatrbnew.bid/push-get
Requested by
Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.10.194.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-194-206.clients.your-server.de
Software
cloudflare-nginx /
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
server
cloudflare-nginx
strict-transport-security
max-age=63072000
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
4
push-get
select4.pstatrbnew.bid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://select4.pstatrbnew.bid/push-get
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.10.194.206 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.85-10-194-206.clients.your-server.de
Software
cloudflare-nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://salda.ws
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 27 Jun 2022 18:11:59 GMT
server
cloudflare-nginx
counter
top-fwz1.mail.ru/ 		43 B
908 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=1553192;u=https%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;st=1656353519580;title=Daisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=c4d1d5e295abe8de;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=10//4g/0/0/;lvid=1656353519879%3A1656353519895%3A1%3A697f16b8555b98adbe5597e8528d0d38;visible=true;_=0.7116334897825911
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://salda.ws
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://salda.ws
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://salda.ws
access-control-allow-headers
*
id
googleads.g.doubleclick.net/pagead/ Frame 4ED0
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UG-7B3hLOW4
Protocol
H3
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54175d1d08dd5170eed0a05228ef21e3fc4928feb75c03d3f5279f61c428e5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 27 Jun 2022 18:12:00 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4ED0 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:04:42 GMT
x-content-type-options
nosniff
age
438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Jun 2022 18:19:42 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 27 Jun 2022 18:12:00 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4ED0 		63 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10e774503052a0e07ff6fd61a962071b8a50a723062f6ac94061d4696b57be70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30029
x-xss-protection
0
qoe
www.youtube.com/api/stats/ Frame 4ED0 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?cpn=0tqo5aZ9YQfMjKnS&el=embedded&ns=yt&fexp=23858057%2C23940247%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24067852%2C24080738%2C24135310%2C24169501%2C24175559%2C24196186%2C24199710%2C24210191%2C24221533%2C24222539%2C39321934&cl=457028999&seq=1&event=streamingstats&docid=UG-7B3hLOW4&cbr=Chrome&cbrver=103.0.5060.53&c=WEB_EMBEDDED_PLAYER&cver=1.20220622.01.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.000:ER&cmt=0.000:0.000,0.000:0.000&error=0.000:auth::0.000:0;a6s.0&vis=0.000:0&bh=0.000:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
X-YouTube-Client-Version
1.20220622.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtXRHAxN0pvY01CQSjv5eeVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656353519910&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C924%2C517&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 18:11:59 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/ Frame 4ED0 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da6e6b220d9d476dd5842362b38eddba2ac70ee20a476d2ad789d112cdabad79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 24 Jun 2022 18:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
257974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8112
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 17:15:44 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 24 Jun 2023 18:32:26 GMT
truncated
/ Frame 4ED0 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
741659204b21c6bc9c6ed8678ae80056eabb4c74a42cd92996bb47e461748b6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9682.LK5IwgnzYxFAskXQ6jINTJ29Jk7dXuXIH9sj7mIPTw1Xfgx1GXVltGRdJbDD439Q.JAq3iV9FYWcLrzzdVBZxEc1k8Y0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9682.FM0pJ0HTGfYWUcEQ36qJNsBlW5kqbwia7C_S8A8_Rva2YWhmVsadKBZArlxmwESwt_mI_GWi5Rn-qYycBgKcKQ%2C%2C.LO-5xe2zigtDb9U7-6WVng46GBI%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9682.FM0pJ0HTGfYWUcEQ36qJNsBlW5kqbwia7C_S8A8_Rva2YWhmVsadKBZArlxmwESwt_mI_GWi5Rn-qYycBgKcKQ%2C%2C.LO-5xe2zigtDb9U7-6WVng46GBI%2C
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9682.FM0pJ0HTGfYWUcEQ36qJNsBlW5kqbwia7C_S8A8_Rva2YWhmVsadKBZArlxmwESwt_mI_GWi5Rn-qYycBgKcKQ%2C%2C.LO-5xe2zigtDb9U7-6WVng46GBI%2C
date
Mon, 27 Jun 2022 18:12:00 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: salda.ws
URL: https://salda.ws/video.php?id=UG-7B3hLOW4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
last-modified
Fri, 24 Jun 2022 09:57:02 GMT
etag
"62b5603e-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 27 Jun 2022 19:12:00 GMT
f9e0dc4efefbcdabcfc5.js
yastatic.net/partner-code-bundles/603340/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/603340/f9e0dc4efefbcdabcfc5.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
c639beb6f03a59c137ef5bb878a82c9e86dc7d416173c755be07e0fcf9ddf1e2
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://salda.ws/
Origin
https://salda.ws
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4465
last-modified
Fri, 24 Jun 2022 15:07:44 GMT
server
nginx/1.17.9
etag
"1d1ac4ca2667ef9cf597d54e7a07346f"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2052 00:44:24 GMT
4a7bca7dd20c8480b415.js
