fan-news.org Open in urlscan Pro
45.131.144.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv3...
Submission: On December 15 via api (December 15th 2021, 5:11:43 am UTC) from US — Scanned from DE

Summary HTTP 376 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 73 IPs in 12 countries across 66 domains to perform 376 HTTP transactions. The main IP is 45.131.144.3, located in Bucharest, Romania and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is fan-news.org.
TLS certificate: Issued by R3 on December 3rd 2021. Valid for: 3 months.

This is the only time fan-news.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	45.131.144.3 45.131.144.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2 11	2a02:6b8:20::215 2a02:6b8:20::215	208722 (YNDX) (YNDX)
12	2a02:6b8:a::a 2a02:6b8:a::a	208722 (YNDX) (YNDX)
38	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
12	92.38.138.91 92.38.138.91	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
5	88.208.46.51 88.208.46.51	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a02:6b8::16b 2a02:6b8::16b	208722 (YNDX) (YNDX)
1 4	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3 25	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
19	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
24	2a02:6b8::90 2a02:6b8::90	208722 (YNDX) (YNDX)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3 8	23.111.200.117 23.111.200.117	7979 (SERVERS-COM) (SERVERS-COM)
2 9	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	146.0.227.107 146.0.227.107	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 2	104.19.135.78 104.19.135.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	185.15.175.157 185.15.175.157	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	93.184.221.133 93.184.221.133	15133 (EDGECAST) (EDGECAST)
1	151.236.71.19 151.236.71.19	204720 (CDNETWORKS) (CDNETWORKS)
5 6	18.185.209.98 18.185.209.98	16509 (AMAZON-02) (AMAZON-02)
3 3	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 3	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	18.168.102.56 18.168.102.56	16509 (AMAZON-02) (AMAZON-02)
3 4	193.232.150.70 193.232.150.70	48061 (UMA-TECH-AS) (UMA-TECH-AS)
5 6	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	35.244.223.69 35.244.223.69	15169 (GOOGLE) (GOOGLE)
4	2a02:6b8::184 2a02:6b8::184	208722 (YNDX) (YNDX)
4	2a02:6b8::36 2a02:6b8::36	208722 (YNDX) (YNDX)
6	185.180.43.83 185.180.43.83	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	34.117.231.160 34.117.231.160	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3 3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	91.216.195.7 91.216.195.7	12516 (WEBORAMA ...) (WEBORAMA Weborama provides Internet Services)
4	35.201.81.244 35.201.81.244	15169 (GOOGLE) (GOOGLE)
2 2	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 3	35.201.80.102 35.201.80.102	15169 (GOOGLE) (GOOGLE)
1 2	52.95.115.196 52.95.115.196	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:6b8::5:114 2a02:6b8::5:114	208722 (YNDX) (YNDX)
4 5	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
1	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
2 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	92.223.103.27 92.223.103.27	199524 (GCORE) (GCORE)
1	5.188.150.181 5.188.150.181	199524 (GCORE) (GCORE)
6	92.223.103.92 92.223.103.92	199524 (GCORE) (GCORE)
1	92.223.103.220 92.223.103.220	199524 (GCORE) (GCORE)
1 1	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
2 10	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
10	2a00:1450:400... 2a00:1450:4001:62::a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2016	15169 (GOOGLE) (GOOGLE)
1 1	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
10	92.223.103.253 92.223.103.253	199524 (GCORE) (GCORE)
1	79.125.73.87 79.125.73.87	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
6	83.229.25.119 83.229.25.119	199524 (GCORE) (GCORE)
2	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
3	87.240.190.67 87.240.190.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 1	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	37.18.103.21 37.18.103.21	205675 (HYBRID-AS) (HYBRID-AS)
1 1	81.163.17.245 81.163.17.245	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1 1	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.237.106 148.251.237.106	24940 (HETZNER-AS) (HETZNER-AS)
1 1	144.76.138.28 144.76.138.28	24940 (HETZNER-AS) (HETZNER-AS)
4 5	217.66.147.161 217.66.147.161	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
2 2	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
1	138.201.65.66 138.201.65.66	24940 (HETZNER-AS) (HETZNER-AS)
3 3	83.222.114.189 83.222.114.189	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
3	87.240.129.135 87.240.129.135	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2 3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
6	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
3	146.185.194.45 146.185.194.45	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3	65.108.1.48 65.108.1.48	24940 (HETZNER-AS) (HETZNER-AS)
3 6	188.34.131.134 188.34.131.134	24940 (HETZNER-AS) (HETZNER-AS)
376	73

22 45.131.144.3 (Bucharest, Romania)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

fan-news.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.starhit-cdn.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8:20::215 (Moscow, Russian Federation) 2 redirects

ASN208722 (YNDX, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 92.38.138.91 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f10.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 88.208.46.51 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ferdarius.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn01.nativeroll.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn01.seedr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn02.nativeroll.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jstracer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.111.200.117 (Russian Federation) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.107 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

ads.go2net.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.135.78 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

sync.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.157 (Russian Federation) 1 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)

cstatic.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.19 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.185.209.98 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.67.61 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.168.102.56 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-168-102-56.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.232.150.70 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp14.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 31.172.81.160 (Muehlheim am Main, Germany) 5 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.159 (Muehlheim am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.223.69 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com

wf.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.180.43.83 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host83.seedr.ru

statsb.nativeroll.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.231.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com

ds.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.216.195.7 (France) 1 redirects

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: std-collect-lb-c03-02-vip.weborama.fr

wam-google.solution.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.244 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.80.102 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.115.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)

ysa-static.passport.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.120.68 (Russian Federation) 4 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.172 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.103.27 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f17.moevideo.net

playreplay.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.188.150.181 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)

thesame.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.223.103.92 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f44.moevideo.net

cs-0.moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.103.220 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f58.moevideo.net

playreplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.16.14 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 195.209.108.47 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:62::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 92.223.103.253 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f36.moevideo.net

moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.73.87 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com

s.pubmine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 83.229.25.119 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: fvm9.moevideo.net

am-0.moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

moevideo-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.21 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN50340 (SELECTEL-MSK, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.9.59 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.237.106 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-1.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.138.28 (Thale, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-3.community.moscow

0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.161 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-161-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.87.44.187 (Moscow, Russian Federation) 2 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.65.66 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.114.189 (Russian Federation) 3 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.129.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-129-240-87.vk.com

login.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

clientside-video-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.185.194.45 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host45.seedr.ru

stats.seedr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.108.1.48 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.48.1.108.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.34.131.134 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.134.131.34.188.clients.your-server.de

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	yandex.ru 1 redirects yandex.ru matchid.adfox.yandex.ru mc.yandex.ru an.yandex.ru ysa-static.passport.yandex.ru jstracer.yandex.ru	417 KB
38	mail.ru ad.mail.ru	572 KB
24	nativeroll.tv cdn01.nativeroll.tv cdn02.nativeroll.tv statsb.nativeroll.tv	614 KB
24	moevideo.biz moevideo.biz cs-0.moevideo.biz am-0.moevideo.biz	594 KB
23	youtube.com www.youtube.com	815 KB
21	yandex.com 2 redirects mc.yandex.com	5 KB
21	fan-news.org fan-news.org	373 KB
19	doubleclick.net 5 redirects googleads.g.doubleclick.net cm.g.doubleclick.net static.doubleclick.net pubads.g.doubleclick.net	28 KB
14	ytimg.com i.ytimg.com	653 KB
12	weborama.fr 3 redirects cstatic.weborama.fr wf.frontend.weborama.fr ds.frontend.weborama.fr wam-google.solution.weborama.fr idsync.frontend.weborama.fr redirect.frontend.weborama.fr	12 KB
11	yastatic.net 2 redirects yastatic.net	625 KB
10	moe.video moe.video	63 KB
10	googlevideo.com r5---sn-4g5e6nsk.googlevideo.com	3 MB
10	adriver.ru 2 redirects ad.adriver.ru	8 KB
9	com.ru 6 redirects rtb.com.ru adx.com.ru	5 KB
9	google.com 2 redirects adservice.google.com www.google.com	15 KB
9	betweendigital.com 3 redirects ads.betweendigital.com cache.betweendigital.com	6 KB
8	yandex.net avatars.mds.yandex.net favicon.yandex.net	79 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	184 KB
7	mts.ru 6 redirects sm.rtb.mts.ru tech.rtb.mts.ru	4 KB
7	rutarget.ru nativeroll-sync.rutarget.ru Failed moevideo-sync.rutarget.ru clientside-video-bidder.rutarget.ru	3 KB
7	google-analytics.com www.google-analytics.com	118 KB
7	google.de adservice.google.de www.google.de	2 KB
6	vk.com vk.com login.vk.com	70 KB
6	bumlam.com 5 redirects sync.bumlam.com	4 KB
6	bidswitch.net 5 redirects x.bidswitch.net	3 KB
5	aidata.io 4 redirects x01.aidata.io	3 KB
5	ferdarius.com ferdarius.com	39 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	adhigh.net 3 redirects px.adhigh.net	2 KB
4	googleadservices.com 2 redirects partner.googleadservices.com www.googleadservices.com	16 KB
4	seedr.com cdn01.seedr.com stats.seedr.com	4 KB
4	gstatic.com fonts.gstatic.com	93 KB
4	uuidksinc.net 1 redirects s.uuidksinc.net uuidksinc.net	3 KB
3	bidvol.com ssp.bidvol.com	1 KB
3	upravel.com 3 redirects sync.upravel.com 0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com	2 KB
3	weborama.com 1 redirects dx.frontend.weborama.com	481 B
3	tapad.com 2 redirects pixel.tapad.com	1 KB
3	mookie1.com 3 redirects odr.mookie1.com	2 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru	706 B
2	pubmatic.com 2 redirects image6.pubmatic.com	541 B
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com	2 KB
2	criteo.com 2 redirects gum.criteo.com	740 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	digitaltarget.ru 1 redirects dmg.digitaltarget.ru	1 KB
2	mgid.com 1 redirects sync.mgid.com	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
1	otm-r.com sync.dmp.otm-r.com	69 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru	759 B
1	hybrid.ai dm-eu.hybrid.ai	238 B
1	opera.com t.adx.opera.com	409 B
1	onetag-sys.com onetag-sys.com	814 B
1	pubmine.com s.pubmine.com	286 B
1	playreplay.net playreplay.net	332 B
1	thesame.tv thesame.tv	332 B
1	playreplay.me playreplay.me	332 B
1	ggpht.com yt3.ggpht.com	4 KB
1	sniperlog.ru sync3.sniperlog.ru	516 B
1	rlcdn.com idsync.rlcdn.com	416 B
1	agkn.com 1 redirects aa.agkn.com	373 B
1	go2net.com.ua 1 redirects ads.go2net.com.ua	480 B
1	googleapis.com fonts.googleapis.com	1 KB
1	starhit-cdn.ru i.starhit-cdn.ru	606 KB
376	66

