redhelper.ru Open in urlscan Pro
185.39.82.40 Public Scan

URL:
https://redhelper.ru/?copy
Submission: On May 07 via api (May 7th 2021, 10:16:39 am UTC) from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 45 HTTP transactions. The main IP is 185.39.82.40, located in Russian Federation and belongs to LIVETEX-2, RU. The main domain is redhelper.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 17th 2019. Valid for: 2 years.

This is the only time redhelper.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	185.39.82.40 185.39.82.40	207472 (LIVETEX-2) (LIVETEX-2)
16	185.39.82.42 185.39.82.42	207472 (LIVETEX-2) (LIVETEX-2)
8	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a03:2880:f00... 2a03:2880:f008:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	93.186.225.208 93.186.225.208	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS http://vk.com)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f10... 2a03:2880:f108:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
45	14

5 185.39.82.40 (Russian Federation)

ASN207472 (LIVETEX-2, RU)

redhelper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
web.redhelper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.39.82.42 (Russian Federation)

ASN207472 (LIVETEX-2, RU)

i0.redhelper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.redhelper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.redhelper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f008:8:face:b00c:0:1 (Milan, Italy)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f108:83:face:b00c:0:25de (Milan, Italy)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	redhelper.ru redhelper.ru i0.redhelper.ru i1.redhelper.ru i2.redhelper.ru web.redhelper.ru	1 MB
8	youtube.com www.youtube.com	709 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	399 B
2	facebook.com www.facebook.com	425 B
2	gstatic.com fonts.gstatic.com www.gstatic.com	12 KB
2	facebook.net connect.facebook.net	97 KB
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	google-analytics.com ssl.google-analytics.com	17 KB
1	google.com www.google.com	13 KB
1	vk.com vk.com	446 B
45	11

	Domain	Requested by
8	www.youtube.com	redhelper.ru www.youtube.com
8	i1.redhelper.ru	redhelper.ru
5	mc.yandex.com	2 redirects redhelper.ru
5	i0.redhelper.ru	redhelper.ru
3	i2.redhelper.ru	redhelper.ru
3	redhelper.ru	redhelper.ru
2	web.redhelper.ru	redhelper.ru web.redhelper.ru
2	www.facebook.com	redhelper.ru connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	connect.facebook.net	redhelper.ru connect.facebook.net
2	mc.yandex.ru	1 redirects redhelper.ru
2	ssl.google-analytics.com	redhelper.ru
1	www.gstatic.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	vk.com	redhelper.ru
45	17

This site contains no links.

Subject Issuer	Validity	Valid
*.redhelper.ru Sectigo RSA Domain Validation Secure Server CA	`2019-09-17` - `2021-09-17`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://redhelper.ru/?copy
Frame ID: 2C1D2BE18DC94EAD901BA3F98AEF08EE
Requests: 33 HTTP requests in this frame

Frame: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
Frame ID: E991A02399204E7FDF89EA07BF11C6A8
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

45
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

2168 kB
Transfer

4588 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.TOLYpRTUJEkO6XIqEjzV7a24WDY8e7Akj7wbQVWv7nkhnk8hwvpwrYn79hbKFTeK.GE-4z6ATaTyRkuHgvxvlP1Lx908%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9266.7nBX6zhTAgRrnYexiDV6l8p9J58AbOX7NpOYWyH27DvgHz_jC3brAAOZqdurhXpJTSXtZdWupSgUmkBnQB5lzg%2C%2C.w4_5qJdymPiWv9hBZ_oNmL5lHbA%2C

Request Chain 42

https://mc.yandex.com/watch/34357155?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1348563484046%3Ahid%3A551989974%3Az%3A120%3Ai%3A20210507121557%3Aet%3A1620382557%3Ac%3A1%3Arn%3A302034704%3Au%3A16203825571062041755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620382556649%3Ads%3A24%2C156%2C54%2C1%2C3%2C0%2C%2C219%2C0%2C%2C%2C%2C475%3Adsn%3A23%2C156%2C55%2C1%2C3%2C0%2C%2C221%2C0%2C%2C%2C%2C475%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620382558%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%B0%20RedHelper.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F. HTTP 302
https://mc.yandex.com/watch/34357155/1?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1348563484046%3Ahid%3A551989974%3Az%3A120%3Ai%3A20210507121557%3Aet%3A1620382557%3Ac%3A1%3Arn%3A302034704%3Au%3A16203825571062041755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620382556649%3Ads%3A24%2C156%2C54%2C1%2C3%2C0%2C%2C219%2C0%2C%2C%2C%2C475%3Adsn%3A23%2C156%2C55%2C1%2C3%2C0%2C%2C221%2C0%2C%2C%2C%2C475%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620382558%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%B0%20RedHelper.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F.