yastatic.net/partner-code-bundles/603340/ 		85 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/603340/4a7bca7dd20c8480b415.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0cd11aaac5697e148a56ec472f807d6d86ad01cb2ed0e9413188904a0d04ce5c
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://salda.ws/
Origin
https://salda.ws
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17734
last-modified
Fri, 24 Jun 2022 15:07:44 GMT
server
nginx/1.17.9
etag
"a02d3f6f8387716168d72c64893f568d"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2052 00:44:24 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://salda.ws/
Origin
https://salda.ws
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2052 00:45:40 GMT
323840
yandex.ru/ads/meta/ 		419 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&pcode-test-ids=586231%2C0%2C33%3B586081%2C0%2C39%3B600011%2C0%2C98%3B593305%2C0%2C8%3B590119%2C0%2C88%3B594014%2C0%2C60%3B598479%2C0%2C5%3B603199%2C0%2C97%3B600815%2C0%2C73%3B598722%2C0%2C8%3B603340%2C0%2C70%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1&pcode-flags-map=eJytWNuO2zYQ%2FZXCz0FA3Swpb5RE28RKpEJSvqQoiG2zb4uiaDZFgSD%2F3kOJvkj2yrtAH9fQHJIzZ86c2R%2BLLdVWsJ0taV1bIy0tDZfCGrY3i0%2B%2F%2Flj88%2Fj8%2FWnxaWFUxxYfFi9P3174V%2FydJAnJ4sXP3z4smKBFzWwndNe2UhlW2VrSiimrS8VbY7Uq7Y4qwcX6DmaaxGmPqVjLqLHbhrZWsc8d08bSlQEmF0rW9TxOmsbBssdxzyul0Ly%2FzkburOEGl6WisoWsDpZWtqWKNgzY86DZMgmiEyhnVhvZWmk2QDYbKmzT1Ybfv1yWJuHyCufdwXwtpGK24Voj4RU1dHiItiup7BYPlsgVHt8UcoT59O9fI8icxElyug%2FtjFwzwRR1dWxp%2BYCsGVt1%2BAHEGCFFY5yYkPyE40nhqHUGYRq3to2s2AhHivpgWc0aJgzKVfPywQW%2Fgu6RG7q3G8bXG3MqMPj17scnURD2sOA%2F2NGXoQV8jzHk0qzpHYyYnBOoWCO3zCrhiWVXSja25uJhvrJ5GsTJJWe3TBkr68qWbek6E0RrmGVNaw6zSEtCsiA9IWnTpwtoelo%2FfJnmyTg2CqLId6Dvumol93iK2dhWsRXfjyAev36bxEfhEN8ytWIlWrgd91XwMRpHhGkyFLYT3OuGyzpt2su4l7%2B%2FP12ExWEW5WQI02gh7YRhGjOt1EUQ2l4zJqwsNFPbSes%2F%2Ffn4%2B%2FPTKDJahvmQU2QATSeO3BNm%2Fsg4ifKgD%2FzCRAh2%2BCYIA%2Fs5QnFYa6NZgCQM8yGjpeyEcUzYb9RsSJZm4SDNB%2Bgc21vV2Uo2lItZHpM0jLwwjRrIrrq6hpQjX7PxAUpPTjkqlHxAgpEfu1a8mo9Moa43L2wrro3ixWx4GJBlfM6xu67d8QqM5Q1ds9nYOIgzco7FcX27FFI5Iipa8U7%2F8kaEA3X3Hi5sab2jBz0fGaWeG9XKjTndQsgYJlTDZDcevyEhZBwbk2h4c1tCT3sNhHzOn5cAxtPfNbVirt%2BO51m2n6UyjkzT8Dqcr9wQ3TmpuceQVxCOF9jSuhtVKyK3o%2F0IGNjJRYsiW6qa%2BbOXge8jWjlp5bo3Eyt5rc3T0IQQL801g43BAMPg3VLF6STh4TTMl3fST4rBDVUYr29sLCAda00VCAKzQs90YUpBLms58lbJKD4j8VD3VnGpuDnY4oAJx3bOrs0evUyXXjHd51ZIw0sG19KsZ8PSEHF9mNYtvGW5Ye6GFkOhnLA0IKMip0mQxxcUIXuC2QUxkNrw2TOzIPFn9gP45DogmH2LzAeHeOnQijAihllIGAq0U7TFnY9i%2Fw5jkWFiDMXHMCv96ydiNJlpSZaFyUDwowxVXLkZWupZwU%2FyIM0uBJDDP1CwAsO7dOnWc4fmURIEo9heNDUU1GxcV7a0quCs5kHixDOsH1LOER9aNj%2FZEAQ3e1HqBmvClmte8JqPPc71cbmv1q1Ii%2F2lN5F3Tj9iKFNcdCKWForMr7AIyVHWg4%2FB2K9FWXSKf3dQbzQLKuC0sTnxFQfbuMscMOapmmdhml483oMM3HQbHIxnTQ8F%2BO%2BmgnFLxdTgjCHhweJoIN6mmJihJM%2FDnIw%2BjkicTe1uuXHKZN5qdrNlGAUnjH4IrJWrm27cHnpDJhb%2BKRMYWN3LbWhIQkPVeuJ1%2Fnh5nnhkEpwvcJwnaHa3Q0AcK7kTV88ozfj4PIoujP8NEFg9GD5bcOPWqXdgOU%2FrVidvFqE4mjduLdEd3OrEVlyvEnjb1SbWtVW%2F0jVyWPApzLbyB9yBi0kQn%2BBaCDE0wd3QMctiJJ5%2B0AxVqsa3C0IyoW%2Bc5q%2BiDZet7lzoBEErXT1M7btbYvJ8utbk%2BU1ry5V2rKVYrfDj4KVAaN9PdziEkeNFT8D0da75rf7cUTVUr1h7H3mnn9MwPDu5G6%2BJYjJ5TeTVdq1oEc5P4jgg8flb8OjLiIgJ6jP3%2FQ0zGiSvRAx65P0YOKaYEyJnsrhwuowuKB%2F6JX2yRV4NzzRMslvlcjzx1rxXGkiOmc6ma7QsOLbWq2iD0f%2B%2FQCu2otD3I%2Fjwf5k3wf38D412rzs%3D&pcode-icookie=Dm8N%2FFiUalt3ZNKYMkEQ0YsDqptjxnGIUwm7mFeH%2F5vCI4GjF%2Bwz%2FbYaJug9A0EpDoZGvX9bnZHgwZANRR30WwQEsOU%3D&duid=MTY1NjM1MzUyMDQ4ODU0OTE3NQ%3D%3D&imp-id=26&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=112150186033154&ad-session-id=4069701656353520074&target-id=37063393&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=603340&pcodever=603340&flash-ver=0&available-width=1600&available-height=1151&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1600%2C%22h%22%3A1151%2C%22width%22%3A1600%2C%22height%22%3A1151%2C%22visible%22%3A0%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A0%2C%22top%22%3A1200%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=2304&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDN9ChKnpLDkuOuBMFDHDvS71U7Ofss3jho05VMHfRPa-6pqyiHiHe4UopSIMhrSb0mW5esrq5VVt7J9K-A_2st7pAA9EcAVxkzJJ4diVVYlWPfOoRBjBjGI0YwxcyLT7DEFd_ymEUeJpIx6mr26tuqfQWtmqN6o0VRW5vqNao3uK6b6TVY1wqevLShA_xB6iBtCDPFCjIMhDrFCjIAsgBviHUf6IUaIGWKHRCH4EBMlB9iUfpR2eSTLbXb5mIXNHvUoHzYAfIzd5Re1y0Y0P5uygchdjLhMunQLur9Ms2hkESK3MUllr01f32U9it8oyVAIV36wyCLEudWYB3Br3yyfMsVINLTqMalHErtdNrvLj7UiLShs9qJTi3nJRTTvNvu0fQhMS5hgnwMSu2se3WUVsQB52RBc8MkDshCXjwWIjfB147fteC2u3tdQQsIAuIDkbq_3quJ69hLfLdFGxrMulHvBbynhhhCuE4QD4z0YbgAnxOJjhdbCinObsFrKBCGR9_iWPMHtIw9g8rFAunsIfuoBbL60XRsnF1pgGj9tIfSAPMT7ffK90agfhBajAKYXI-RjBOzSxg5Ibi4m71aoG86Djr-JbLRRNaOa3Hg5B1gQ7zNWDuGnL_MZx4jc1IqUUrkW4LZ5WwSAYBLiud4ZieYp8rSkUTbC5D6vQV27P8DzXTNEcQiXSJAHcBp3xn2wMAIy_ifaNJEJgYilM0MvLImiNFMqFGVaXFm7a9nAdIPpBpjdQgYj2KEoFbm7kQFozZKWDKxGXdGK23Qg-NX2B5l01f-foWCfmSz90xsnRiFe5_U3toD87X7BVeqTN7horRjcNwGhfXwcar5R-xCoI5MgNa2K5SuPgORIo6AyFUoBFek5OGXci6FshOaIDgfHZRjAuCuSdzg5EH-Ij-zZWZAiZXE6-JQrPw2nk8WJhMXBLlTxYs2npAX01sYK8iVP1OKFERI26QVRrHVOn4gksABtoJsW3Q4iTxYvfSvQ55G3cq7CXIG-0cNeFwWk5wEScHla7O6jGYB4tAC_knjg8PsU063kPX5D_Ewp1Ufy8UaL4el7nr95RqX86VLJn7JYZtNMaJ5-KNA_J9q1JZlU-d-tJUlpRubZrU7P9dEzjVwqm1nGsi-VRDHWv1k28ueq5CNNKJA_5xuyjfdbX2fICq-Cag3C-qnjZ1RrnnnKegbPs7Oaydy1VNkJV1kaR4tzpE0O13j0vx92MaHug-pZna_rmSQa8VslJzZn3qfnIf14RSqBJ49avM3qumY01KrqZRTxvVIcG-VziQKL3POeQWvRwDdomZ_decXoVFWtpvuDyifdnquGX6lrXa2n88vSef0xdppL4dlfd_o4_yrp1LxGWPwR87ktO8WoNtRaE_entLSC_kHhtSMrRlKmR3zfGvfJ8ozynneptGcj5v7yQBfJyO60vZYU55N4UH4xssXLn8EOaY9vnddKOcVXwvvfMsrDfjSIjPksR7M8lTyV5MVrx45H0OMeeZ5aY5p1kup8l8G78a_JBE6q9OgUI11DjHhO9igo-Ovl8_oc9iozg_58abIaVMddWNQM5sqg0Z6d6A71frZp6lOR93LGnt9sbzKoKga1ZS0bgcFUa1RfzSOq3zCdbfxZfDPuw5T6L0fbzKBSHZyXC0Fh6lnRQUazUZVBj_DVGqvpa_iMeqtBW5ueSUP_leYt9ausxvpB9fytKaV5mmx4agRrRfoLcb6uEAwOl8PpcCLnnWOPI0mi2HfGPsoLuYb29UvIdKPo882SpKeS-M2pJIuKI0Xxs3neotfctfMsr7jQynr-ulmcfGJOqZL-OubDZQ0pT4cugRR0ptmqqoX6hDWLLE2GMhm5knpNOP68ZzRKXyK4ffwBTkOwE_mINLwAVgAsuJSJMNLWlwanUu79Q8AaSpjMx-QIC3Men6JxtGl6ildZrmkmJ7gdTidonOd0h7dMaUggzBCDswlBMcJ394sFIWlDWYMXXPxiVPbKWKJFCh0C9eTxyZOVAsRtzjKL0MyNpme-xwCplVyhhIUGbSVZk2chzkUOpggKsS9mAli-xFtkBOFiEYC_zAnvGk-oD3-_jlUQvSgYiXjmxURGFYupooOQzZ4jSyQiKEg4EbM5OVnZHJysrKxIPWSIOBxJPz3l9lFjh52EffvJf1HIh9lc4Oc3WCzPenhsgOoK4Tomoxs1CL3bq9PsFuchHHxAghPA3fGcr3aj3uYDy-5qwB4D-g%3D%3D&uniformat=true&callback=Ya%5B6909848439989%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