	Domain	Requested by
38	ad.mail.ru	fan-news.org moevideo.biz ad.mail.ru
23	www.youtube.com	moevideo.biz www.youtube.com fan-news.org
21	mc.yandex.com	2 redirects fan-news.org mc.yandex.ru
21	fan-news.org	fan-news.org
15	an.yandex.ru	yastatic.net uuidksinc.net fan-news.org moevideo.biz
14	i.ytimg.com	fan-news.org
12	cdn01.nativeroll.tv	fan-news.org cdn01.nativeroll.tv moevideo.biz
12	moevideo.biz	fan-news.org moevideo.biz
12	yandex.ru	fan-news.org yastatic.net moevideo.biz
11	yastatic.net	2 redirects yastatic.net an.yandex.ru fan-news.org
10	moe.video	moevideo.biz
10	r5---sn-4g5e6nsk.googlevideo.com	www.youtube.com
10	ad.adriver.ru	2 redirects fan-news.org moevideo.biz
9	jstracer.yandex.ru	an.yandex.ru yastatic.net
9	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com www.youtube.com www.googleadservices.com
8	www.google.com	2 redirects www.youtube.com tpc.googlesyndication.com
8	ads.betweendigital.com	3 redirects fan-news.org
7	www.google-analytics.com	cdn01.nativeroll.tv moevideo.biz
6	adx.com.ru	3 redirects
6	pubads.g.doubleclick.net	moevideo.biz
6	clientside-video-bidder.rutarget.ru	moevideo.biz
6	www.google.de
6	am-0.moevideo.biz	moevideo.biz
6	cs-0.moevideo.biz	moevideo.biz
6	statsb.nativeroll.tv	cdn01.nativeroll.tv fan-news.org
6	sync.bumlam.com	5 redirects
6	x.bidswitch.net	5 redirects fan-news.org
6	cdn02.nativeroll.tv	cdn01.nativeroll.tv
6	pagead2.googlesyndication.com	fan-news.org pagead2.googlesyndication.com tpc.googlesyndication.com
5	sm.rtb.mts.ru	4 redirects
5	x01.aidata.io	4 redirects
5	ferdarius.com	fan-news.org ferdarius.com
4	idsync.frontend.weborama.fr	cstatic.weborama.fr
4	favicon.yandex.net	fan-news.org
4	avatars.mds.yandex.net	fan-news.org
4	px.adhigh.net	3 redirects
4	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
4	mc.yandex.ru	1 redirects fan-news.org yastatic.net
3	ssp.bidvol.com	moevideo.biz
3	stats.seedr.com	moevideo.biz
3	www.googleadservices.com	2 redirects yastatic.net
3	login.vk.com	vk.com
3	rtb.com.ru	3 redirects
3	vk.com	ad.mail.ru
3	dx.frontend.weborama.com	1 redirects cstatic.weborama.fr
3	cm.g.doubleclick.net	3 redirects
3	pixel.tapad.com	2 redirects cstatic.weborama.fr
3	odr.mookie1.com	3 redirects
3	cstatic.weborama.fr	cdn01.nativeroll.tv cstatic.weborama.fr
2	tech.rtb.mts.ru	2 redirects
2	sync.upravel.com	2 redirects
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	www.tns-counter.ru	1 redirects fan-news.org
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	image6.pubmatic.com	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects cstatic.weborama.fr
2	gum.criteo.com	2 redirects
2	secure.adnxs.com	2 redirects
2	wf.frontend.weborama.fr	1 redirects fan-news.org
2	ap.lijit.com	2 redirects
2	sync3.adsniper.ru	2 redirects
2	dmg.digitaltarget.ru	1 redirects uuidksinc.net
2	sync.mgid.com	1 redirects uuidksinc.net
2	uuidksinc.net	fan-news.org ferdarius.com
2	counter.yadro.ru	1 redirects fan-news.org
2	s.uuidksinc.net	1 redirects uuidksinc.net
2	matchid.adfox.yandex.ru	yastatic.net
1	sync.dmp.otm-r.com
1	0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com	1 redirects
1	exchange.buzzoola.com	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	dm-eu.hybrid.ai
1	moevideo-sync.rutarget.ru	1 redirects
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	s.pubmine.com	fan-news.org
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	redirect.frontend.weborama.fr	1 redirects
1	playreplay.net	moevideo.biz
1	thesame.tv	moevideo.biz
1	playreplay.me	moevideo.biz
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	sync3.sniperlog.ru	fan-news.org
1	ysa-static.passport.yandex.ru	fan-news.org
1	idsync.rlcdn.com	cstatic.weborama.fr
1	wam-google.solution.weborama.fr	1 redirects
1	ds.frontend.weborama.fr	cstatic.weborama.fr
1	aa.agkn.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	ads.go2net.com.ua	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdn01.seedr.com	cdn01.nativeroll.tv
1	fonts.googleapis.com	fan-news.org
1	i.starhit-cdn.ru	fan-news.org
0	nativeroll-sync.rutarget.ru Failed	fan-news.org
376	99

This site contains links to these domains. Also see Links.

Domain
pro-match.ru
www.liveinternet.ru

Subject Issuer	Validity	Valid
mi7.ru R3	`2021-12-03` - `2022-03-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
i.starhit-cdn.ru R3	`2021-12-13` - `2022-03-13`	3 months	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2021-04-27` - `2022-05-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
ferdarius.com R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-08-26` - `2022-02-18`	6 months	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn01.nativeroll.tv R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
uuidksinc.net R3	`2021-10-16` - `2022-01-14`	3 months	crt.sh
cdn01.seedr.com R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-21` - `2022-10-22`	a year	crt.sh
cdn02.nativeroll.tv R3	`2021-12-09` - `2022-03-09`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
avatars.mds.yandex.net Yandex CA	`2021-08-31` - `2022-03-01`	6 months	crt.sh
favicon.yandex.net Yandex CA	`2021-11-23` - `2022-04-24`	5 months	crt.sh
statsb.nativeroll.tv R3	`2021-12-14` - `2022-03-14`	3 months	crt.sh
*.frontend.weborama.fr Go Daddy Secure Certificate Authority - G2	`2021-02-20` - `2022-03-24`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
ysa-static.passport.yandex.net Yandex CA	`2021-08-21` - `2022-02-19`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.playreplay.me AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
*.thesame.tv AlphaSSL CA - SHA256 - G2	`2021-06-09` - `2022-07-11`	a year	crt.sh
*.playreplay.net AlphaSSL CA - SHA256 - G2	`2021-10-08` - `2022-11-09`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2021-11-09` - `2022-01-18`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.moe.video AlphaSSL CA - SHA256 - G2	`2021-01-15` - `2022-02-16`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh
jstracer.yandex.ru Yandex CA	`2021-11-17` - `2022-05-18`	6 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
ltmse.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
*.bumlam.com R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
*.frontend.weborama.com Go Daddy Secure Certificate Authority - G2	`2021-08-28` - `2022-09-29`	a year	crt.sh
yandex.ru Yandex CA	`2021-08-30` - `2022-02-28`	6 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
stats.seedr.ru R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
ssp.bidvol.com R3	`2021-11-29` - `2022-02-27`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Frame ID: EF0515192674D56D1876B1467CA070BF
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 0418AF4D419062784E35D8B575A0BA8A
Requests: 1 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Frame ID: 94E1B7E9B7C0F415E8EE66E50E181284
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545090&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545090699&bpp=2&bdt=434&idt=166&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6338030482093&frm=20&pv=2&ga_vid=1796420023.1639545091&ga_sid=1639545091&ga_hid=749043234&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063247&oid=2&pvsid=1603628987897109&pem=191&tmod=465&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193
Frame ID: 905686EE52F373F5E6239459D151B62C
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: FBF519526B25E6FCD94E36EEEF818666
Requests: 17 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Ffan-news.org
Frame ID: C9C15647CDB4929D29E4FEFF6A982387
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8f860aa6-d24d-515d-9829-db2df990a22f&CACHEBUSTER=292804
Frame ID: 9623D66118B9129C5E53DBA62AC3C3CC
Requests: 7 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Frame ID: F1F943B491F3A0933EEF470CF0526A2A
Requests: 11 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 1D9B8F8BC3DEEF1005F3B9AE54F603BE
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Frame ID: 0903A55C5359A4B5B341A25FBDE7DD84
Requests: 52 HTTP requests in this frame

Frame: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Frame ID: 60F050A57AF25055503BD11BC3ED3D80
Requests: 132 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: 7AA87FB5014FAB1475AB7CC71977C15F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: FE232CB9C1D56BD32D08A23348814FF0
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 28D50A916E6CD5111220613974F3BEF6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 68A6088E8572942C3F63E94F0661C323
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: DB10E746EF1ABC6552194C817EAFE326
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 3548D06F4337228849FBDA49ABD19C2C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 97A28AD9BE57D340AA517C876F8D8232
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B0C0A94F30B9F37F8323363010114C4F
Requests: 2 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: D6E311AEAFEC4F99BE2CC5B1472D0D88
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 584F673A34A7D90B22814193A5477248
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: FDDCAAC583D7E5E429572FAA235CFBAB
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 651F2BFF3FE7E4C5315D423ACE3E3BAE
Requests: 4 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: ECC20702C95E6C74FF59CBCB37BFFCF0
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 45A6EDD5C56600542E3CA91B0B6DAC40
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: E948EC0C823983B5731FA3EAACF1CF29
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 1CE55F9F92AD53F8B4AA1C2D1240B334
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 38FDB0669133414C1E755B1BABA54A52
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: FEA5612EE40874D96BB838D89BAAAFE0
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: BD325BF34AC6F44F3AA293CCA62AB5D2
Requests: 4 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: ABEE991C5C242C360AFCF92463BEF670
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: FA244DD94B45F036383C77539A2DCDD3
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: E11C5836B430A330CDE16E5C13D35CCF
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: CF7BC90C7F4E20B4F65AAF864980E665
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: CFBE7B7F0842C2B4E7A685250BB61D1E
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: 7166D59FAAA3FDF22786B8DDC1AFC088
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: A097DF4B8F4183017D28383F5F63A8D9
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: ADBA7CECE9524BF0EDDD5D7CA0CD1DBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Chat Asuransi Warisan Vanessa Angel ke Doddy Sudrajat Wow Banget