45 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
redhelper.ru/ 22 KB
8 KB 241ms
54ms Document
text/html 185.39.82.40
LIVETEX-2

General

Check archive.org

Show headers Download Go to

Full URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.40 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 1799d76ce87933444e4206b33020fc7dba1feb17d040b6f3d0cd817c003cd9b2

Request headers

Host: redhelper.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx/1.1.19
Date: Fri, 07 May 2021 10:15:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 17 Feb 2021 17:49:45 GMT
Expires: Sat, 08 May 2021 10:15:56 GMT
Cache-Control: max-age=86400
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
redhelper.ru/css/ 195 KB
88 KB 69ms
69ms Stylesheet
text/css 185.39.82.40
LIVETEX-2

General

Check archive.org

Show headers Download Go to

Full URL: https://redhelper.ru/css/main.css?v=1613584175
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.40 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 3eae13d9ddbcaf76df8f364634f94982ce908c796464715d2a344b4e9b56c0b3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: redhelper.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://redhelper.ru/?copy
Connection: keep-alive
Referer: https://redhelper.ru/?copy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Feb 2021 17:49:44 GMT
Server: nginx/1.1.19
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Sat, 07 May 2022 10:15:56 GMT

GET
H/1.1 200
OK logo_flat3.png
i0.redhelper.ru/media/graphics/ 4 KB
4 KB 237ms
49ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.redhelper.ru/media/graphics/logo_flat3.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 0df5a4843c296d7f9f94a016ea7156b07a2b7a208c3a731a0a50db863d76ab81

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:24 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3873
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK chat-window-material-x2.png
i1.redhelper.ru/media/description/ 122 KB
122 KB 274ms
72ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/description/chat-window-material-x2.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 6b379f1e8283e8352b762210640f5a0a807a9d8fd1f893a6536e7e2c13bc4096

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124909
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK sk.png
i1.redhelper.ru/media/images/ 4 KB
4 KB 245ms
50ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/sk.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 8609b3d3778e8c5fe6587feac3c923ac3e8b77ec378b8ef07f10f03098a7e3bf

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4262
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H2 200 9EDo6zQJJGM Show response
www.youtube.com/embed/ Frame E991 52 KB
22 KB 79ms
79ms Document
text/html 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b85e424e720fa1da51b55179ef4195cc36d0e0ec3a7dde697bd521aaef6f5ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://redhelper.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://redhelper.ru/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 07 May 2021 10:15:57 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=ru for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ybv6mx-uI0Q; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=8TwT0TXXAe4; Domain=.youtube.com; Expires=Wed, 03-Nov-2021 10:15:57 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+252; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK rh-logo.png
i1.redhelper.ru/media/images/ 1 KB
2 KB 247ms
54ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/rh-logo.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: a4755266cc67bf7368e7d43b770664b04baaa544ca8af918d1591899eed3535a

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1381
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK back-white-icons.png
i0.redhelper.ru/media/images/ 6 KB
6 KB 151ms
55ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.redhelper.ru/media/images/back-white-icons.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: b96298343ba06e7be76cd282eb2a1424fcfc0c84a69591d533d3a528de2f533f

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:24 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6047
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK rh-logo-main-white.png
i1.redhelper.ru/media/images/ 4 KB
4 KB 246ms
54ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/rh-logo-main-white.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: ded8720bb1efc5e3d974d75a6c5c487d78167a208bc9cf15066ff83e73c80d8e

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3857
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK icon-video.png
i0.redhelper.ru/media/images/ 333 B
622 B 199ms
47ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.redhelper.ru/media/images/icon-video.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 74ffce6b43cf05b4131e777b472871a1e6670df73f417b3469cef8dbffe9dc79

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 333
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK Zeus.png
i2.redhelper.ru/media/images/ 30 KB
30 KB 265ms
64ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.redhelper.ru/media/images/Zeus.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 55e725516dbc32af695376404926f3bf191a4c66a331e8c0425cbca2c8f017de

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30255
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK back-dark-icons.png
i1.redhelper.ru/media/images/ 5 KB
5 KB 243ms
56ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/back-dark-icons.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 860d81994a388f35e32000aff95339f4d3f6ef02cbde15296dfe83b7fd47eb73