f29eb0f1ca5026df97c355758aa8d9a8e75419aca10f66182b037fb6ae53be88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1656353520124195-15528989362496426570-sas3-0969-abf-sas-l7-balancer-8080-BAL-7347
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
None
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 27 Jun 2022 18:12:00 GMT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salda.ws
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 27 Jun 2022 18:12:00 GMT
12e620142def8b3955ee.js
yastatic.net/partner-code-bundles/603340/ 		537 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/603340/12e620142def8b3955ee.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7367d7a4bc7f5bbebd4fc2d8f617b64fa12912724aae1ca4f1e6771c055782cd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://salda.ws/
Origin
https://salda.ws
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
111921
last-modified
Fri, 24 Jun 2022 15:07:43 GMT
server
nginx/1.17.9
etag
"7d367d9775e5f354fefeddc8c5bd6daa"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jun 2052 00:44:28 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4ED0 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f8c8e1a9cffbd133db8b7791bb99a443db6a88ccfab8f4acffa3d7dc8550600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Mon, 27 Jun 2022 18:12:00 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
50728582
mc.yandex.com/watch/ 		0
0
50728582
mc.yandex.com/watch/ 		0
0
323840
mc.yandex.com/watch/ 		0
0
323840
yandex.ru/ads/meta/ 		425 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&pcode-test-ids=586231%2C0%2C33%3B586081%2C0%2C39%3B600011%2C0%2C98%3B593305%2C0%2C8%3B590119%2C0%2C88%3B594014%2C0%2C60%3B598479%2C0%2C5%3B603199%2C0%2C97%3B600815%2C0%2C73%3B598722%2C0%2C8%3B603340%2C0%2C70%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1&pcode-flags-map=eJytWNuO2zYQ%2FZXCz0FA3Swpb5RE28RKpEJSvqQoiG2zb4uiaDZFgSD%2F3kOJvkj2yrtAH9fQHJIzZ86c2R%2BLLdVWsJ0taV1bIy0tDZfCGrY3i0%2B%2F%2Flj88%2Fj8%2FWnxaWFUxxYfFi9P3174V%2FydJAnJ4sXP3z4smKBFzWwndNe2UhlW2VrSiimrS8VbY7Uq7Y4qwcX6DmaaxGmPqVjLqLHbhrZWsc8d08bSlQEmF0rW9TxOmsbBssdxzyul0Ly%2FzkburOEGl6WisoWsDpZWtqWKNgzY86DZMgmiEyhnVhvZWmk2QDYbKmzT1Ybfv1yWJuHyCufdwXwtpGK24Voj4RU1dHiItiup7BYPlsgVHt8UcoT59O9fI8icxElyug%2FtjFwzwRR1dWxp%2BYCsGVt1%2BAHEGCFFY5yYkPyE40nhqHUGYRq3to2s2AhHivpgWc0aJgzKVfPywQW%2Fgu6RG7q3G8bXG3MqMPj17scnURD2sOA%2F2NGXoQV8jzHk0qzpHYyYnBOoWCO3zCrhiWVXSja25uJhvrJ5GsTJJWe3TBkr68qWbek6E0RrmGVNaw6zSEtCsiA9IWnTpwtoelo%2FfJnmyTg2CqLId6Dvumol93iK2dhWsRXfjyAev36bxEfhEN8ytWIlWrgd91XwMRpHhGkyFLYT3OuGyzpt2su4l7%2B%2FP12ExWEW5WQI02gh7YRhGjOt1EUQ2l4zJqwsNFPbSes%2F%2Ffn4%2B%2FPTKDJahvmQU2QATSeO3BNm%2Fsg4ifKgD%2FzCRAh2%2BCYIA%2Fs5QnFYa6NZgCQM8yGjpeyEcUzYb9RsSJZm4SDNB%2Bgc21vV2Uo2lItZHpM0jLwwjRrIrrq6hpQjX7PxAUpPTjkqlHxAgpEfu1a8mo9Moa43L2wrro3ixWx4GJBlfM6xu67d8QqM5Q1ds9nYOIgzco7FcX27FFI5Iipa8U7%2F8kaEA3X3Hi5sab2jBz0fGaWeG9XKjTndQsgYJlTDZDcevyEhZBwbk2h4c1tCT3sNhHzOn5cAxtPfNbVirt%2BO51m2n6UyjkzT8Dqcr9wQ3TmpuceQVxCOF9jSuhtVKyK3o%2F0IGNjJRYsiW6qa%2BbOXge8jWjlp5bo3Eyt5rc3T0IQQL801g43BAMPg3VLF6STh4TTMl3fST4rBDVUYr29sLCAda00VCAKzQs90YUpBLms58lbJKD4j8VD3VnGpuDnY4oAJx3bOrs0evUyXXjHd51ZIw0sG19KsZ8PSEHF9mNYtvGW5Ye6GFkOhnLA0IKMip0mQxxcUIXuC2QUxkNrw2TOzIPFn9gP45DogmH2LzAeHeOnQijAihllIGAq0U7TFnY9i%2Fw5jkWFiDMXHMCv96ydiNJlpSZaFyUDwowxVXLkZWupZwU%2FyIM0uBJDDP1CwAsO7dOnWc4fmURIEo9heNDUU1GxcV7a0quCs5kHixDOsH1LOER9aNj%2FZEAQ3e1HqBmvClmte8JqPPc71cbmv1q1Ii%2F2lN5F3Tj9iKFNcdCKWForMr7AIyVHWg4%2FB2K9FWXSKf3dQbzQLKuC0sTnxFQfbuMscMOapmmdhml483oMM3HQbHIxnTQ8F%2BO%2BmgnFLxdTgjCHhweJoIN6mmJihJM%2FDnIw%2BjkicTe1uuXHKZN5qdrNlGAUnjH4IrJWrm27cHnpDJhb%2BKRMYWN3LbWhIQkPVeuJ1%2Fnh5nnhkEpwvcJwnaHa3Q0AcK7kTV88ozfj4PIoujP8NEFg9GD5bcOPWqXdgOU%2FrVidvFqE4mjduLdEd3OrEVlyvEnjb1SbWtVW%2F0jVyWPApzLbyB9yBi0kQn%2BBaCDE0wd3QMctiJJ5%2B0AxVqsa3C0IyoW%2Bc5q%2BiDZet7lzoBEErXT1M7btbYvJ8utbk%2BU1ry5V2rKVYrfDj4KVAaN9PdziEkeNFT8D0da75rf7cUTVUr1h7H3mnn9MwPDu5G6%2BJYjJ5TeTVdq1oEc5P4jgg8flb8OjLiIgJ6jP3%2FQ0zGiSvRAx65P0YOKaYEyJnsrhwuowuKB%2F6JX2yRV4NzzRMslvlcjzx1rxXGkiOmc6ma7QsOLbWq2iD0f%2B%2FQCu2otD3I%2Fjwf5k3wf38D412rzs%3D&pcode-icookie=Dm8N%2FFiUalt3ZNKYMkEQ0YsDqptjxnGIUwm7mFeH%2F5vCI4GjF%2Bwz%2FbYaJug9A0EpDoZGvX9bnZHgwZANRR30WwQEsOU%3D&duid=MTY1NjM1MzUyMDQ4ODU0OTE3NQ%3D%3D&imp-id=22&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=112150186033154&ad-session-id=4069701656353520074&target-id=80189181&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=603340&pcodever=603340&flash-ver=0&available-width=914&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A914%2C%22h%22%3A0%2C%22width%22%3A914%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A198%2C%22top%22%3A265%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A1%7D&grab-orig-len=2304&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDN9ChKnpLDkuOuBMFDHDvS71U7Ofss3jho05VMHfRPa-6pqyiHiHe4UopSIMhrSb0mW5esrq5VVt7J9K-A_2st7pAA9EcAVxkzJJ4diVVYlWPfOoRBjBjGI0YwxcyLT7DEFd_ymEUeJpIx6mr26tuqfQWtmqN6o0VRW5vqNao3uK6b6TVY1wqevLShA_xB6iBtCDPFCjIMhDrFCjIAsgBviHUf6IUaIGWKHRCH4EBMlB9iUfpR2eSTLbXb5mIXNHvUoHzYAfIzd5Re1y0Y0P5uygchdjLhMunQLur9Ms2hkESK3MUllr01f32U9it8oyVAIV36wyCLEudWYB3Br3yyfMsVINLTqMalHErtdNrvLj7UiLShs9qJTi3nJRTTvNvu0fQhMS5hgnwMSu2se3WUVsQB52RBc8MkDshCXjwWIjfB147fteC2u3tdQQsIAuIDkbq_3quJ69hLfLdFGxrMulHvBbynhhhCuE4QD4z0YbgAnxOJjhdbCinObsFrKBCGR9_iWPMHtIw9g8rFAunsIfuoBbL60XRsnF1pgGj9tIfSAPMT7ffK90agfhBajAKYXI-RjBOzSxg5Ibi4m71aoG86Djr-JbLRRNaOa3Hg5B1gQ7zNWDuGnL_MZx4jc1IqUUrkW4LZ5WwSAYBLiud4ZieYp8rSkUTbC5D6vQV27P8DzXTNEcQiXSJAHcBp3xn2wMAIy_ifaNJEJgYilM0MvLImiNFMqFGVaXFm7a9nAdIPpBpjdQgYj2KEoFbm7kQFozZKWDKxGXdGK23Qg-NX2B5l01f-foWCfmSz90xsnRiFe5_U3toD87X7BVeqTN7horRjcNwGhfXwcar5R-xCoI5MgNa2K5SuPgORIo6AyFUoBFek5OGXci6FshOaIDgfHZRjAuCuSdzg5EH-Ij-zZWZAiZXE6-JQrPw2nk8WJhMXBLlTxYs2npAX01sYK8iVP1OKFERI26QVRrHVOn4gksABtoJsW3Q4iTxYvfSvQ55G3cq7CXIG-0cNeFwWk5wEScHla7O6jGYB4tAC_knjg8PsU063kPX5D_Ewp1Ufy8UaL4el7nr95RqX86VLJn7JYZtNMaJ5-KNA_J9q1JZlU-d-tJUlpRubZrU7P9dEzjVwqm1nGsi-VRDHWv1k28ueq5CNNKJA_5xuyjfdbX2fICq-Cag3C-qnjZ1RrnnnKegbPs7Oaydy1VNkJV1kaR4tzpE0O13j0vx92MaHug-pZna_rmSQa8VslJzZn3qfnIf14RSqBJ49avM3qumY01KrqZRTxvVIcG-VziQKL3POeQWvRwDdomZ_decXoVFWtpvuDyifdnquGX6lrXa2n88vSef0xdppL4dlfd_o4_yrp1LxGWPwR87ktO8WoNtRaE_entLSC_kHhtSMrRlKmR3zfGvfJ8ozynneptGcj5v7yQBfJyO60vZYU55N4UH4xssXLn8EOaY9vnddKOcVXwvvfMsrDfjSIjPksR7M8lTyV5MVrx45H0OMeeZ5aY5p1kup8l8G78a_JBE6q9OgUI11DjHhO9igo-Ovl8_oc9iozg_58abIaVMddWNQM5sqg0Z6d6A71frZp6lOR93LGnt9sbzKoKga1ZS0bgcFUa1RfzSOq3zCdbfxZfDPuw5T6L0fbzKBSHZyXC0Fh6lnRQUazUZVBj_DVGqvpa_iMeqtBW5ueSUP_leYt9ausxvpB9fytKaV5mmx4agRrRfoLcb6uEAwOl8PpcCLnnWOPI0mi2HfGPsoLuYb29UvIdKPo882SpKeS-M2pJIuKI0Xxs3neotfctfMsr7jQynr-ulmcfGJOqZL-OubDZQ0pT4cugRR0ptmqqoX6hDWLLE2GMhm5knpNOP68ZzRKXyK4ffwBTkOwE_mINLwAVgAsuJSJMNLWlwanUu79Q8AaSpjMx-QIC3Men6JxtGl6ildZrmkmJ7gdTidonOd0h7dMaUggzBCDswlBMcJ394sFIWlDWYMXXPxiVPbKWKJFCh0C9eTxyZOVAsRtzjKL0MyNpme-xwCplVyhhIUGbSVZk2chzkUOpggKsS9mAli-xFtkBOFiEYC_zAnvGk-oD3-_jlUQvSgYiXjmxURGFYupooOQzZ4jSyQiKEg4EbM5OVnZHJysrKxIPWSIOBxJPz3l9lFjh52EffvJf1HIh9lc4Oc3WCzPenhsgOoK4Tomoxs1CL3bq9PsFuchHHxAghPA3fGcr3aj3uYDy-5qwB4D-g%3D%3D&uniformat=true&callback=Ya%5B1981947577838%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8941c9615937bbd36f0a1313ed1622a264bab35595d115645f8e0a0215985903
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1656353520486350-7973381810693181360-sas3-0969-abf-sas-l7-balancer-8080-BAL-6123
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 27 Jun 2022 18:12:00 GMT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salda.ws
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 27 Jun 2022 18:12:00 GMT
323840
mc.yandex.com/watch/ 		0
0
tracker
top-fwz1.mail.ru/ 		43 B
906 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=1553192;u=https%3A//salda.ws/video.php%3Fid%3DUG-7B3hLOW4;st=1656353519580;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=c4d1d5e295abe8de;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=0/0/1656353519213/////0/1/1/1/123/58/124/237/329/239/367/367/367/1248/1248/;ni=10//4g/0/0/;lvid=1656353519879%3A1656353520464%3A2%3A697f16b8555b98adbe5597e8528d0d38;visible=true;_=0.10960554573933368;e=RT/load;et=1656353520461
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
95.163.52.67 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://salda.ws
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://salda.ws
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://salda.ws
access-control-allow-headers
*
323840
yandex.ru/ads/meta/ 		425 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&pcode-test-ids=586231%2C0%2C33%3B586081%2C0%2C39%3B600011%2C0%2C98%3B593305%2C0%2C8%3B590119%2C0%2C88%3B594014%2C0%2C60%3B598479%2C0%2C5%3B603199%2C0%2C97%3B600815%2C0%2C73%3B598722%2C0%2C8%3B603340%2C0%2C70%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1&pcode-flags-map=eJytWNuO2zYQ%2FZXCz0FA3Swpb5RE28RKpEJSvqQoiG2zb4uiaDZFgSD%2F3kOJvkj2yrtAH9fQHJIzZ86c2R%2BLLdVWsJ0taV1bIy0tDZfCGrY3i0%2B%2F%2Flj88%2Fj8%2FWnxaWFUxxYfFi9P3174V%2FydJAnJ4sXP3z4smKBFzWwndNe2UhlW2VrSiimrS8VbY7Uq7Y4qwcX6DmaaxGmPqVjLqLHbhrZWsc8d08bSlQEmF0rW9TxOmsbBssdxzyul0Ly%2FzkburOEGl6WisoWsDpZWtqWKNgzY86DZMgmiEyhnVhvZWmk2QDYbKmzT1Ybfv1yWJuHyCufdwXwtpGK24Voj4RU1dHiItiup7BYPlsgVHt8UcoT59O9fI8icxElyug%2FtjFwzwRR1dWxp%2BYCsGVt1%2BAHEGCFFY5yYkPyE40nhqHUGYRq3to2s2AhHivpgWc0aJgzKVfPywQW%2Fgu6RG7q3G8bXG3MqMPj17scnURD2sOA%2F2NGXoQV8jzHk0qzpHYyYnBOoWCO3zCrhiWVXSja25uJhvrJ5GsTJJWe3TBkr68qWbek6E0RrmGVNaw6zSEtCsiA9IWnTpwtoelo%2FfJnmyTg2CqLId6Dvumol93iK2dhWsRXfjyAev36bxEfhEN8ytWIlWrgd91XwMRpHhGkyFLYT3OuGyzpt2su4l7%2B%2FP12ExWEW5WQI02gh7YRhGjOt1EUQ2l4zJqwsNFPbSes%2F%2Ffn4%2B%2FPTKDJahvmQU2QATSeO3BNm%2Fsg4ifKgD%2FzCRAh2%2BCYIA%2Fs5QnFYa6NZgCQM8yGjpeyEcUzYb9RsSJZm4SDNB%2Bgc21vV2Uo2lItZHpM0jLwwjRrIrrq6hpQjX7PxAUpPTjkqlHxAgpEfu1a8mo9Moa43L2wrro3ixWx4GJBlfM6xu67d8QqM5Q1ds9nYOIgzco7FcX27FFI5Iipa8U7%2F8kaEA3X3Hi5sab2jBz0fGaWeG9XKjTndQsgYJlTDZDcevyEhZBwbk2h4c1tCT3sNhHzOn5cAxtPfNbVirt%2BO51m2n6UyjkzT8Dqcr9wQ3TmpuceQVxCOF9jSuhtVKyK3o%2F0IGNjJRYsiW6qa%2BbOXge8jWjlp5bo3Eyt5rc3T0IQQL801g43BAMPg3VLF6STh4TTMl3fST4rBDVUYr29sLCAda00VCAKzQs90YUpBLms58lbJKD4j8VD3VnGpuDnY4oAJx3bOrs0evUyXXjHd51ZIw0sG19KsZ8PSEHF9mNYtvGW5Ye6GFkOhnLA0IKMip0mQxxcUIXuC2QUxkNrw2TOzIPFn9gP45DogmH2LzAeHeOnQijAihllIGAq0U7TFnY9i%2Fw5jkWFiDMXHMCv96ydiNJlpSZaFyUDwowxVXLkZWupZwU%2FyIM0uBJDDP1CwAsO7dOnWc4fmURIEo9heNDUU1GxcV7a0quCs5kHixDOsH1LOER9aNj%2FZEAQ3e1HqBmvClmte8JqPPc71cbmv1q1Ii%2F2lN5F3Tj9iKFNcdCKWForMr7AIyVHWg4%2FB2K9FWXSKf3dQbzQLKuC0sTnxFQfbuMscMOapmmdhml483oMM3HQbHIxnTQ8F%2BO%2BmgnFLxdTgjCHhweJoIN6mmJihJM%2FDnIw%2BjkicTe1uuXHKZN5qdrNlGAUnjH4IrJWrm27cHnpDJhb%2BKRMYWN3LbWhIQkPVeuJ1%2Fnh5nnhkEpwvcJwnaHa3Q0AcK7kTV88ozfj4PIoujP8NEFg9GD5bcOPWqXdgOU%2FrVidvFqE4mjduLdEd3OrEVlyvEnjb1SbWtVW%2F0jVyWPApzLbyB9yBi0kQn%2BBaCDE0wd3QMctiJJ5%2B0AxVqsa3C0IyoW%2Bc5q%2BiDZet7lzoBEErXT1M7btbYvJ8utbk%2BU1ry5V2rKVYrfDj4KVAaN9PdziEkeNFT8D0da75rf7cUTVUr1h7H3mnn9MwPDu5G6%2BJYjJ5TeTVdq1oEc5P4jgg8flb8OjLiIgJ6jP3%2FQ0zGiSvRAx65P0YOKaYEyJnsrhwuowuKB%2F6JX2yRV4NzzRMslvlcjzx1rxXGkiOmc6ma7QsOLbWq2iD0f%2B%2FQCu2otD3I%2Fjwf5k3wf38D412rzs%3D&pcode-icookie=Dm8N%2FFiUalt3ZNKYMkEQ0YsDqptjxnGIUwm7mFeH%2F5vCI4GjF%2Bwz%2FbYaJug9A0EpDoZGvX9bnZHgwZANRR30WwQEsOU%3D&duid=MTY1NjM1MzUyMDQ4