Page Statistics

376
Requests

89 %
HTTPS

30 %
IPv6

66
Domains

99
Subdomains

73
IPs

12
Countries

8743 kB
Transfer

18365 kB
Size

118
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://pro-match.ru/?utm_source=mi7
Title: Новости спорт

Search URL Search Domain Scan URL

URL: https://pro-match.ru/footbal/euro2020/tournament?utm_source=mi7
Title: EURO 2020

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://yandex.ru/ads/system/header-bidding.js

Request Chain 8

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://yandex.ru/ads/system/context.js

Request Chain 16

https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Ffan-news.org%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP 302
https://fan-news.org/setuid?CDSfxWQNMmpubcnywfx7

Request Chain 30

https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.09480482042288729 HTTP 302
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.09480482042288729

Request Chain 31

https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479&crf=1

Request Chain 47

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9488.EjIPcQEvMNqiRu1JDkOaN-z75Tl29DEphm-eVV52nn2KX1so_Qpc4aWgIY3NAatl.xwhS6bPOHgPhZTd0ibykKAWtkxE%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9488.-WrvaOn5WwfyhzZeXefuFaS3do-GrquuSSaV4zL99GhNx-NguqWsdpCExqGdyYFcUD8QtvrQagQq4WHXsza7SKP1lgO7mtyj4KcfeARucGQ%2C.uavLGPpLowEe9bmO9hRvDxGiJOk%2C

Request Chain 56

https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP 302
https://s.uuidksinc.net/match/760/9f2c253ca5964f6a8f7c4abc15725ab1

Request Chain 57

https://sync.mgid.com/m?cdsp=117798&c=CDSfxWQNMmpubcnywfx7 HTTP 307
https://sync.mgid.com/m?c=CDSfxWQNMmpubcnywfx7&cdsp=117798&sct=1

Request Chain 58

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471

Request Chain 73

https://mc.yandex.com/watch/72623899?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A481%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051130%3Aet%3A1639545091%3Ac%3A1%3Arn%3A795987637%3Arqn%3A1%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090163%3Ads%3A9%2C28%2C62%2C18%2C0%2C0%2C%2C400%2C6%2C%2C%2C%2C502%3Adsn%3A10%2C28%2C61%2C18%2C0%2C0%2C%2C384%2C6%2C%2C%2C%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A481%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051130%3Aet%3A1639545091%3Ac%3A1%3Arn%3A795987637%3Arqn%3A1%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090163%3Ads%3A9%2C28%2C62%2C18%2C0%2C0%2C%2C400%2C6%2C%2C%2C%2C502%3Adsn%3A10%2C28%2C61%2C18%2C0%2C0%2C%2C384%2C6%2C%2C%2C%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 75

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp=between&gdpr=&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10810539063100642173&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10810539063100642173&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbetween%26gdpr_consent%3D%26gdpr%3D HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d7a67273-30e6-40ce-877d-9c8d1a258b31&ssp=between&gdpr_consent=&gdpr= HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164900704001000034503&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=419&user_id=10810539063100642173&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

Request Chain 76

https://px.adhigh.net/p/cm/btw HTTP 302
https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugK7n8goqfJC.AikABlF9vIC0bg

Request Chain 77

https://sync.bumlam.com/?src=bw1&uid=8f860aa6-d24d-515d-9829-db2df990a22f HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiD8uWNBlIFvp7KygpiJDhmODYwYWE2LWQyNGQtNTE1ZC05ODI5LWRiMmRmOTkwYTIyZg** HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiD8uWNBlIFvp7KygpiJDhmODYwYWE2LWQyNGQtNTE1ZC05ODI5LWRiMmRmOTkwYTIyZqIBEHcDhBRdZRHspukAJZDIJDc* HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiD8uWNBmIkOGY4NjBhYTYtZDI0ZC01MTVkLTk4MjktZGIyZGY5OTBhMjJmogEQdwOEFF1lEeym6QAlkMgkNw** HTTP 302
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiD8uWNBmIkOGY4NjBhYTYtZDI0ZC01MTVkLTk4MjktZGIyZGY5OTBhMjJmogEQdwOEFF1lEeym6QAlkMgkNw** HTTP 302
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77038414-5d65-11ec-a6e9-002590c82437

Request Chain 78

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e9118079f2925299312907f4

Request Chain 81

https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091099 HTTP 302
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091099&bounce=1&random=1408085991

Request Chain 82

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://px.adhigh.net/p/cm/bsw?u=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&bidswitch_ssp_id=between HTTP 302
https://x.bidswitch.net/sync?dsp_id=9&user_id=ugK7n8goqfJC.AikABlF9vIC0bg&expires=30&ssp=between HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1 HTTP 301
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELj-xnTM_zP1dl1vUzx5zEg&google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1

Request Chain 112

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6134647262890898040

Request Chain 113

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=Ca8zS6p0OnjpanA-UQwV0-OsBCrbV6Fh

Request Chain 115

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq@ZVRV HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq%40ZVRV&bounce=1&random=3146576782

Request Chain 117

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ&dcc=t

Request Chain 118

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E0DD18DC-8B9A-4E57-A393-AFDCE75363E2

Request Chain 121

https://sync.bumlam.com/?src=aid0 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77038414-5d65-11ec-a6e9-002590c82437 HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77038414-5d65-11ec-a6e9-002590c82437&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=UGrjllhAae3OOpieqKhERQ& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata&google_gid=CAESEMs_wEAK2lbbFWdvCYzhhCM&google_cver=1

Request Chain 144

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D359173 HTTP 302
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=RU4l1/IJzKe64/udK6Kdnu&gt=0&rand=359173

Request Chain 146

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=359173 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=359173&tuid=-6351986564 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=359173&ip=168.119.25.198

Request Chain 161

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 166

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804

Request Chain 169

https://x.bidswitch.net/sync?dsp_id=429&user_id=8f860aa6-d24d-515d-9829-db2df990a22f&expires=60 HTTP 302
https://s.pubmine.com/match?bidder_id=1&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp_data=&gdpr=&gdpr_consent=

Request Chain 173

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8f860aa6-d24d-515d-9829-db2df990a22f HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/8f860aa6-d24d-515d-9829-db2df990a22f

Request Chain 214

https://moevideo-sync.rutarget.ru/sync HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=1&b=sGGKq74mG-yj

Request Chain 218

https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=9c018f59d38f2ffbe47f&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}

Request Chain 220

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
https://cs-0.moevideo.biz/ssp/cs?d=81&b=105b5f7d-3d5c-423a-7feb-2c7f5b410282

Request Chain 221

https://sync.upravel.com/moevideo/sync HTTP 302
https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
https://0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=91&b=0d90fa67-da3e-40a8-b774-8ffd6fb95279

Request Chain 222

https://sm.rtb.mts.ru/p?ssp=moevideo&id=9c018f59d38f2ffbe47f HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=22&exu=9c018f59d38f2ffbe47f HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=2b6efaf1-bfab-4bb2-a0fb-c527ea462116&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D22%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=UGrjllhAae3OOpieqKhERQ

Request Chain 224

https://rtb.com.ru/myvideo-sync?uid=9c018f59d38f2ffbe47f HTTP 302
https://rtb.com.ru/sync?noRedirect=&sspKey=41&sspUserID=9c018f59d38f2ffbe47f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61b97905a62fbd13aae57e89&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61b97905a62fbd13aae57e89%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61b97905a62fbd13aae57e89%2526i%253D7041180506265261277%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61b97905a62fbd13aae57e89%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61b97905a62fbd13aae57e89%25252526nc%2525253D173954472944707482%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61b97905a62fbd13aae57e89%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fcs-0.moevideo.biz%25252525252Fssp%25252525252Fcs%25252525253Fd%25252525253D171%252525252526b%25252525253D61b97905a62fbd13aae57e89 HTTP 302
https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61b97905a62fbd13aae57e89%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%253D224%2526e%253D61b97905a62fbd13aae57e89%2526i%253D7041180506265261277%2526r%253Dhttps%25253A%25252F%25252Fsync.1dmp.io%25252Fpixel.gif%25253Fcid%25253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%252526pid%25253Dw%252526uid%25253D61b97905a62fbd13aae57e89%252526ru%25253Dhttps%2525253A%2525252F%2525252Fcm.p.altergeo.ru%2525252Fspnd%2525253Faid%2525253D61b97905a62fbd13aae57e89%25252526nc%2525253D173954472944707482%25252526url%2525253Dhttps%252525253A%252525252F%252525252Fadx.com.ru%252525252Fadspend-sync%252525253Fuid%252525253D61b97905a62fbd13aae57e89%2525252526r%252525253Dhttps%25252525253A%25252525252F%25252525252Fcs-0.moevideo.biz%25252525252Fssp%25252525252Fcs%25252525253Fd%25252525253D171%252525252526b%25252525253D61b97905a62fbd13aae57e89&google_gid=CAESEHCe6r-kvISWe16vvWYID6Q&google_cver=1 HTTP 302
https://x01.aidata.io/0.gif?pid=6472613&id=61b97905a62fbd13aae57e89&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61b97905a62fbd13aae57e89%26i%3D7041180506265261277%26r%3Dhttps%253A%252F%252Fsync.1dmp.io%252Fpixel.gif%253Fcid%253Dfe2375b0-c617-4a6d-ab2d-f9f457ba8100%2526pid%253Dw%2526uid%253D61b97905a62fbd13aae57e89%2526ru%253Dhttps%25253A%25252F%25252Fcm.p.altergeo.ru%25252Fspnd%25253Faid%25253D61b97905a62fbd13aae57e89%252526nc%25253D173954472944707482%252526url%25253Dhttps%2525253A%2525252F%2525252Fadx.com.ru%2525252Fadspend-sync%2525253Fuid%2525253D61b97905a62fbd13aae57e89%25252526r%2525253Dhttps%252525253A%252525252F%252525252Fcs-0.moevideo.biz%252525252Fssp%252525252Fcs%252525253Fd%252525253D171%2525252526b%252525253D61b97905a62fbd13aae57e89 HTTP 302
https://sm.rtb.mts.ru/p?ssp=aidata&id=UGrjllhAae3OOpieqKhERQ HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=51&exu=UGrjllhAae3OOpieqKhERQ HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=2b6efaf1-bfab-4bb2-a0fb-c527ea462116&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D51%2526em%253D2%2526ssp%253Daidata%2526exu%253DUGrjllhAae3OOpieqKhERQ%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3DUGrjllhAae3OOpieqKhERQ%26id%3D%24UID