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5088
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK icon-see-more.png
i1.redhelper.ru/media/images/ 539 B
828 B 295ms
57ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/icon-see-more.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: c0e8d5c0c8a12f2b2795cf50e988c410cd13b060a185a8a8323844e9bd721170

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 539
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK rh-video-preview.png
i1.redhelper.ru/media/video/ 17 KB
17 KB 176ms
66ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/video/rh-video-preview.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 75261f02298e7cc50cb3be046295cab8890e70d614d40b2816d27078eb0adde6

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17504
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK reason-1-material-x2.png
i2.redhelper.ru/media/images/ 697 KB
697 KB 233ms
72ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.redhelper.ru/media/images/reason-1-material-x2.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 713250
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK reason-2.png
i0.redhelper.ru/media/images/ 40 KB
41 KB 175ms
78ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.redhelper.ru/media/images/reason-2.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 39b7b112467869c256239a43ea5a4a55edc9493b2ae499468f6c80c6109e39b1

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41217
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK reason-3.png
i0.redhelper.ru/media/images/ 27 KB
27 KB 182ms
80ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i0.redhelper.ru/media/images/reason-3.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 76b7d1ef1d3cfea4e0aa2ce1734657e70ef264c7d736760cc841b4f08b323c39

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27166
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK icons-os.png
i1.redhelper.ru/media/images/ 1 KB
2 KB 47ms
47ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i1.redhelper.ru/media/images/icons-os.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 533a0798ca3247c45135ab7afb73c7b26919ebcfe7bee8d12ae16a4cb58f94be

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1270
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H/1.1 200
OK icons-sn.png
i2.redhelper.ru/media/images/ 1 KB
1 KB 233ms
53ms Image
image/png 185.39.82.42
LIVETEX-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i2.redhelper.ru/media/images/icons-sn.png
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/css/main.css?v=1613584175
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.42 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash: 70c4b5657b710d77b6de61a849a587107870a051acf621e5154f986d947faeaa

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Last-Modified: Mon, 15 Feb 2021 08:03:25 GMT
Server: nginx/1.1.19
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1163
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
DATA 200
OK truncated
/ 92 KB
92 KB Font
font/opentype

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c

Request headers

Origin: https://redhelper.ru
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: font/opentype

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 655
date: Fri, 07 May 2021 10:05:02 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 07 May 2021 12:05:02 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 158ms
51ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
content-encoding: br
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-abe7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44007
expires: Fri, 07 May 2021 11:15:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 70ms
24ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: h38zYvtdep83cJFsVcgJGgEu/rBDxlPhDTr3yDiW2EBhqoFS15/xq3kBThbDrD3g3eC7danFZP5X3iO3Rctcfg==
x-fb-trip-id: 19638678
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 07 May 2021 10:15:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
446 B 161ms
56ms Image
image/gif 93.186.225.208
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?r=ErzDMP9hdcN9E5rOsym5XoHIUfa9Q1LTPJV/vDYujpIqvPZPqlGIWq4OGZOY7DslQ0SK5ec8TOerCrNoLOab7fXlvDXzkZHbuPFuOAsyhNxmQUkl8V3pZP8UEPApv5onZ8wBGlR7nss*eN0zjmX1y5EcyUX6KuaJX6ACfK0cJ*o-

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),

Reverse DNS

Software

kittenx / KPHP/7.4.107053

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
content-encoding: gzip
x-frontend: front605107
server: kittenx
x-powered-by: KPHP/7.4.107053
strict-transport-security: max-age=15768000
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H3-29 200 www-player-webp.css
www.youtube.com/s/player/838cc154/ Frame E991 359 KB
53 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

458f0d6ddd69b45ae8a3858e346eb5c4dd6557d07a6f93e41819ceca18003603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:45:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70200
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54022
x-xss-protection: 0
expires: Fri, 06 May 2022 14:45:57 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/838cc154/www-embed-player.vflset/ Frame E991 189 KB
67 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf592ded5e37c31c3e1df0010cb88f9e742411dc388ba1a9da05d6b562c52d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70228
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68201
x-xss-protection: 0
expires: Fri, 06 May 2022 14:45:29 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/ Frame E991 2 MB
524 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8c096ffcb4226a082909b628ef280c12c278bbef33663452bc4a5a73d5498ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70095
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 536610
x-xss-protection: 0
expires: Fri, 06 May 2022 14:47:42 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/838cc154/fetch-polyfill.vflset/ Frame E991 8 KB
3 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70228
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 06 May 2022 14:45:29 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E991 10 KB
10 KB 8ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:43:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
age: 66722
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
expires: Fri, 06 May 2022 15:43:55 GMT