ODU0OTE3NQ%3D%3D&imp-id=24&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=112150186033154&ad-session-id=4069701656353520074&target-id=26134613&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=603340&pcodever=603340&flash-ver=0&available-width=280&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A280%2C%22h%22%3A0%2C%22width%22%3A280%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A1127%2C%22top%22%3A518%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A2%7D&grab-orig-len=2304&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDN9ChKnpLDkuOuBMFDHDvS71U7Ofss3jho05VMHfRPa-6pqyiHiHe4UopSIMhrSb0mW5esrq5VVt7J9K-A_2st7pAA9EcAVxkzJJ4diVVYlWPfOoRBjBjGI0YwxcyLT7DEFd_ymEUeJpIx6mr26tuqfQWtmqN6o0VRW5vqNao3uK6b6TVY1wqevLShA_xB6iBtCDPFCjIMhDrFCjIAsgBviHUf6IUaIGWKHRCH4EBMlB9iUfpR2eSTLbXb5mIXNHvUoHzYAfIzd5Re1y0Y0P5uygchdjLhMunQLur9Ms2hkESK3MUllr01f32U9it8oyVAIV36wyCLEudWYB3Br3yyfMsVINLTqMalHErtdNrvLj7UiLShs9qJTi3nJRTTvNvu0fQhMS5hgnwMSu2se3WUVsQB52RBc8MkDshCXjwWIjfB147fteC2u3tdQQsIAuIDkbq_3quJ69hLfLdFGxrMulHvBbynhhhCuE4QD4z0YbgAnxOJjhdbCinObsFrKBCGR9_iWPMHtIw9g8rFAunsIfuoBbL60XRsnF1pgGj9tIfSAPMT7ffK90agfhBajAKYXI-RjBOzSxg5Ibi4m71aoG86Djr-JbLRRNaOa3Hg5B1gQ7zNWDuGnL_MZx4jc1IqUUrkW4LZ5WwSAYBLiud4ZieYp8rSkUTbC5D6vQV27P8DzXTNEcQiXSJAHcBp3xn2wMAIy_ifaNJEJgYilM0MvLImiNFMqFGVaXFm7a9nAdIPpBpjdQgYj2KEoFbm7kQFozZKWDKxGXdGK23Qg-NX2B5l01f-foWCfmSz90xsnRiFe5_U3toD87X7BVeqTN7horRjcNwGhfXwcar5R-xCoI5MgNa2K5SuPgORIo6AyFUoBFek5OGXci6FshOaIDgfHZRjAuCuSdzg5EH-Ij-zZWZAiZXE6-JQrPw2nk8WJhMXBLlTxYs2npAX01sYK8iVP1OKFERI26QVRrHVOn4gksABtoJsW3Q4iTxYvfSvQ55G3cq7CXIG-0cNeFwWk5wEScHla7O6jGYB4tAC_knjg8PsU063kPX5D_Ewp1Ufy8UaL4el7nr95RqX86VLJn7JYZtNMaJ5-KNA_J9q1JZlU-d-tJUlpRubZrU7P9dEzjVwqm1nGsi-VRDHWv1k28ueq5CNNKJA_5xuyjfdbX2fICq-Cag3C-qnjZ1RrnnnKegbPs7Oaydy1VNkJV1kaR4tzpE0O13j0vx92MaHug-pZna_rmSQa8VslJzZn3qfnIf14RSqBJ49avM3qumY01KrqZRTxvVIcG-VziQKL3POeQWvRwDdomZ_decXoVFWtpvuDyifdnquGX6lrXa2n88vSef0xdppL4dlfd_o4_yrp1LxGWPwR87ktO8WoNtRaE_entLSC_kHhtSMrRlKmR3zfGvfJ8ozynneptGcj5v7yQBfJyO60vZYU55N4UH4xssXLn8EOaY9vnddKOcVXwvvfMsrDfjSIjPksR7M8lTyV5MVrx45H0OMeeZ5aY5p1kup8l8G78a_JBE6q9OgUI11DjHhO9igo-Ovl8_oc9iozg_58abIaVMddWNQM5sqg0Z6d6A71frZp6lOR93LGnt9sbzKoKga1ZS0bgcFUa1RfzSOq3zCdbfxZfDPuw5T6L0fbzKBSHZyXC0Fh6lnRQUazUZVBj_DVGqvpa_iMeqtBW5ueSUP_leYt9ausxvpB9fytKaV5mmx4agRrRfoLcb6uEAwOl8PpcCLnnWOPI0mi2HfGPsoLuYb29UvIdKPo882SpKeS-M2pJIuKI0Xxs3neotfctfMsr7jQynr-ulmcfGJOqZL-OubDZQ0pT4cugRR0ptmqqoX6hDWLLE2GMhm5knpNOP68ZzRKXyK4ffwBTkOwE_mINLwAVgAsuJSJMNLWlwanUu79Q8AaSpjMx-QIC3Men6JxtGl6ildZrmkmJ7gdTidonOd0h7dMaUggzBCDswlBMcJ394sFIWlDWYMXXPxiVPbKWKJFCh0C9eTxyZOVAsRtzjKL0MyNpme-xwCplVyhhIUGbSVZk2chzkUOpggKsS9mAli-xFtkBOFiEYC_zAnvGk-oD3-_jlUQvSgYiXjmxURGFYupooOQzZ4jSyQiKEg4EbM5OVnZHJysrKxIPWSIOBxJPz3l9lFjh52EffvJf1HIh9lc4Oc3WCzPenhsgOoK4Tomoxs1CL3bq9PsFuchHHxAghPA3fGcr3aj3uYDy-5qwB4D-g%3D%3D&uniformat=true&callback=Ya%5B4994592978181%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
eaf4361975fee3754fad7372c4df9baaea52cc461ad55e63d36b1622874dbf01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Jun 2022 18:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr
true
x-yandex-req-id
1656353520695914-11682714721109045238-sas3-0969-abf-sas-l7-balancer-8080-BAL-48
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 27 Jun 2022 18:12:00 GMT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salda.ws
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 27 Jun 2022 18:12:00 GMT
323840
yandex.ru/ads/meta/ 		425 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/meta/323840?target-ref=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&pcode-test-ids=586231%2C0%2C33%3B586081%2C0%2C39%3B600011%2C0%2C98%3B593305%2C0%2C8%3B590119%2C0%2C88%3B594014%2C0%2C60%3B598479%2C0%2C5%3B603199%2C0%2C97%3B600815%2C0%2C73%3B598722%2C0%2C8%3B603340%2C0%2C70%3B574104%2C0%2C-1%3B587258%2C0%2C-1%3B588105%2C0%2C-1&pcode-flags-map=eJytWNuO2zYQ%2FZXCz0FA3Swpb5RE28RKpEJSvqQoiG2zb4uiaDZFgSD%2F3kOJvkj2yrtAH9fQHJIzZ86c2R%2BLLdVWsJ0taV1bIy0tDZfCGrY3i0%2B%2F%2Flj88%2Fj8%2FWnxaWFUxxYfFi9P3174V%2FydJAnJ4sXP3z4smKBFzWwndNe2UhlW2VrSiimrS8VbY7Uq7Y4qwcX6DmaaxGmPqVjLqLHbhrZWsc8d08bSlQEmF0rW9TxOmsbBssdxzyul0Ly%2FzkburOEGl6WisoWsDpZWtqWKNgzY86DZMgmiEyhnVhvZWmk2QDYbKmzT1Ybfv1yWJuHyCufdwXwtpGK24Voj4RU1dHiItiup7BYPlsgVHt8UcoT59O9fI8icxElyug%2FtjFwzwRR1dWxp%2BYCsGVt1%2BAHEGCFFY5yYkPyE40nhqHUGYRq3to2s2AhHivpgWc0aJgzKVfPywQW%2Fgu6RG7q3G8bXG3MqMPj17scnURD2sOA%2F2NGXoQV8jzHk0qzpHYyYnBOoWCO3zCrhiWVXSja25uJhvrJ5GsTJJWe3TBkr68qWbek6E0RrmGVNaw6zSEtCsiA9IWnTpwtoelo%2FfJnmyTg2CqLId6Dvumol93iK2dhWsRXfjyAev36bxEfhEN8ytWIlWrgd91XwMRpHhGkyFLYT3OuGyzpt2su4l7%2B%2FP12ExWEW5WQI02gh7YRhGjOt1EUQ2l4zJqwsNFPbSes%2F%2Ffn4%2B%2FPTKDJahvmQU2QATSeO3BNm%2Fsg4ifKgD%2FzCRAh2%2BCYIA%2Fs5QnFYa6NZgCQM8yGjpeyEcUzYb9RsSJZm4SDNB%2Bgc21vV2Uo2lItZHpM0jLwwjRrIrrq6hpQjX7PxAUpPTjkqlHxAgpEfu1a8mo9Moa43L2wrro3ixWx4GJBlfM6xu67d8QqM5Q1ds9nYOIgzco7FcX27FFI5Iipa8U7%2F8kaEA3X3Hi5sab2jBz0fGaWeG9XKjTndQsgYJlTDZDcevyEhZBwbk2h4c1tCT3sNhHzOn5cAxtPfNbVirt%2BO51m2n6UyjkzT8Dqcr9wQ3TmpuceQVxCOF9jSuhtVKyK3o%2F0IGNjJRYsiW6qa%2BbOXge8jWjlp5bo3Eyt5rc3T0IQQL801g43BAMPg3VLF6STh4TTMl3fST4rBDVUYr29sLCAda00VCAKzQs90YUpBLms58lbJKD4j8VD3VnGpuDnY4oAJx3bOrs0evUyXXjHd51ZIw0sG19KsZ8PSEHF9mNYtvGW5Ye6GFkOhnLA0IKMip0mQxxcUIXuC2QUxkNrw2TOzIPFn9gP45DogmH2LzAeHeOnQijAihllIGAq0U7TFnY9i%2Fw5jkWFiDMXHMCv96ydiNJlpSZaFyUDwowxVXLkZWupZwU%2FyIM0uBJDDP1CwAsO7dOnWc4fmURIEo9heNDUU1GxcV7a0quCs5kHixDOsH1LOER9aNj%2FZEAQ3e1HqBmvClmte8JqPPc71cbmv1q1Ii%2F2lN5F3Tj9iKFNcdCKWForMr7AIyVHWg4%2FB2K9FWXSKf3dQbzQLKuC0sTnxFQfbuMscMOapmmdhml483oMM3HQbHIxnTQ8F%2BO%2BmgnFLxdTgjCHhweJoIN6mmJihJM%2FDnIw%2BjkicTe1uuXHKZN5qdrNlGAUnjH4IrJWrm27cHnpDJhb%2BKRMYWN3LbWhIQkPVeuJ1%2Fnh5nnhkEpwvcJwnaHa3Q0AcK7kTV88ozfj4PIoujP8NEFg9GD5bcOPWqXdgOU%2FrVidvFqE4mjduLdEd3OrEVlyvEnjb1SbWtVW%2F0jVyWPApzLbyB9yBi0kQn%2BBaCDE0wd3QMctiJJ5%2B0AxVqsa3C0IyoW%2Bc5q%2BiDZet7lzoBEErXT1M7btbYvJ8utbk%2BU1ry5V2rKVYrfDj4KVAaN9PdziEkeNFT8D0da75rf7cUTVUr1h7H3mnn9MwPDu5G6%2BJYjJ5TeTVdq1oEc5P4jgg8flb8OjLiIgJ6jP3%2FQ0zGiSvRAx65P0YOKaYEyJnsrhwuowuKB%2F6JX2yRV4NzzRMslvlcjzx1rxXGkiOmc6ma7QsOLbWq2iD0f%2B%2FQCu2otD3I%2Fjwf5k3wf38D412rzs%3D&pcode-icookie=Dm8N%2FFiUalt3ZNKYMkEQ0YsDqptjxnGIUwm7mFeH%2F5vCI4GjF%2Bwz%2FbYaJug9A0EpDoZGvX9bnZHgwZANRR30WwQEsOU%3D&duid=MTY1NjM1MzUyMDQ4ODU0OTE3NQ%3D%3D&imp-id=21&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=112150186033154&ad-session-id=4069701656353520074&target-id=45432517&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fsalda.ws&top-ancestor-undetermined=0&pcode-version=603340&pcodever=603340&flash-ver=0&available-width=914&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A914%2C%22h%22%3A0%2C%22width%22%3A914%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22isBlackTheme%22%3Afalse%2C%22left%22%3A198%2C%22top%22%3A1059%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A3%7D&grab-orig-len=2304&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjoxNDN9ChKnpLDkuOuBMFDHDvS71U7Ofss3jho05VMHfRPa-6pqyiHiHe4UopSIMhrSb0mW5esrq5VVt7J9K-A_2st7pAA9EcAVxkzJJ4diVVYlWPfOoRBjBjGI0YwxcyLT7DEFd_ymEUeJpIx6mr26tuqfQWtmqN6o0VRW5vqNao3uK6b6TVY1wqevLShA_xB6iBtCDPFCjIMhDrFCjIAsgBviHUf6IUaIGWKHRCH4EBMlB9iUfpR2eSTLbXb5mIXNHvUoHzYAfIzd5Re1y0Y0P5uygchdjLhMunQLur9Ms2hkESK3MUllr01f32U9it8oyVAIV36wyCLEudWYB3Br3yyfMsVINLTqMalHErtdNrvLj7UiLShs9qJTi3nJRTTvNvu0fQhMS5hgnwMSu2se3WUVsQB52RBc8MkDshCXjwWIjfB147fteC2u3tdQQsIAuIDkbq_3quJ69hLfLdFGxrMulHvBbynhhhCuE4QD4z0YbgAnxOJjhdbCinObsFrKBCGR9_iWPMHtIw9g8rFAunsIfuoBbL60XRsnF1pgGj9tIfSAPMT7ffK90agfhBajAKYXI-RjBOzSxg5Ibi4m71aoG86Djr-JbLRRNaOa3Hg5B1gQ7zNWDuGnL_MZx4jc1IqUUrkW4LZ5WwSAYBLiud4ZieYp8rSkUTbC5D6vQV27P8DzXTNEcQiXSJAHcBp3xn2wMAIy_ifaNJEJgYilM0MvLImiNFMqFGVaXFm7a9nAdIPpBpjdQgYj2KEoFbm7kQFozZKWDKxGXdGK23Qg-NX2B5l01f-foWCfmSz90xsnRiFe5_U3toD87X7BVeqTN7horRjcNwGhfXwcar5R-xCoI5MgNa2K5SuPgORIo6AyFUoBFek5OGXci6FshOaIDgfHZRjAuCuSdzg5EH-Ij-zZWZAiZXE6-JQrPw2nk8WJhMXBLlTxYs2npAX01sYK8iVP1OKFERI26QVRrHVOn4gksABtoJsW3Q4iTxYvfSvQ55G3cq7CXIG-0cNeFwWk5wEScHla7O6jGYB4tAC_knjg8PsU063kPX5D_Ewp1Ufy8UaL4el7nr95RqX86VLJn7JYZtNMaJ5-KNA_J9q1JZlU-d-tJUlpRubZrU7P9dEzjVwqm1nGsi-VRDHWv1k28ueq5CNNKJA_5xuyjfdbX2fICq-Cag3C-qnjZ1RrnnnKegbPs7Oaydy1VNkJV1kaR4tzpE0O13j0vx92MaHug-pZna_rmSQa8VslJzZn3qfnIf14RSqBJ49avM3qumY01KrqZRTxvVIcG-VziQKL3POeQWvRwDdomZ_decXoVFWtpvuDyifdnquGX6lrXa2n88vSef0xdppL4dlfd_o4_yrp1LxGWPwR87ktO8WoNtRaE_entLSC_kHhtSMrRlKmR3zfGvfJ8ozynneptGcj5v7yQBfJyO60vZYU55N4UH4xssXLn8EOaY9vnddKOcVXwvvfMsrDfjSIjPksR7M8lTyV5MVrx45H0OMeeZ5aY5p1kup8l8G78a_JBE6q9OgUI11DjHhO9igo-Ovl8_oc9iozg_58abIaVMddWNQM5sqg0Z6d6A71frZp6lOR93LGnt9sbzKoKga1ZS0bgcFUa1RfzSOq3zCdbfxZfDPuw5T6L0fbzKBSHZyXC0Fh6lnRQUazUZVBj_DVGqvpa_iMeqtBW5ueSUP_leYt9ausxvpB9fytKaV5mmx4agRrRfoLcb6uEAwOl8PpcCLnnWOPI0mi2HfGPsoLuYb29UvIdKPo882SpKeS-M2pJIuKI0Xxs3neotfctfMsr7jQynr-ulmcfGJOqZL-OubDZQ0pT4cugRR0ptmqqoX6hDWLLE2GMhm5knpNOP68ZzRKXyK4ffwBTkOwE_mINLwAVgAsuJSJMNLWlwanUu79Q8AaSpjMx-QIC3Men6JxtGl6ildZrmkmJ7gdTidonOd0h7dMaUggzBCDswlBMcJ394sFIWlDWYMXXPxiVPbKWKJFCh0C9eTxyZOVAsRtzjKL0MyNpme-xwCplVyhhIUGbSVZk2chzkUOpggKsS9mAli-xFtkBOFiEYC_zAnvGk-oD3-_jlUQvSgYiXjmxURGFYupooOQzZ4jSyQiKEg4EbM5OVnZHJysrKxIPWSIOBxJPz3l9lFjh52EffvJf1HIh9lc4Oc3WCzPenhsgOoK4Tomoxs1CL3bq9PsFuchHHxAghPA3fGcr3aj3uYDy-5qwB4D-g%3D%3D&uniformat=true&callback=Ya%5B3397054137307%5D
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
09da4effea637f5ad1d5dc92ab5cd924f556ea5ad463c5a58d2a71189c0a8dc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://salda.ws/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 27 Jun 2022 18:12:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1656353520921392-8839726765554553267-sas3-0969-abf-sas-l7-balancer-8080-BAL-7269
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Mon, 27 Jun 2022 18:12:01 GMT
uniformat
true
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://salda.ws
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 27 Jun 2022 18:12:01 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4ED0 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9c24c545/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UG-7B3hLOW4
X-YouTube-Client-Version
1.20220622.01.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtXRHAxN0pvY01CQSjv5eeVBg%3D%3D
X-YouTube-Ad-Signals
dt=1656353519816&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C924%2C517&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 27 Jun 2022 18:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Mon, 27 Jun 2022 18:12:02 GMT
s0tgc8XWV.js
salda.ws/ 		47 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://salda.ws/s0tgc8XWV.js
Requested by
Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.186.143.7 Moscow, Russian Federation, ASN204490 (ASKONTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
e8cb1d4a23227fb9426aab7d4b3c7768cbb452ebf07e7f5583ee6f2d9172250f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/video.php?id=UG-7B3hLOW4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 18:12:04 GMT
last-modified
Sun, 18 Jul 2021 09:23:01 GMT
server
nginx
etag
"60f3f2f5-2f"
strict-transport-security
max-age=31536000;
content-type
application/javascript; charset=UTF-8
cache-control
max-age=2592000
accept-ranges
bytes
content-length
47
expires
Wed, 27 Jul 2022 18:12:04 GMT
cookie
rbthre.work/ 		2 B
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rbthre.work/cookie?sub_u=1
Requested by
Host: rbthre.work
URL: https://rbthre.work/pjs/0tgc8XWV.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.4.104.244 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.244.104.4.46.clients.your-server.de
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://salda.ws/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