Request Chain 225

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=161&b=8f860aa6-d24d-515d-9829-db2df990a22f

Request Chain 235

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BXm5YebcGZK6gQeGq4zQDw&random=496532543&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=2210929551 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=2210929551&ipr=y

Request Chain 236

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BXm5YYbfGbKmx_APuY-oyA8&random=551617573&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988 HTTP 302
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988&ipr=y

Request Chain 273

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

Request Chain 328

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

Request Chain 384

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

376 HTTP transactions
18 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551 Show response
fan-news.org/articles/ 48 KB
48 KB 99ms
61ms Document
text/html 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1809e45521e57c75debded67b84f99955d5c9bc5df14a5fde0bccb452153623b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:30 GMT
content-type: text/html; charset=utf-8
content-length: 48703
x-request-id: f7da0df7ecf04672a008a847532af07b
etag: W/"be3f-SaM5YdraBDVDnQllLEzIvoTzH94"

GET
H2 200 showcase.js Show response
fan-news.org/js/ 186 KB
56 KB 20ms
20ms Script
application/javascript 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/js/showcase.js?v=1639545090247
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 160fcf2a175ed7a3b23f5df798eed25f4e08655f2551de784a85dead75db1dd8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"2e782-17db87a611f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000, public
x-request-id: 95ae1f17d4f64d4e961a1897289122b0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazysizes.min.js Show response
fan-news.org/js/ 8 KB
4 KB 29ms
28ms Script
application/javascript 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/js/lazysizes.min.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"1e5c-17db87a611f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000, public
x-request-id: 83a3e885291744b59a9f27d86c0efe1a
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
fan-news.org/js/ 85 KB
30 KB 26ms
26ms Script
application/javascript 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/js/jquery.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"1538f-17db87a611f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000, public
x-request-id: 93dd55ec90e54bb68b8af9d311864f2b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.sticky-kit.js Show response
fan-news.org/js/ 7 KB
2 KB 28ms
28ms Script
application/javascript 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/js/jquery.sticky-kit.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b546bc7cab1df71d3cf4c78db089e44f39d9fba2861a3d680032542b16dc6aa3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"1a4a-17db87a611f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000, public
x-request-id: 199de457dcab4ebba04ddf8bd69d4590
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pql79m.js Show response
fan-news.org/ 27 KB
10 KB 15ms
14ms Script
application/javascript 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/pql79m.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d709510877e0031541be86a73031c01d6b500acb0362d06e0bf1de98ecba6ff0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 14:54:04 GMT
server: nginx
etag: W/"61b8b00c-6a2c"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 64ms
41ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1cd7647a9642b5025254ccf7c62e6fb3ad01ed6e7384002900fcbc8f3ba97d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51869
x-xss-protection: 0
server: cafe
etag: 16935521545277958025
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 05:11:30 GMT

GET
H2 200 mi7-desktop.css
fan-news.org/css/ 32 KB
6 KB 23ms
23ms Stylesheet
text/css 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: bb8d7b950db8e1947fbf21a39beba854f76f5b7204252befb4a59ba03869fe49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"81fb-17db87a60fb"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: max-age=315360000, public
x-request-id: 4ff9ec49a9ef448e85aa6c23528be44c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

header-bidding.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://yandex.ru/ads/system/header-bidding.js

167 KB
45 KB

126ms
55ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/header-bidding.js

Requested by

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

595a3984a97bf87139e5b67ef1d404cc01351692e8dd6555f13f523949183631

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1639545090472295-6939027344793508301-man2-5330-5d2-man-l7-balancer-8080-BAL-9373
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Dec 2021 06:11:30 GMT

Redirect headers

date: Wed, 15 Dec 2021 05:11:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2

200

context.js Show response
yandex.ru/ads/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://yandex.ru/ads/system/context.js

309 KB
83 KB

175ms
104ms

Script
text/javascript

2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Protocol

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

997bf5e22353927681f54b08480a8330662745d04c0c9f3eb1c5a063b9ae888a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1639545090472566-16896805368761037436-man2-5330-5d2-man-l7-balancer-8080-BAL-6494
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Dec 2021 06:11:30 GMT

Redirect headers

date: Wed, 15 Dec 2021 05:11:30 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://yandex.ru/ads/system/context.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H/1.1 200
OK i4284.gif
ad.mail.ru/ 43 B
600 B 155ms
48ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/i4284.gif
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Type: image/gif
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control: max-age=21600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 15 Dec 2021 11:11:30 GMT

GET
H2 200 61b8b24c3bcc1142ba2bff12.jpg
i.starhit-cdn.ru/steady/61/b8/b2/rect/ 605 KB
606 KB 67ms
21ms Image
image/jpeg 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.starhit-cdn.ru/steady/61/b8/b2/rect/61b8b24c3bcc1142ba2bff12.jpg
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2e6558ef1e0629d90b0a67fabce47a690d39c776348c1b71eeb9a6acba7a0076

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Tue, 14 Dec 2021 15:03:50 GMT
server: nginx
etag: "61b8b256-97384"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
content-length: 619396
expires: Thu, 16 Dec 2021 05:11:30 GMT

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 176 KB
51 KB 389ms
273ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 0f8c642ae1197089671162d94712b5faa270cd8a2e20f4ce9d2e6b9d19757fc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Encoding: gzip
Last-Modified: Sat, 11 Dec 2021 12:52:06 GMT
Server: nginx
X-My-Name: s29
ETag: W/"61b49ef6-2be42"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.086

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Requested by

Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 04:38:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 15 Dec 2021 05:11:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 15 Dec 2021 05:11:30 GMT

GET
H/1.1 200
OK 59wca.js Show response
ferdarius.com/ 81 KB
35 KB 66ms
27ms Script
application/javascript 88.208.46.51
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ferdarius.com/59wca.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 54b7de86913eee22dbd06bea04727646aa8e1c81a8a99165bebe3b7627c25612

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Expires: 0

OPTIONS
H2 200 getcookie
matchid.adfox.yandex.ru/ Frame 0
0 158ms
48ms Preflight 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-headers: accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-credentials: true
date: Wed, 15 Dec 2021 05:11:30 GMT
timing-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://fan-news.org
x-content-type-options: nosniff

POST
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 112 B
394 B 146ms
57ms XHR
application/json 2a02:6b8::16b
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

706832d53a59a4358f53f82220378b7d9d16c4e9593ce8a3ec7eda8b3f76652e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://fan-news.org
date: Wed, 15 Dec 2021 05:11:30 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 112
x-content-type-options: nosniff
content-type: application/json

GET
H2

200

setuid
fan-news.org/
Redirect Chain

https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Ffan-news.org%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
https://fan-news.org/setuid?CDSfxWQNMmpubcnywfx7

74 B
231 B

20ms
20ms

Image
image/png

45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fan-news.org/setuid?CDSfxWQNMmpubcnywfx7
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
content-length: 74
content-type: image/png

Redirect headers

location: https://fan-news.org/setuid?CDSfxWQNMmpubcnywfx7
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx/1.19.0
content-length: 0

GET
H2 200 682f592c3abbcba421dd.js Show response
yastatic.net/partner-code-bundles/50852/ 13 KB
5 KB 32ms
32ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50852/682f592c3abbcba421dd.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

4460976afd7cf0a53dc9a99dc33f599e6cb7f04978085b7d26a0355fd9184d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://fan-news.org/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4454
last-modified: Tue, 14 Dec 2021 15:14:03 GMT
server: nginx/1.17.9
etag: "a7e1089d44faf51162fdacdd50171903"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:44:04 GMT

GET
H2 200 168b05a0425a2a96fb17.js Show response
yastatic.net/partner-code-bundles/50852/ 80 KB
17 KB 43ms
43ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50852/168b05a0425a2a96fb17.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

79e52445208a3bfe13b1845db82b0c681c77773086587b614267a1069fed09a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://fan-news.org/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 17077
last-modified: Tue, 14 Dec 2021 15:14:03 GMT
server: nginx/1.17.9
etag: "ec64a1d1f7c612c9b3884ff74002d0b0"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:44:04 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 86ms
85ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://fan-news.org/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:47:26 GMT

GET
H2 200 e70987c1b74ca24060d4.js Show response
yastatic.net/partner-code-bundles/50852/ 615 KB
125 KB 59ms
57ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/50852/e70987c1b74ca24060d4.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

0a489aa606d06d0abd0937933855334c0514f88cc50c81ad818b8513fcc18f66

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://fan-news.org/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 127758
last-modified: Tue, 14 Dec 2021 15:14:03 GMT
server: nginx/1.17.9
etag: "67369f06d58fad659ab9f1ac3deec285"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:43:17 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 134 KB
48 KB 121ms
58ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 15:27:53 GMT
etag: "61b88dc9-bcf4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 48372
expires: Wed, 15 Dec 2021 06:11:30 GMT

GET
H2 200 3c2bd673e29a0238530c05ff0f19c3f6.svg
fan-news.org/img/sportnews/ 1 KB
2 KB 15ms
15ms Image
image/svg+xml 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fan-news.org/img/sportnews/3c2bd673e29a0238530c05ff0f19c3f6.svg
Requested by: Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c6c25c93d1a2f470a37ac3376616d2a610ba91d5b8509c1ba09138a6004fb195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"44b-17db87a6117"
content-type: image/svg+xml
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 1099
x-request-id: 825dcde4343b4a0ab6477ec5e42dafc9
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Raleway-Bold.woff
fan-news.org/font/ 71 KB
71 KB 16ms
14ms Font
font/woff 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/font/Raleway-Bold.woff
Requested by: Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f07185032b100366a70c5b4453901e2b299ff2e1d717238004f6e92984c05414

Request headers

Referer: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"11b10-17db87a610f"
content-type: font/woff
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 72464
x-request-id: e51cbd3fcd1f4d8f92a59d4dc555531b
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 24 KB
24 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:30:03 GMT
x-content-type-options: nosniff
age: 402087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:30:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 32ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 10 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 400768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 10 Dec 2022 13:52:02 GMT

GET
H2 200 Raleway-Regular.woff
fan-news.org/font/ 70 KB
71 KB 15ms
15ms Font
font/woff 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/font/Raleway-Regular.woff
Requested by: Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 69d1b4e635f8c320c345bef9e268beb8a82786fd810e8f58b112dbea43e774ed