GET
H3-29 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 35ms
31ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1686492731&utmhn=redhelper.ru&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%B0%20RedHelper.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F.&utmhid=2122913927&utmr=-&utmp=%2F%3Fcopy&utmht=1620382557221&utmac=UA-31718326-1&utmcc=__utma%3D1.363087687.1620382557.1620382557.1620382557.1%3B%2B__utmz%3D1.1620382557.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=129990088&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 10:15:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 998386910233360 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 100ms
98ms Script
application/x-javascript 2a03:2880:f008:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/998386910233360?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d734f754818640182634138d32b04fd8c84d4eea4daa098eef28e2a2bac7ab5f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: XR1EkdnHWkiVbMjkgpH6LsO7ll2XrHZS4JHGRx7KbOrm1/BnynT6kGG47fUgDW8Gwu+M9xazboJQgbPzBpLm5g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Fri, 07 May 2021 10:15:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame E991
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

39ms
39ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5a27493930e3243a74fe821755e7e89c8cf202ef7f82af009e2032920772ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 07 May 2021 10:15:57 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame E991 29 B
91 B 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:03:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 766
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 07 May 2021 10:18:11 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/ Frame E991 100 KB
33 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302087a8d1a8ed7db9c0e71c965a799fb8ac60613e1bbff5ff0fa1a0052791e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70094
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33304
x-xss-protection: 0
expires: Fri, 06 May 2022 14:47:43 GMT

GET
H2 200 ocgPIJfW0jDs5Zi-Dc2n_m3pj7ySY2LQGPTPRk3r6ko.js Show response
www.google.com/js/th/ Frame E991 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ocgPIJfW0jDs5Zi-Dc2n_m3pj7ySY2LQGPTPRk3r6ko.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1c80f2097d6d230ece598be0dcda7fe6de98fbc926362d018f4cf464debea4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 14:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 157547
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
expires: Thu, 05 May 2022 14:30:10 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/ Frame E991 26 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e7cdc62af7e3b258423c9960c5b729972a9a32f2ecad64de80d0820aa451be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 14:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 00:36:03 GMT
server: sffe
age: 70094
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7932
x-xss-protection: 0
expires: Fri, 06 May 2022 14:47:43 GMT

GET
H2 200 cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame E991 4 KB
2 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/838cc154/player_ias.vflset/ru_RU/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 07 May 2021 10:15:57 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.TOLYpRTUJEkO6XIqEjzV7a24WDY8e7Akj7wbQVWv7nkhnk8hwvpwrYn79hbKFTeK.GE-4z6ATaTyRkuHgvxvlP1Lx908%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9266.7nBX6zhTAgRrnYexiDV6l8p9J58AbOX7NpOYWyH27DvgHz_jC3brAAOZqdurhXpJTSXtZdWupSgUmkBnQB5lzg%2C%2C.w4_5qJdymPiWv9hBZ_oNmL5lHbA%2C

75 B
75 B

51ms
51ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9266.7nBX6zhTAgRrnYexiDV6l8p9J58AbOX7NpOYWyH27DvgHz_jC3brAAOZqdurhXpJTSXtZdWupSgUmkBnQB5lzg%2C%2C.w4_5qJdymPiWv9hBZ_oNmL5lHbA%2C

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9266.7nBX6zhTAgRrnYexiDV6l8p9J58AbOX7NpOYWyH27DvgHz_jC3brAAOZqdurhXpJTSXtZdWupSgUmkBnQB5lzg%2C%2C.w4_5qJdymPiWv9hBZ_oNmL5lHbA%2C
date: Fri, 07 May 2021 10:15:57 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3-29 204 generate_204
www.youtube.com/ Frame E991 0
9 B 12ms
8ms Image
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?5td2ow
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.youtube.com/embed/9EDo6zQJJGM?autohide=1&hl=ru&modestbranding=1&rel=0&theme=light
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 07 May 2021 11:15:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 67ms
22ms Image
image/gif 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=998386910233360&ev=PageView&dl=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&rl=&if=false&ts=1620382557612&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620382557610.942349054&it=1620382557242&coo=false&exp=l0&rqm=GET