https://salda.ws
date
Mon, 27 Jun 2022 18:12:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
2
strict-transport-security
max-age=63072000
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/50728582?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A362%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A620655694058%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A565703203%3Arqn%3A1%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Ads%3A0%2C122%2C113%2C92%2C%2C0%2C%2C38%2C0%2C%2C%2C%2C367%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/50728582?callback=_ymjsp614281091&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A362%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A620655694058%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A565703203%3Arqn%3A1%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Ads%3A0%2C122%2C113%2C92%2C%2C0%2C%2C38%2C0%2C%2C%2C%2C367%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(3)&wmode=5
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/323840?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A344914978907%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A69099015%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5700)aw(1)rqnl(1)ti(2)
Domain
mc.yandex.com
URL
https://mc.yandex.com/watch/323840?callback=_ymjsp1020100242&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A344914978907%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A69099015%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5700)aw(1)rqnl(1)ti(3)&wmode=5

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| yaContextCb object| _tmr undefined| TST object| _win object| _doc object| _html_body object| _body object| ASmiles function| Toast function| RandId function| escapeHtml function| selectText function| ContextMenuOpen function| ContextMenuClose function| AllSelectForm function| is_touch_device function| quote_post_f function| ToggleBlock function| ToggleCat function| FormSelectCat function| CheckAgreements function| set_cookie function| delete_cookie function| get_cookie function| Toggle function| NewWin function| reply_comment function| reply_topic function| output_js function| error_js function| img_sprite function| preloader function| randInt function| SoundPlay undefined| IBNMT undefined| ICNM undefined| IPLM undefined| savedRange string| TitleDoc number| IntervalCNM number| IntervalPLM function| CheckAuth function| saveSelection function| restoreSelection function| IEHTML function| PopupOpen function| PopupClose function| PopupOpenClick function| PopupOpenResize function| ScrollbarSwitch function| FormSend function| GetSend function| Spoiler function| doAddTags1 function| doAddTags function| doAddList function| doAddUploadImage function| doAddDownloadImage function| add_bbcode_smiles function| ReplaceBbHtml object| snowFall undefined| NEW_YEAR function| popup_close function| popup_reload function| popup_close_reload object| e function| $ function| jQuery string| fotoramaVersion number| cmyf object| myfo string| h_menu string| h_menu_1 object| TDH object| idleTimer boolean| idleState number| idleWait object| SSN number| SNW number| SNAW boolean| SNC number| COUNT_BG number| 0tgc8XWVf_xkCW65 number| rb_nat_ps_st_fr object| Ya object| yaCounter50728582 object| pcodeJsonp603340hpAygHV5aP object| __activeTestIds object| __pcodeAllActiveTestIds number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya boolean| yandex_context_perf_logging object| yaads object| layoutConfig object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter323840

21 Cookies

Domain/Path Name / Value
salda.ws/ Name: WS
Value: evb4qfh5cou39jummkaak90kc0
salda.ws/ Name: _COOKIE_TEST
Value: SALDA.WS
salda.ws/ Name: _BG
Value: 21
salda.ws/ Name: _BG_PRIV
Value: 65
salda.ws/ Name: _PRIV_NOTIFY
Value: 5
.youtube.com/ Name: YSC
Value: XwqJNyt_GRo
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: WDp17JocMBA
.yadro.ru/ Name: FTID
Value: 1YkVBl39TreL1YkVBl003Eeq
.salda.ws/ Name: tmr_lvid
Value: 697f16b8555b98adbe5597e8528d0d38
.salda.ws/ Name: tmr_lvidTS
Value: 1656353519879
.yadro.ru/ Name: VID
Value: 2KXXzR2ksaeL1YkVBl003JbH
.salda.ws/ Name: _ym_uid
Value: 1656353520488549175
.salda.ws/ Name: _ym_d
Value: 1656353520
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2574204394fake
.salda.ws/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3656807941fake
.yandex.ru/ Name: yandexuid
Value: 3747698591656353520
.salda.ws/ Name: tmr_reqNum
Value: 2
.mail.ru/ Name: VID
Value: 2jX4dn3dDI2A00000e1GL42A:::0-0-0-7d44baf:CAASEHgBV1VVvrv0RBJ970GM-5EaYLCdXTJJgNa-gl4ATsxKpFbf3IOzpabfSS5KwnzviMgNCWLGy8jOuZRsToVxuDwM5BlaVAF8vYW3s67t2qbYk_TgomdVd9Mg_Aqao-jSHIhP1eEcGcuvsV0sEuD1oM5TQw
.yandex.ru/ Name: i
Value: vidQ5pN79o2DbUP3dUYFJv8LS0KdEqBZOfVzPnyksCn1ISin9VGTW3xx8zdCMLRsDYt075UqWiyOxrmJQd00rPnoCnM=
salda.ws/ Name: tmr_detect
Value: 0%7C1656353522266

5 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9682.FM0pJ0HTGfYWUcEQ36qJNsBlW5kqbwia7C_S8A8_Rva2YWhmVsadKBZArlxmwESwt_mI_GWi5Rn-qYycBgKcKQ%2C%2C.LO-5xe2zigtDb9U7-6WVng46GBI%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
security error URL: https://mc.yandex.ru/metrika/watch.js(Line 114)
Message:
Refused to connect to 'https://mc.yandex.com/watch/50728582?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A362%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A620655694058%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A565703203%3Arqn%3A1%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Ads%3A0%2C122%2C113%2C92%2C%2C0%2C%2C38%2C0%2C%2C%2C%2C367%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2)' because it violates the following Content Security Policy directive: "connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news".