Request headers

Referer: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"117d8-17db87a6113"
content-type: font/woff
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 71640
x-request-id: d4c8a6fc44334ae2b345f8ad5cb30c1c
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 seedr-player.min.js Show response
cdn01.nativeroll.tv/js/ 24 KB
9 KB 41ms
8ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6d6fa4a725cc51ca8f18b629b25ca81dec5c6176e48d9ed4905adccfdd03f6a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-5e3a"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:43:34+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:43:17 GMT

GET
H2 200 v2 Show response
an.yandex.ru/adfox/392060/getBulk/ 135 KB
38 KB 419ms
342ms XHR
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/adfox/392060/getBulk/v2?dl=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&date=2021-12-15T05%3A11%3A30.640%2B00%3A00&pd=15&pdh=1200&pdw=1600&pr1=2103239503&pr=2066919234&prr=&pv=5&pw=3&extid_loader=&extid_tag_loader=fan-news.org&ylv=0.50852&ybv=0.50852&ytt=371634934646805&is-turbo=0&skip-token=&ad-session-id=6252061639545090650&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1198%2C%22h%22%3A0%2C%22width%22%3A1198%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A51%2C%22top%22%3A648%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=50852&availableWidth=1198&availableHeight=0&pp=btko&ps=ffhv&p2=y&partner-stat-id=111194&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=463847%2C0%2C95%3B462894%2C0%2C57%3B472983%2C0%2C15%3B452125%2C0%2C36%3B464223%2C0%2C15%3B462727%2C0%2C17%3B472749%2C0%2C20%3B471057%2C0%2C8%3B457305%2C0%2C79%3B471831%2C0%2C58%3B464022%2C0%2C99%3B472134%2C0%2C45%3B406668%2C0%2C42%3B437233%2C0%2C-1%3B204296%2C0%2C34%3B471186%2C0%2C87%3B470333%2C0%2C46&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22472631%22%2C%22testId%22%3A%22472859%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22470857%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22463847%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22EXP%22%2C%22testId%22%3A%22462894%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22472983%22%2C%22testId%22%3A%22472983%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22LONG_DOMAIN_SCROLL%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22464223%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22472749%22%7D%5D%2C%22COMBO_SSR_ON_POGODA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471057%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22MOTION_NEW_FULLSCREEN%22%3A%5B%7B%22value%22%3A%22light%22%2C%22testId%22%3A%22471831%22%7D%5D%2C%22HORIZONTAL_SD_NO_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22464022%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22lead%22%2C%22testId%22%3A%22464022%22%7D%5D%2C%22POSTER_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22472134%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22406668%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=O7iZe4NHYqZxcwX%2F2Q%2FYBv26ZPXkAyFL2duoRE7t9iYLR3e2nW%2Fgk5kV%2FvSt%2BwSgVIR%2Fbwku7RBH0Nmydbe%2BVMaP6dM%3D&grab-orig-len=228&grab=dENoYXQgQXN1cmFuc2kgV2FyaXNhbiBWYW5lc3NhIEFuZ2VsIGtlIERvZGR5IFN1ZHJhamF0IFdvdyBCYW5nZXQKMU1pNyAKMk5ld3MgCjPQntCx0YDQsNGC0LjRgtC1INCy0L3QuNC80LDQvdC40LUg0L3QsCDRjdGC0Lgg0YPQtNC40LLQuNGC0LXQu9GM0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAK&tga-with-creatives=1

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

dc423d0a2f66930b23e480184826762ac710575f9c38f2046581f303173ef8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
ssr: true
x-yandex-req-id: 1639545090753154-764616502973185721700366-production-app-host-man-pcode-109
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 15 Dec 2021 05:11:30 GMT
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Wed, 15 Dec 2021 05:11:30 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383...
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f3...

445 B
931 B

40ms
40ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.09480482042288729

Requested by

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 445
Expires: Mon, 14 Dec 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.09480482042288729
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 14 Dec 2020 21:00:00 GMT

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479
https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479&crf=1

882 B
980 B

59ms
59ms

Script
text/javascript

23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479&crf=1
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: a3ce49879d064ad5f44706721d775729f04a134dc9143d2e88347b8ef7e93fb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 882
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=43945&randsalt=3392116479&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 34ms
32ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101734
x-xss-protection: 0
server: cafe
etag: 4507154694380913909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 05:11:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 0418 11 KB
5 KB 43ms
11ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 14 Dec 2021 18:37:20 GMT
expires: Tue, 28 Dec 2021 18:37:20 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 38050
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 94E1 2 KB
1 KB 21ms
12ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

server: nginx/1.19.0
date: Wed, 15 Dec 2021 05:11:30 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 194 KB
66 KB 40ms
40ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: fan-news.org
URL: https://fan-news.org/pql79m.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 15:27:53 GMT
etag: "61b88dc9-107fa"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 67578
expires: Wed, 15 Dec 2021 06:11:30 GMT

GET
H2 200 advert.js Show response
cdn01.seedr.com/js/ 24 B
242 B 39ms
8ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.seedr.com/js/advert.js
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Mon, 26 Jul 2021 15:37:20 GMT
server: nginx
etag: "60fed6b0-18"
x-cached-since: 2021-12-15T03:43:58+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
content-length: 24
expires: Mon, 26 Jul 2021 22:15:46 GMT

POST
H/1.1 200
OK 54mzj Show response
ferdarius.com/ 1 KB
1 KB 24ms
23ms Fetch
application/json 88.208.46.51
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ferdarius.com/54mzj
Requested by: Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: ecaf6f4324283109294c9e67f0ed910b5f51a3c12a1f2b305391ce6c8bff8a2f

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:30 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://fan-news.org
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 0

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
13ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321120&showTeaserName=0&imgX=100&imgY=100&gdpr=0&gdprConsent=&limit=4&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
13ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321121&showTeaserName=0&imgX=325&imgY=325&gdpr=0&gdprConsent=&limit=2&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321122&showTeaserName=0&imgX=216&imgY=180&gdpr=0&gdprConsent=&limit=2&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321124&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321125&showTeaserName=0&imgX=275&imgY=184&gdpr=0&gdprConsent=&limit=4&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321126&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 17ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321127&showTeaserName=0&imgX=275&imgY=184&gdpr=0&gdprConsent=&limit=4&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
14ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321128&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2 204 get_data
fan-news.org/ 0
0 16ms
15ms Fetch 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321129&showTeaserName=0&imgX=250&imgY=250&gdpr=0&gdprConsent=&limit=9&sspUid=30e7209b-1586-4cf9-b58e-fbd205e04761&format=json&pageCatID=122&titleMaxLen=110
Requested by: Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
server: nginx
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS, GET, POST, OPTIONS

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9488.EjIPcQEvMNqiRu1JDkOaN-z75Tl29DEphm-eVV52nn2KX1so_Qpc4aWgIY3NAatl.xwhS6bPOHgPhZTd0ibykKAWtkxE%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9488.-WrvaOn5WwfyhzZeXefuFaS3do-GrquuSSaV4zL99GhNx-NguqWsdpCExqGdyYFcUD8QtvrQagQq4WHXsza7SKP1lgO7mtyj4KcfeARucGQ%2C.uavLGPpLowEe9bmO9hRvDxGiJOk%2C

43 B
331 B

32ms
31ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9488.-WrvaOn5WwfyhzZeXefuFaS3do-GrquuSSaV4zL99GhNx-NguqWsdpCExqGdyYFcUD8QtvrQagQq4WHXsza7SKP1lgO7mtyj4KcfeARucGQ%2C.uavLGPpLowEe9bmO9hRvDxGiJOk%2C

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9488.-WrvaOn5WwfyhzZeXefuFaS3do-GrquuSSaV4zL99GhNx-NguqWsdpCExqGdyYFcUD8QtvrQagQq4WHXsza7SKP1lgO7mtyj4KcfeARucGQ%2C.uavLGPpLowEe9bmO9hRvDxGiJOk%2C
date: Wed, 15 Dec 2021 05:11:30 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 40ms
15ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=fan-news.org&callback=_gfp_s_&client=ca-pub-5907212464215949

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

056185e7c774a468e9fd7fc6c37bdf7a0dfe296e018ee3b9936b5c5ef5c2ba36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
18ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fan-news.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 43ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fan-news.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9056 603 B
67 B 45ms
29ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545090&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545090699&bpp=2&bdt=434&idt=166&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6338030482093&frm=20&pv=2&ga_vid=1796420023.1639545091&ga_sid=1639545091&ga_hid=749043234&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063247&oid=2&pvsid=1603628987897109&pem=191&tmod=465&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 15 Dec 2021 05:11:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Raleway-SemiBold.woff
fan-news.org/font/ 71 KB
72 KB 15ms
15ms Font
font/woff 45.131.144.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fan-news.org/font/Raleway-SemiBold.woff
Requested by: Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8fd337ed3ade9e1cddea43b483b2c0ce39916c02e151ca36c78e06a379cf064b

Request headers

Referer: https://fan-news.org/css/mi7-desktop.css?v=1639545090248
Origin: https://fan-news.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: public
date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Tue, 14 Dec 2021 10:26:07 GMT
server: nginx
etag: W/"11ba4-17db87a6113"
content-type: font/woff
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 72612
x-request-id: ba246feace544da2a86c58dd1ff75a80
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 nr-player.min.js Show response
cdn01.nativeroll.tv/js/ Frame FBF5 538 KB
143 KB 11ms
11ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-8683f"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:45:13+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:44:44 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
136 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:30 GMT
last-modified: Mon, 13 Dec 2021 15:31:55 GMT
etag: "61b73d3b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 15 Dec 2021 06:11:30 GMT

GET
H2 200 CDSfxWQNMmpubcnywfx7
an.yandex.ru/mapuid/kadamis/ Frame 94E1 43 B
571 B 37ms
36ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/CDSfxWQNMmpubcnywfx7

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:30 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:30 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:30 GMT

GET
H2

200

9f2c253ca5964f6a8f7c4abc15725ab1
s.uuidksinc.net/match/760/ Frame 94E1
Redirect Chain

https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
https://s.uuidksinc.net/match/760/9f2c253ca5964f6a8f7c4abc15725ab1

74 B
241 B

15ms
14ms

Image
image/png

31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.uuidksinc.net/match/760/9f2c253ca5964f6a8f7c4abc15725ab1
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H2
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.19.0
content-length: 74
content-type: image/png

Redirect headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://s.uuidksinc.net/match/760/9f2c253ca5964f6a8f7c4abc15725ab1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H3