Requested by

Host: redhelper.ru
URL: https://redhelper.ru/?copy

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:15:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 07 May 2021 10:15:57 GMT

GET
H/1.1 200
OK main.js
web.redhelper.ru/service/ 3 KB
1 KB 222ms
51ms Script
application/x-javascript 185.39.82.40
LIVETEX-2

General

Check archive.org

Show headers Download Go to

Full URL: https://web.redhelper.ru/service/main.js?c=rhlp
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.40 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2020 12:20:37 GMT
Server: nginx/1.1.19
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 979

GET
H/1.1 200
OK main_conc.js
redhelper.ru/scripts/ 159 KB
61 KB 70ms
70ms Script
application/x-javascript 185.39.82.40
LIVETEX-2

General

Check archive.org

Show headers Download Go to

Full URL: https://redhelper.ru/scripts/main_conc.js?v=1613584175
Requested by: Host: redhelper.ru
URL: https://redhelper.ru/?copy
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.40 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: redhelper.ru
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://redhelper.ru/?copy
Cookie: locale_interface=ru; __utma=1.363087687.1620382557.1620382557.1620382557.1; __utmc=1; __utmz=1.1620382557.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=1.1.10.1620382557; _ym_uid=16203825571062041755; _ym_d=1620382557; _fbp=fb.1.1620382557610.942349054; _ym_isad=2
Connection: keep-alive
Referer: https://redhelper.ru/?copy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 Feb 2021 08:03:28 GMT
Server: nginx/1.1.19
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: max-age=31536000
Connection: keep-alive
Expires: Sat, 07 May 2022 10:15:57 GMT

GET
H2

200

1
mc.yandex.com/watch/34357155/
Redirect Chain

https://mc.yandex.com/watch/34357155?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/34357155/1?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3A...

184 B
266 B

51ms
51ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/34357155/1?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1348563484046%3Ahid%3A551989974%3Az%3A120%3Ai%3A20210507121557%3Aet%3A1620382557%3Ac%3A1%3Arn%3A302034704%3Au%3A16203825571062041755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620382556649%3Ads%3A24%2C156%2C54%2C1%2C3%2C0%2C%2C219%2C0%2C%2C%2C%2C475%3Adsn%3A23%2C156%2C55%2C1%2C3%2C0%2C%2C221%2C0%2C%2C%2C%2C475%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620382558%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%B0%20RedHelper.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F.

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 10:15:57 GMT
x-content-type-options: nosniff
last-modified: Fri, 07-May-2021 10:15:57 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://redhelper.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 184
x-xss-protection: 1; mode=block
expires: Fri, 07-May-2021 10:15:57 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 10:15:57 GMT
last-modified: Fri, 07-May-2021 10:15:57 GMT
location: /watch/34357155/1?wmode=7&page-url=https%3A%2F%2Fredhelper.ru%2F%3Fcopy&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A487%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A1348563484046%3Ahid%3A551989974%3Az%3A120%3Ai%3A20210507121557%3Aet%3A1620382557%3Ac%3A1%3Arn%3A302034704%3Au%3A16203825571062041755%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620382556649%3Ads%3A24%2C156%2C54%2C1%2C3%2C0%2C%2C219%2C0%2C%2C%2C%2C475%3Adsn%3A23%2C156%2C55%2C1%2C3%2C0%2C%2C221%2C0%2C%2C%2C%2C475%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620382558%3At%3A%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82%20%D0%B4%D0%BB%D1%8F%20%D1%81%D0%B0%D0%B9%D1%82%D0%B0%20RedHelper.%20%D0%91%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%B0%D1%8F%20%D0%B2%D0%B5%D1%80%D1%81%D0%B8%D1%8F.
strict-transport-security: max-age=31536000
access-control-allow-origin: https://redhelper.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 07-May-2021 10:15:57 GMT

GET
H/1.1 200
OK main.js
web.redhelper.ru/container/ 220 KB
62 KB 70ms
69ms Script
application/x-javascript 185.39.82.40
LIVETEX-2

General

Check archive.org

Show headers Download Go to

Full URL: https://web.redhelper.ru/container/main.js?version=3.1.539.1601295636991
Requested by: Host: web.redhelper.ru
URL: https://web.redhelper.ru/service/main.js?c=rhlp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.39.82.40 , Russian Federation, ASN207472 (LIVETEX-2, RU),
Reverse DNS
Software: nginx/1.1.19 /
Resource Hash