security error URL: https://mc.yandex.ru/metrika/watch.js(Line 104)
Message:
Refused to load the script 'https://mc.yandex.com/watch/50728582?callback=_ymjsp614281091&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afp%3A362%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A1%3Adp%3A0%3Als%3A620655694058%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A565703203%3Arqn%3A1%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Ads%3A0%2C122%2C113%2C92%2C%2C0%2C%2C38%2C0%2C%2C%2C%2C367%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(3)&wmode=5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://mc.yandex.ru/metrika/watch.js(Line 114)
Message:
Refused to connect to 'https://mc.yandex.com/watch/323840?wmode=7&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A344914978907%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A69099015%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5700)aw(1)rqnl(1)ti(2)' because it violates the following Content Security Policy directive: "connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news".
security error URL: https://mc.yandex.ru/metrika/watch.js(Line 104)
Message:
Refused to load the script 'https://mc.yandex.com/watch/323840?callback=_ymjsp1020100242&page-url=https%3A%2F%2Fsalda.ws%2Fvideo.php%3Fid%3DUG-7B3hLOW4&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2n2z35yck7fai9c6gvqew%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A832%3Acn%3A2%3Adp%3A1%3Als%3A344914978907%3Ahid%3A670695328%3Az%3A0%3Ai%3A20220627181200%3Aet%3A1656353520%3Ac%3A1%3Arn%3A69099015%3Au%3A1656353520488549175%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1656353519213%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1656353520%3At%3ADaisy%27s%20Destruction%20REAL%20UNCUT%20FOOTAGE%20FROM%20THE%20DARK%20WEB!%2C%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%2C%20%D0%A1%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD&t=gdpr(14)mc(p-1)clc(0-0-0)lt(5700)aw(1)rqnl(1)ti(3)&wmode=5' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' ytimg.com *.ytimg.com youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru liveinternet.ru *.liveinternet.ru mail.ru *.mail.ru imgsmail.ru *.imgsmail.ru rbthre.work *.rbthre.work ; object-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; style-src 'self' 'unsafe-inline' * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; img-src * data: https: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru; media-src 'self' blob: * data: yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; frame-src 'self' youtube.com *.youtube.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru rutube.ru *.rutube.ru ; font-src 'self' data: gstatic.com *.gstatic.com yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru ; connect-src 'self' yandex.ru *.yandex.ru yandex.net *.yandex.net yastatic.net *.yastatic.net yandexadexchange.net *.yandexadexchange.net yandex.st *.yandex.st yastat.net *.yastat.net adfox.ru *.adfox.ru mail.ru *.mail.ru statforweb.bid *.statforweb.bid tword.ru *.tword.ru realpush.digital *.realpush.digital rbthre.work *.rbthre.work pstatrbnew.bid *.pstatrbnew.bid pushreal.media *.pushreal.media realpush.news *.realpush.news ;
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

counter.yadro.ru
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
informer.yandex.ru
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
rbthre.work
salda.realpush.digital
salda.ws
select4.pstatrbnew.bid
static.doubleclick.net
top-fwz1.mail.ru
www.youtube.com
yandex.ru
yastatic.net
mc.yandex.com
159.69.75.12
185.186.143.7
2a00:1450:4001:806::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::2016
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8:a::a
46.4.104.244
85.10.194.206
88.212.202.52
95.163.52.67
02c887d0f137c38b67b41a1b723131d9966cf8fab642dd893d7aa69fd7f9cd0e
0738b800515f578917fe20128202c356b14da87f0125731ec04e9e9922a228d2
09da4effea637f5ad1d5dc92ab5cd924f556ea5ad463c5a58d2a71189c0a8dc7
0cd11aaac5697e148a56ec472f807d6d86ad01cb2ed0e9413188904a0d04ce5c
10e774503052a0e07ff6fd61a962071b8a50a723062f6ac94061d4696b57be70
11697d6b7e685d69254e60c4af12439bd958317f24cf460248022cfdd16e9146
1db5105bea53fadbe2524a7942923f4712abd9b2ff6cc1b4235cfd2963ebf4a1
210ca579479d15fbc0c28ee93bda24a4ca2e8a583111ee4ad7e532429df09ffb
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
278e447c1b3e00116485854b0a559dc6f91e60de191106b2a6eb69090cbd4d4e
27a57a1f5bd68dd4d932c54e39cf3af3becfff0d99aa8a868d993a13e8e0bcde
30b77db0734e4305ec1bc02092306e77c52cc2630dd225ca3ec56317b4fc9d7c
323f267bff0f879cfc627265d6cc65929748fe98064c608ad4de524758207aa8
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3a5e8127eb139a6b9a96df1f93809e84a40bad54f7224e2f02585fcdc8439012
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f8c8e1a9cffbd133db8b7791bb99a443db6a88ccfab8f4acffa3d7dc8550600
4347c20ac1a31a02056bf128cc6f9eeeef94abca0d44fc8a649fa5b8c92dc5f1
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
54175d1d08dd5170eed0a05228ef21e3fc4928feb75c03d3f5279f61c428e5f7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
6835b86b0aa9f0d05d9c788a970b8f7c8855af7916c5747c697c10397efe719f
71ad4af458ae1422bc7606df10d3489fe8788b5107d6c088c070145761c2e143
7367d7a4bc7f5bbebd4fc2d8f617b64fa12912724aae1ca4f1e6771c055782cd
738549fad732c39ac3177e7916e8234c2f5a8d3d82f9f428af53d623a0536ead
741659204b21c6bc9c6ed8678ae80056eabb4c74a42cd92996bb47e461748b6b
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
769a8fa1316d34b534110cc17d1ccc0e38c1af3db4926537e0a6a0dbc16b1004
785a34cbb4b994c5f959804d4d49c0fbf7633f728d2f1483d0b4cd71a9f21bb7
7a5f9ef42dfd2e3155724a4f0da207de04593240ff95ba7a4a3bed3588abf1a3
8384ae605eededff747271230017c369f7cb18e46f988d52d354ccbc6aa8c118
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
84a6ed93324709f11acdac75783b091dc9f3e5ccf9f1f399c084f25bc44c6254
85f33cc0e89c76e90ba10188f1a02e0afc7feade28d23fbc967c9bc52180a81d
8941c9615937bbd36f0a1313ed1622a264bab35595d115645f8e0a0215985903
8d87c18fcb70f9b1d23c94aedc506cb6cc2640c5aebb25ca6e8e64b0cd997553
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a0813d4ff9797274632a542078c69337cc4ec75fd574d971ac640f4c05819a1
a06a1231bec3c91bbdf9969e7e63d1442513a2e270af8834a00df1429ff646ed
ade2235d63a3cb2381558669458c1f4ccb3dc763da058c4178fb9171c03a06bc
b4670a1ef2158ade50993ba16cecef167b4cff784f43d9708d6dd598d50f9eef
c0b6b00746d13f670f0ea08f8f689d152ea5fdadfcb0267331f7573d1b17d1ab
c459a03c951a9a6297e66735d158ea83f49eb78a13b45192ad35bfa0b71dc7e0
c639beb6f03a59c137ef5bb878a82c9e86dc7d416173c755be07e0fcf9ddf1e2
cdc9c4f994cc799465bfa64ab71b84ed4f0c1b165675c4d0d397ec7261683406
cfcfcb98375f60c9dcad4d2039314935421dbef6c2d5240057d3665ecab6c550
d1f03b99895c2b6ae3754ed46763ad471693f55d5ea463adc4ecdb5530503f62
d5e2e0ba5de255cfa8d5935dc04f5ea5982aefa8de5a638331b51e5556d879f2
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da6e6b220d9d476dd5842362b38eddba2ac70ee20a476d2ad789d112cdabad79
e03f4c054e0ede2eb6312ec6fb77f6752ef657602e1c7828bed4a76e7fbf1145
e14930f270e3be1c0c36c3ee34b7e4a28afe49f7ac7a68a5a76f5c7b805a4ada
e2a086e18982ed3bf075f978cadecfb00423ba6e58b4fb94fd43f33e4678853c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cb1d4a23227fb9426aab7d4b3c7768cbb452ebf07e7f5583ee6f2d9172250f
eaf4361975fee3754fad7372c4df9baaea52cc461ad55e63d36b1622874dbf01
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f1153a7d9e7f877b55f4e32fe45448a1229fdc0ab67ae1bfa09fd77b9c72679a
f29eb0f1ca5026df97c355758aa8d9a8e75419aca10f66182b037fb6ae53be88
f78469df942a22b446079a57b09b2e1dbf29c6e545e6b90d26f4f535738db9e3
fb555efc6eab81f11f03f9ec43cbb959a390c95acad6b5611f1a6ad51f07c616
fc81f1042732040a255e9fa80134d91baf8e35e1528b68d53203942d09eee7f0