200

m
sync.mgid.com/ Frame 94E1
Redirect Chain

https://sync.mgid.com/m?cdsp=117798&c=CDSfxWQNMmpubcnywfx7
https://sync.mgid.com/m?c=CDSfxWQNMmpubcnywfx7&cdsp=117798&sct=1

43 B
500 B

137ms
121ms

Image
image/gif

104.19.135.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mgid.com/m?c=CDSfxWQNMmpubcnywfx7&cdsp=117798&sct=1
Requested by: Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol: H3
Server: 104.19.135.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6bdd2bf37a0d68ec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://sync.mgid.com/m?c=CDSfxWQNMmpubcnywfx7&cdsp=117798&sct=1
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6bdd2bf27f864ea3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 94E1
Redirect Chain

https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471

49 B
602 B

58ms
57ms

Image
image/gif

185.15.175.157
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471

Requested by

Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

185.15.175.157 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://uuidksinc.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 3
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Credentials: true

Redirect headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Location: https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=CDSfxWQNMmpubcnywfx7&i=0.9650615824471
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

POST
H/1.1 200
OK event
ferdarius.com/add/ 0
683 B 24ms
23ms Ping
text/html 88.208.46.51
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ferdarius.com/add/event
Requested by: Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://fan-news.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK event
ferdarius.com/add/ 0
683 B 15ms
14ms Ping
text/html 88.208.46.51
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ferdarius.com/add/event
Requested by: Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://fan-news.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

POST
H/1.1 200
OK event
ferdarius.com/add/ 0
683 B 31ms
16ms Ping
text/html 88.208.46.51
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ferdarius.com/add/event
Requested by: Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 15 Dec 2021 05:11:30 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://fan-news.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame FBF5 49 KB
20 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 625
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H2 200 wamfactory_dpm.wildcard.min.js Show response
cstatic.weborama.fr/js/wam/customers/ Frame FBF5 16 KB
6 KB 69ms
7ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1639545090979
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F42) /
Resource Hash: f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 10:01:32 GMT
server: ECAcc (frc/8F42)
age: 155218
etag: "3372701235"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 5776
expires: Wed, 22 Dec 2021 05:11:31 GMT

GET
H2 200 nr-box.html Show response
cdn01.nativeroll.tv/js/ Frame C9C1 7 KB
3 KB 8ms
7ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Ffan-news.org
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:31 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 16:39:02 GMT
vary: Accept-Encoding
etag: W/"61b382a6-1b7e"
cache: HIT
x-cached-since: 2021-12-12T09:58:35+00:00
x-id: fr5-up-gc29
content-encoding: gzip

OPTIONS
H2 204 hosts.json
cdn02.nativeroll.tv/player/ Frame 0
0 194ms
169ms Preflight 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Origin: https://fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:31 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-max-age: 1728000
access-control-allow-origin: https://fan-news.org
x-id: fr5-up-gc29

GET
H2 200 hosts.json Show response
cdn02.nativeroll.tv/player/ Frame FBF5 302 B
616 B 23ms
7ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control: no-cache
Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 22:46:48 GMT
server: nginx
etag: W/"61b91ed8-12e"
x-cached-since: 2021-12-14T22:49:59+00:00
content-type: application/json
access-control-allow-origin: https://fan-news.org
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache: HIT

GET
DATA 200
OK truncated
/ Frame FBF5 584 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FBF5 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FBF5 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FBF5 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FBF5 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FBF5 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2

200

1 Show response
mc.yandex.com/watch/72623899/
Redirect Chain

https://mc.yandex.com/watch/72623899?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef40...
https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef...

331 B
735 B

31ms
30ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A481%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051130%3Aet%3A1639545091%3Ac%3A1%3Arn%3A795987637%3Arqn%3A1%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090163%3Ads%3A9%2C28%2C62%2C18%2C0%2C0%2C%2C400%2C6%2C%2C%2C%2C502%3Adsn%3A10%2C28%2C61%2C18%2C0%2C0%2C%2C384%2C6%2C%2C%2C%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e05b9c3028c418c16683af2968e3c68550431dc1f5bd2abaf6c3d7623ab42d34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
location: /watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A481%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051130%3Aet%3A1639545091%3Ac%3A1%3Arn%3A795987637%3Arqn%3A1%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090163%3Ads%3A9%2C28%2C62%2C18%2C0%2C0%2C%2C400%2C6%2C%2C%2C%2C502%3Adsn%3A10%2C28%2C61%2C18%2C0%2C0%2C%2C384%2C6%2C%2C%2C%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame 9623 4 KB
1 KB 27ms
7ms Document
text/html 151.236.71.19
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8f860aa6-d24d-515d-9829-db2df990a22f&CACHEBUSTER=292804
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=3392116479
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.19 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:31 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp=between&gdpr=&gdpr_consent=
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10810539063100642173&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10810539063100642173&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26s...
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=d7a67273-30e6-40ce-877d-9c8d1a258b31&ssp=between&gdpr_consent=&gdpr=
https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=164900704001000034503&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=419&user_id=10810539063100642173&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=

43 B
220 B

9ms
8ms

Image
image/gif

18.185.209.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=419&user_id=10810539063100642173&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Server: 18.185.209.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-209-98.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://x.bidswitch.net/sync?dsp_id=419&user_id=10810539063100642173&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://px.adhigh.net/p/cm/btw?bounced=1
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugK7n8goqfJC.AikABlF9vIC0bg

68 B
607 B

61ms
61ms

Image
image/png

23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugK7n8goqfJC.AikABlF9vIC0bg
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=ugK7n8goqfJC.AikABlF9vIC0bg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://sync.bumlam.com/?src=bw1&uid=8f860aa6-d24d-515d-9829-db2df990a22f
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiD8uWNBlIFvp7KygpiJDhmODYwYWE2LWQyNGQtNTE1ZC05ODI5LWRiMmRmOTkwYTIyZg**
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiD8uWNBlIFvp7KygpiJDhmODYwYWE2LWQyNGQtNTE1ZC05ODI5LWRiMmRmOTkwYTIyZqIBEHcDhBRdZRHspukAJZDIJDc*
https://sync.bumlam.com/?src=bw1&s_data=CAIQABiD8uWNBmIkOGY4NjBhYTYtZDI0ZC01MTVkLTk4MjktZGIyZGY5OTBhMjJmogEQdwOEFF1lEeym6QAlkMgkNw**
https://sync.bumlam.com/?src=bw1&s_data=CAIQARiD8uWNBmIkOGY4NjBhYTYtZDI0ZC01MTVkLTk4MjktZGIyZGY5OTBhMjJmogEQdwOEFF1lEeym6QAlkMgkNw**
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77038414-5d65-11ec-a6e9-002590c82437

68 B
607 B

60ms
60ms

Image
image/png

23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77038414-5d65-11ec-a6e9-002590c82437
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77038414-5d65-11ec-a6e9-002590c82437
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e9118079f2925299312907f4

68 B
607 B

58ms
58ms

Image
image/png

23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e9118079f2925299312907f4
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=e9118079f2925299312907f4
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 44 B
218 B 143ms
142ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1639545091094_1817
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 395042195ec5d9206b93c7452687966e20f513b22f20422e081316ced3d58eac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 44
X-My-Reqtime: 0.093
Content-Type: application/javascript

GET
H2 200 sync.html Show response
cstatic.weborama.fr/iframe/ Frame F1F9 336 B
314 B 8ms
7ms Document
text/html 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1639545090979
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8F) /
Resource Hash: 3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 155964
cache-control: max-age=604800
content-type: text/html
date: Wed, 15 Dec 2021 05:11:31 GMT
etag: "282943589+gzip"
expires: Wed, 22 Dec 2021 05:11:31 GMT
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server: ECAcc (frc/8F8F)
vary: Accept-Encoding
x-cache: HIT
content-length: 207

GET
H3

204

/
wf.frontend.weborama.fr/stream/ Frame FBF5
Redirect Chain

https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Fa...
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Fa...

0
16 B

28ms
17ms

Image
text/plain

35.244.223.69
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091099&bounce=1&random=1408085991
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H3
Server: 35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 69.223.244.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
location: https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091099&bounce=1&random=1408085991
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame 9623
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://px.adhigh.net/p/cm/bsw?u=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&bidswitch_ssp_id=between
https://x.bidswitch.net/sync?dsp_id=9&user_id=ugK7n8goqfJC.AikABlF9vIC0bg&expires=30&ssp=between
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8

68 B
607 B

59ms
59ms

Image
image/png

23.111.200.117
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 23.111.200.117 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8
Date: Wed, 15 Dec 2021 05:11:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 1335351 Show response
mc.yandex.com/watch/ 295 B
354 B 31ms
31ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1335351?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A1099297560040%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A351553694%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

032db54c9a5924f99963ef4d0b879103d8bf6552eea1c55323acd9f9cba44b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 295
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/ 23 KB
23 KB 126ms
55ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1612413/GVtywxtf6v-jcEzTnRolNA/x300
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: a5277c6038ee71d8f15ae61339cf5a1020f58cda8958a93916399ff1cdfdfe1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 11 Dec 2019 14:56:56 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23212
x-request-id: a6a23c3a0b329fa3

GET
H/1.1 200
Ok xn--80aklgjdc4ahc3h.xn--p1ai
favicon.yandex.net/favicon/ 447 B
660 B 151ms
50ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/xn--80aklgjdc4ahc3h.xn--p1ai?size=32&stub=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y300
avatars.mds.yandex.net/get-direct/2766645/qcI1-A95GUB4PR0mpuJeaw/ 14 KB
15 KB 126ms
55ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2766645/qcI1-A95GUB4PR0mpuJeaw/y300
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 94c3cfae4f79aace426bc85ac8204aaa0e14fd7a6e883516dee4ca6eec3467f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Sat, 07 Nov 2020 18:23:46 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 14576
x-request-id: 18fc19173f14723

GET
H/1.1 200
Ok lg.cdm-group.pro
favicon.yandex.net/favicon/ 2 KB
2 KB 154ms
47ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/lg.cdm-group.pro?size=32&stub=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d050d98a9a5b900ad391de8acce6aa014ea652d0f1b1c5323d6c4c2aeab61c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/2799451/0sxkLXehGJRh1V2xv6cnpQ/ 15 KB
16 KB 90ms
55ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/2799451/0sxkLXehGJRh1V2xv6cnpQ/x300
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 7547c18297ea1591b609b335c3e7ae29f188a1747ff232945a6a1bc0a191d992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Tue, 19 May 2020 09:36:42 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 15660
x-request-id: ff3ed9d0d7442e2b