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 10:15:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2020 12:20:37 GMT
Server: nginx/1.1.19
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: max-age=1814400
Connection: keep-alive
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 63593
Expires: Fri, 28 May 2021 10:15:57 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 43ms
21ms Ping
text/plain 2a03:2880:f108:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://redhelper.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypgYp9e22VMwu45tG

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 07 May 2021 10:15:58 GMT
content-type: text/plain
access-control-allow-origin: https://redhelper.ru
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
i0.redhelper.ru
i1.redhelper.ru
i2.redhelper.ru
mc.yandex.com
mc.yandex.ru
redhelper.ru
ssl.google-analytics.com
static.doubleclick.net
vk.com
web.redhelper.ru
www.facebook.com
www.google.com
www.gstatic.com
www.youtube.com
185.39.82.40
185.39.82.42
2a00:1450:4001:808::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2008
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a02:6b8::1:119
2a03:2880:f008:8:face:b00c:0:1
2a03:2880:f108:83:face:b00c:0:25de
93.186.225.208
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
0df5a4843c296d7f9f94a016ea7156b07a2b7a208c3a731a0a50db863d76ab81
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1799d76ce87933444e4206b33020fc7dba1feb17d040b6f3d0cd817c003cd9b2
2e7cdc62af7e3b258423c9960c5b729972a9a32f2ecad64de80d0820aa451be4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302087a8d1a8ed7db9c0e71c965a799fb8ac60613e1bbff5ff0fa1a0052791e8
39b7b112467869c256239a43ea5a4a55edc9493b2ae499468f6c80c6109e39b1
3eae13d9ddbcaf76df8f364634f94982ce908c796464715d2a344b4e9b56c0b3
458f0d6ddd69b45ae8a3858e346eb5c4dd6557d07a6f93e41819ceca18003603
533a0798ca3247c45135ab7afb73c7b26919ebcfe7bee8d12ae16a4cb58f94be
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
55e725516dbc32af695376404926f3bf191a4c66a331e8c0425cbca2c8f017de
6b379f1e8283e8352b762210640f5a0a807a9d8fd1f893a6536e7e2c13bc4096
70c4b5657b710d77b6de61a849a587107870a051acf621e5154f986d947faeaa
74ffce6b43cf05b4131e777b472871a1e6670df73f417b3469cef8dbffe9dc79
75261f02298e7cc50cb3be046295cab8890e70d614d40b2816d27078eb0adde6
76b7d1ef1d3cfea4e0aa2ce1734657e70ef264c7d736760cc841b4f08b323c39
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8609b3d3778e8c5fe6587feac3c923ac3e8b77ec378b8ef07f10f03098a7e3bf
860d81994a388f35e32000aff95339f4d3f6ef02cbde15296dfe83b7fd47eb73
9f5a27493930e3243a74fe821755e7e89c8cf202ef7f82af009e2032920772ee
a1c80f2097d6d230ece598be0dcda7fe6de98fbc926362d018f4cf464debea4a
a4755266cc67bf7368e7d43b770664b04baaa544ca8af918d1591899eed3535a
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a7ec928e7a2b2cc60363c91ea2fbcfa4ef155a02ad611d5b26dff2d233cede8c
b85e424e720fa1da51b55179ef4195cc36d0e0ec3a7dde697bd521aaef6f5ff8
b96298343ba06e7be76cd282eb2a1424fcfc0c84a69591d533d3a528de2f533f
c0e8d5c0c8a12f2b2795cf50e988c410cd13b060a185a8a8323844e9bd721170
c8c096ffcb4226a082909b628ef280c12c278bbef33663452bc4a5a73d5498ba
cf592ded5e37c31c3e1df0010cb88f9e742411dc388ba1a9da05d6b562c52d1a
d734f754818640182634138d32b04fd8c84d4eea4daa098eef28e2a2bac7ab5f
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
ded8720bb1efc5e3d974d75a6c5c487d78167a208bc9cf15066ff83e73c80d8e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

redhelper.ru Open in urlscan Pro 185.39.82.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

45 Requests

100 %HTTPS

77 %IPv6

11 Domains

17 Subdomains

14 IPs

3 Countries

2168 kBTransfer

4588 kBSize

0 Cookies

0 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

redhelper.ru Open in urlscan Pro
185.39.82.40 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

100 %
HTTPS

77 %
IPv6

11
Domains

17
Subdomains

14
IPs

3
Countries

2168 kB
Transfer

4588 kB
Size

0
Cookies

45 HTTP transactions
1 data transactions