GET
H/1.1 200
Ok rusdate.de
favicon.yandex.net/favicon/ 1 KB
1 KB 53ms
31ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/rusdate.de?size=32&stub=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x300
avatars.mds.yandex.net/get-direct/1783913/YnfcDzeTj2qXuJKQ_zJm2g/ 21 KB
21 KB 78ms
54ms Image
image/webp 2a02:6b8::184
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/1783913/YnfcDzeTj2qXuJKQ_zJm2g/x300
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software: nginx /
Resource Hash: 204d939114e2b883261a5e15dc10eedd1b4bb4f9f733262ec7b530a17fe2e29d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 30 Dec 2020 15:01:07 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 21216
x-request-id: 4768275ce9a7107f

GET
H/1.1 200
Ok korotkov-realty.ru
favicon.yandex.net/favicon/ 767 B
980 B 71ms
49ms Image
image/png 2a02:6b8::36
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/korotkov-realty.ru?size=32&stub=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3c7c1e301e0665e699fa523e7309c4b2e945039fd065f4a97ba3d5bbdf38d74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

POST
H2 200 1 Show response
mc.yandex.com/watch/72623899/ 43 B
73 B 31ms
30ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899/1?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A485405604%3Arqn%3A2%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 31ms
30ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A61199103%3Arqn%3A3%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 32ms
29ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A745092857%3Arqn%3A4%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 33ms
29ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A692434975%3Arqn%3A5%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 33ms
30ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A10659065%3Arqn%3A6%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 33ms
30ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A258244352%3Arqn%3A7%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 36ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A459736067%3Arqn%3A8%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 35ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A565702500%3Arqn%3A9%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 34ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A591678791%3Arqn%3A10%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 72623899 Show response
mc.yandex.com/watch/ 43 B
73 B 35ms
34ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A97892294005%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A291213235%3Arqn%3A11%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(12400)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/1335351/ 43 B
73 B 33ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1335351/1?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A481%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A1099297560040%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A953901870%3Arqn%3A1%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Ads%3A9%2C28%2C62%2C18%2C0%2C0%2C%2C400%2C6%2C%2C%2C%2C502%3Adsn%3A10%2C28%2C61%2C18%2C0%2C0%2C%2C384%2C6%2C%2C%2C%2C502%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091&t=gdpr(14)aw(1)lt(19900)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fan-news.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 1335351 Show response
mc.yandex.com/watch/ 43 B
73 B 33ms
33ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/1335351?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A1099297560040%3Ahid%3A919882860%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545091%3Ac%3A1%3Arn%3A547280141%3Arqn%3A2%3Au%3A1639545091207091244%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090163%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545091%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(19900)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
last-modified: Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://fan-news.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:31 GMT

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 1D9B 24 KB
7 KB 87ms
29ms Document
text/html 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

server: nginx/1.17.9
date: Wed, 15 Dec 2021 05:11:31 GMT
content-type: text/html
content-length: 6262
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Fri, 15 Dec 2051 11:44:00 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow
accept-ranges: bytes

GET
H2 200 external_libs.v2.js Show response
cstatic.weborama.fr/iframe/ Frame F1F9 8 KB
3 KB 9ms
7ms Script
text/javascript 93.184.221.133
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5E) /
Resource Hash: 0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: gzip
last-modified: Mon, 20 Sep 2021 08:52:49 GMT
server: ECAcc (frc/8F5E)
age: 159130
etag: "3142978827"
vary: Accept-Encoding
x-cache: HIT
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-type: text/javascript
content-length: 3062
expires: Wed, 22 Dec 2021 05:11:31 GMT

GET
H/1.1 200
OK 6123b6281b58921eda767ba8 Show response
statsb.nativeroll.tv/nr/aserver/group/ Frame FBF5 1 KB
3 KB 363ms
250ms XHR
application/json 185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://statsb.nativeroll.tv/nr/aserver/group/6123b6281b58921eda767ba8?event=visit&gid=6123b6281b58921eda767ba8&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&title=Chat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&ref=&block_enabled=0&width=468&height=0&offset_px=0&offset_pct=50&lenght_px=0&cookie_enabled=1&t=2021-12-15T05%3A11%3A31&mode=outstream&data_saver=false&places=0&nr_f=MTYzOTU0NTA5MTEyMg%3D%3D&ancestor_origins=https%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=7cc4866c-0da5-40c3-a1d8-18e023dcfb30
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: d91937cd29812351a3a6944ec0cd3ecf9be5fd3774873a3084a8230df19ef33c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://fan-news.org
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/json
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 sync Show response
ds.frontend.weborama.fr/ Frame F1F9 895 B
1 KB 40ms
17ms Script
application/javascript 34.117.231.160
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ds.frontend.weborama.fr/sync?key=ids_sync&src=wamf.wildcard.js&wamid=3336&v=2021091401&callback=Utils.handleDataSync&ref=fan-news.org
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.231.117.34.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: 66237e08a53ce9e6b3accf3080eb9b0c64a1f6e374cd052eb13b9d8086862a13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 895
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 KY7AShchjxs Show response
www.youtube.com/embed/ Frame 0903 60 KB
25 KB 81ms
54ms Document
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

51a5840767a28671be3dde2766a9d824e1e0608b17f5eca14e89bd7047e2f94a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Dec 2021 05:11:31 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 50ms
24ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb59f8a61f1eee13ad5e74876af09c3803e8f8dfb792fd2cb588d97999c8c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H/1.1 200
OK native Show response
moevideo.biz/ Frame 60F0 47 KB
18 KB 235ms
235ms Document
text/html 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx / PHP/5.5.38
Resource Hash: 211a6699a8d64b4a378c224eda800e00b615dbb4fe3019410758b3d67fb0d3c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.38
X-My-Adv-Time: 0.00208520889282
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Wed, 15 Dec 2021 05:11:31 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.009
X-Mv-Embed-Version: 1403
X-My-Name: s28
X-My-Reqtime: 0.095
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H3

204

ids
idsync.frontend.weborama.fr/ Frame F1F9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
https://wam-google.solution.weborama.fr/pixel?google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELj-xnTM_zP1dl1vUzx5zEg&google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1

0
16 B

26ms
16ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELj-xnTM_zP1dl1vUzx5zEg&google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H3
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESELj-xnTM_zP1dl1vUzx5zEg&google_gid=CAESELj-xnTM_zP1dl1vUzx5zEg&google_cver=1
date: Wed, 15 Dec 2021 05:11:31 GMT
server: Apache
content-length: 354
content-type: text/html; charset=iso-8859-1

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame F1F9
Redirect Chain

https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6134647262890898040

0
268 B

42ms
15ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6134647262890898040
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:31 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 47cee3c5-b0a9-4eab-843e-b2ff315fdd34
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6134647262890898040
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame F1F9
Redirect Chain

https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=Ca8zS6p0OnjpanA-UQwV0-OsBCrbV6Fh

0
44 B

31ms
15ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=Ca8zS6p0OnjpanA-UQwV0-OsBCrbV6Fh
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=criteov2&value=Ca8zS6p0OnjpanA-UQwV0-OsBCrbV6Fh
date: Wed, 15 Dec 2021 05:11:31 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 4010
content-length: 212
strict-transport-security: max-age=86400; preload;
content-type: text/html; charset=utf-8

GET
H2 200 401736.gif
idsync.rlcdn.com/ Frame F1F9 42 B
416 B 34ms
16ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/401736.gif?partner_uid=RU4l1/IJzKe64/udK6Kdnu
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3

204

collect
dx.frontend.weborama.com/ Frame F1F9
Redirect Chain

https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq@ZVRV
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq%40ZVRV&bounce=1&random=3146576782

0
17 B

26ms
17ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq%40ZVRV&bounce=1&random=3146576782
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H3
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.80.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=Vdo7rUq%40ZVRV&bounce=1&random=3146576782
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 receive
pixel.tapad.com/idsync/ex/ Frame F1F9 95 B
425 B 16ms
15ms Image
image/png 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=Vdo7rUq@ZVRV

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame F1F9
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ&dcc=t

43 B
932 B

194ms
194ms

Image
image/gif

52.95.115.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ&dcc=t

Requested by

Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100

Protocol

HTTP/1.1

Server

52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6NNG0NJ6XV5BR0JWTJJG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:31 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 45YEZEHZ3TH0S97A553M
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=UlU0bDEvSUp6S2U2NC91ZEs2S2RudQ&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame F1F9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E0DD18DC-8B9A-4E57-A393-AFDCE75363E2

0
44 B

27ms
16ms

Image
text/plain

35.201.81.244
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E0DD18DC-8B9A-4E57-A393-AFDCE75363E2
Requested by: Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091100
Protocol: H2
Server: 35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 244.81.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cstatic.weborama.fr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=E0DD18DC-8B9A-4E57-A393-AFDCE75363E2
date: Wed, 15 Dec 2021 05:11:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/204bfffb/www-widgetapi.vflset/ 149 KB
48 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c8c9bf4d27683e3a521802108e1408830886af69bd6df88cae1d0819c0d5348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:28:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6201
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49316
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 15 Dec 2022 03:28:10 GMT

GET
H/1.1 200
Ok d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame 1D9B 95 B
400 B 101ms
30ms Image
image/png 2a02:6b8::5:114
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=315360000; includeSubDomains
X-RT-IH: 0.0002
Content-Type: image/png
Cache-Control: private
Connection: close
X-RT-IQ: 0.0001
Content-Length: 95
Expires: Thu, 16 Dec 2021 05:11:31 GMT

GET
H/1.1

200
OK

/
sync3.sniperlog.ru/ Frame 9623
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77038414-5d65-11ec-a6e9-002590c82437
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77038414-5d65-11ec-a6e9-002590c82437&bounce=1
https://sync.bumlam.com/?src=aid1&uid=UGrjllhAae3OOpieqKhERQ&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata
https://sync3.sniperlog.ru/?src=ggl&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata&google_gid=CAESEMs_wEAK2lbbFWdvCYzhhCM&google_cver=1

43 B
516 B

30ms
7ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync3.sniperlog.ru/?src=ggl&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata&google_gid=CAESEMs_wEAK2lbbFWdvCYzhhCM&google_cver=1
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Server: 31.172.81.172 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync3.sniperlog.ru/?src=ggl&extra1=UGrjllhAae3OOpieqKhERQ&extra2=aidata&google_gid=CAESEMs_wEAK2lbbFWdvCYzhhCM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/204bfffb/ Frame 0903 337 KB
46 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40249
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47300
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:42 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/204bfffb/www-embed-player.vflset/ Frame 0903 225 KB
73 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74767
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:43 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 0903 2 MB
529 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8903986c927e122375ba7e0e972f366ae8c7104bf6f9fd4bccac2ada20949158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541105
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:44 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/ Frame 0903 8 KB
3 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:43 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0903 15 KB
15 KB 26ms
8ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 17:06:41 GMT
x-content-type-options: nosniff
age: 43490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Dec 2022 17:06:41 GMT

GET
H3 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 0903 113 B
159 B 14ms
14ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

beb2fff3d6f7c3698d6c642339319424205998e26096920e2b8da0c4d3f3a447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 0903 29 B
588 B 30ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 04:57:15 GMT
x-content-type-options: nosniff
age: 856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Dec 2021 05:12:15 GMT

GET
H2 200 N74WYbNt_fKgaMlv9zvN-Z2nekyeew3CkNhZ3LAmlbk.js Show response
www.google.com/js/th/ Frame 0903 35 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/N74WYbNt_fKgaMlv9zvN-Z2nekyeew3CkNhZ3LAmlbk.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37be1661b36dfdf2a068c96ff73bcdf99da77a4c9e7b0dc290d859dcb02695b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 06:09:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 601314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13603
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 08 Dec 2022 06:09:37 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 0903 24 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550c9da427a76b05374a263e56f08ea0db57d7fd44f33abea68182afe165233f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40246
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7354
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:45 GMT

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 0903 109 KB
26 KB 96ms
95ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

de24c84ab713cc371f3462f1ec6b4089137a24f836fd3afd5d77464667d012ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211210.00.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: CgtCUUJwTU93eWJUUSiD8uWNBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26538
x-xss-protection: 0
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
DATA 200
OK truncated
/ Frame 0903 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQ3kDv2ySN4uMBtZPpPb12fqZXPSts3E4txt8Yj=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0903 4 KB
4 KB 32ms
8ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ3kDv2ySN4uMBtZPpPb12fqZXPSts3E4txt8Yj=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f021da5ea1f7c2ef8919e5cd1332918740f3b43d791e7f590f6df51c17cc6d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 04:45:58 GMT
x-content-type-options: nosniff
age: 1533
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4172
x-xss-protection: 0
server: fife
etag: "v32"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:32:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0903 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 13 Dec 2021 21:29:26 GMT
x-content-type-options: nosniff
age: 114125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 13 Dec 2022 21:29:26 GMT

GET
H2 200 matchx Show response
uuidksinc.net/ Frame 7AA8 2 KB
1 KB 13ms
12ms Document
text/html 31.220.27.134
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uuidksinc.net/matchx
Requested by: Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: 3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

server: nginx/1.19.0
date: Wed, 15 Dec 2021 05:11:31 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 60F0 54 KB
15 KB 212ms
211ms Stylesheet
text/css 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:03:30 GMT
Server: nginx
X-My-Name: s10
ETag: W/"61a74872-d99f"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.081

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1746/ Frame 60F0 585 KB
147 KB 369ms
265ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:04:32 GMT
Server: nginx
X-My-Name: s7
ETag: W/"61a748b0-922a1"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.081

GET
H/1.1 200
OK set Show response
playreplay.me/api/cookie/ Frame 60F0 0
332 B 256ms
145ms Script
text/plain 92.223.103.27
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%229c018f59d38f2ffbe47f%22},{%22key%22:%22mvsid%22,%22value%22:%2233fdc37a-3dad-4db5-843b-3b0de4c231e5%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.27 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f17.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.096

GET
H/1.1 200
OK set Show response
thesame.tv/api/cookie/ Frame 60F0 0
332 B 251ms
138ms Script
text/plain 5.188.150.181
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%229c018f59d38f2ffbe47f%22},{%22key%22:%22mvsid%22,%22value%22:%2233fdc37a-3dad-4db5-843b-3b0de4c231e5%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.188.150.181 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.087

GET
H/1.1 200
OK set Show response
moevideo.biz/api/cookie/ Frame 60F0 0
332 B 141ms
141ms Script
text/plain 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%229c018f59d38f2ffbe47f%22},{%22key%22:%22mvsid%22,%22value%22:%2233fdc37a-3dad-4db5-843b-3b0de4c231e5%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.089

GET
H/1.1 200
OK set Show response
cs-0.moevideo.biz/api/cookie/ Frame 60F0 0
332 B 277ms
150ms Script
text/plain 92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%229c018f59d38f2ffbe47f%22},{%22key%22:%22mvsid%22,%22value%22:%2233fdc37a-3dad-4db5-843b-3b0de4c231e5%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.093

GET
H/1.1 200
OK set Show response
playreplay.net/api/cookie/ Frame 60F0 0
332 B 269ms
130ms Script
text/plain 92.223.103.220
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%229c018f59d38f2ffbe47f%22},{%22key%22:%22mvsid%22,%22value%22:%2233fdc37a-3dad-4db5-843b-3b0de4c231e5%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.220 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f58.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.081

GET
H3 204 generate_204
www.youtube.com/ Frame 0903 0
9 B 8ms
7ms Image
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?MxevpQ
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1

200
OK

sync
statsb.nativeroll.tv/nr/ Frame FBF5
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsb.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D359173
https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=RU4l1/IJzKe64/udK6Kdnu&gt=0&rand=359173

0
454 B

55ms
54ms

Image
text/html

185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=RU4l1/IJzKe64/udK6Kdnu&gt=0&rand=359173
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: Content-Type, *

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
server: nginx/1.12.0
location: https://statsb.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=RU4l1/IJzKe64/udK6Kdnu&gt=0&rand=359173
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 7cc4866c-0da5-40c3-a1d8-18e023dcfb30
an.yandex.ru/mapuid/adfox/ Frame FBF5 43 B
329 B 51ms
50ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adfox/7cc4866c-0da5-40c3-a1d8-18e023dcfb30?jsredir=1

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:31 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H/1.1

200
OK

rle.cgi
ad.adriver.ru/cgi-bin/ Frame FBF5
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=359173
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=359173&tuid=-6351986564
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=359173&ip=168.119.25.198

42 B
581 B

60ms
59ms

Image
image/gif

195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=359173&ip=168.119.25.198
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:31 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:31 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=359173&ip=168.119.25.198
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET sync
nativeroll-sync.rutarget.ru/ Frame FBF5 0
0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame FBF5 43 B
764 B 49ms
49ms Image
image/gif 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=107&id=7cc4866c-0da5-40c3-a1d8-18e023dcfb30
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Last-Modified: Wed, 15 Dec 2021 05:11:31 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Wed, 15 Dec 2021 11:11:31 GMT

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 0903 0
19 B 17ms
17ms Ping
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=FxYX5nRbZP3eAt1B&el=embedded&ns=yt&fexp=23858058%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24140279%2C24141079&cl=416163874&seq=1&event=streamingstats&docid=KY7AShchjxs&ei=A3m5YY2KI7yK6dsPw7ym6A8&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.009:B,0.178:B,0.178:B&cmt=0.009:0.000,0.178:0.000&afs=0.177:251::i&vfs=0.178:396:396::r&bwe=0.178:130000&bat=0.178:1:1&vis=0.178:0&bh=0.178:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 95 KB
96 KB 66ms
8ms XHR
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=video%2Fmp4&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=35416157&dur=1388.553&lmt=1630054554363456&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgdVEdFN0dp-_gZzeIa_gtRSuuQTiMHDYU9uRnx3mnLBMCIAvDIjaf7EJ6Fv5Q-6gFXnkKcUHdodSp8DeMc8GxxWoR&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=0-97568&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d34213fc823a3679227e89935c5e0993034ec2c79ec77a843e043ab284540fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
X-Restrict-Formats-Hint: None
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 97569
Last-Modified: Fri, 27 Aug 2021 08:55:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
X-Content-Type-Options: nosniff
Expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H/1.1 200
OK videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 67 KB
68 KB 66ms
8ms XHR
audio/webm 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=audio%2Fwebm&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDEDxPO8XYOIJ5gfaZxEq4wqUJdRZfZ22qR6FAvhmAS8CIEZmgFKtDwnKElNtZyNwdenUGoXm3VIFHKbnx9HHmTes&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=0-68181&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

e9e6975086ca036bae4100a36dc18770ec7ff58051e8b9e956bc4940d145ac2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 68182
Last-Modified: Sat, 13 Feb 2021 12:59:12 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 0903 64 KB
24 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b3fa74fbed97a5c5d4fd43f7dac33cb7efca29040f7d39e95effec2a9a847fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24493
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:53 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 0903 26 KB
7 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35f312ae2ead5e6c91932929d5716c613529b1b98218763b1825984fbf510958

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:00:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7227
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:00:53 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 0903 66 KB
19 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ea7b195ecb7187dda4e10ea9f3e223d8bc6882eb5e49876c76b26a2252890fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 18:01:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40217
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19745
x-xss-protection: 0
last-modified: Tue, 14 Dec 2021 01:04:25 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 14 Dec 2022 18:01:14 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 0903 65 KB
6 KB 301ms
301ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

6d760debaa53e053954156da12851f5be92414911e09f0f9e2ecd1bc1e3bb86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20211210.00.01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id: CgtCUUJwTU93eWJUUSiD8uWNBg%3D%3D
Content-Type: application/json

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6110
x-xss-protection: 0
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/KY7AShchjxs/ Frame 0903 3 KB
4 KB 33ms
7ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/KY7AShchjxs/default.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bfe46724e9124e987b776b635406a673650e8d381a15dfd7ddda6687fe77ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:07:08 GMT
x-content-type-options: nosniff
age: 263
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3210
x-xss-protection: 0
server: sffe
etag: "1613149129"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:07:08 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/D90PluQTGLA/ Frame 0903 183 KB
184 KB 26ms
12ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/D90PluQTGLA/maxresdefault.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

999347853aeb4af6a251e2fe53066a08e89981484902babf8f79c9cc389c1e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:02 GMT
x-content-type-options: nosniff
age: 29
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 187674
x-xss-protection: 0
server: sffe
etag: "1609593611"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:11:02 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/n5y_QVxXhBw/ Frame 0903 220 KB
220 KB 22ms
9ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/n5y_QVxXhBw/maxresdefault.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd78a583ab2c11c98b2e276810da4906d5ed42c7045a890fb8f02d7d569c9127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:10:15 GMT
x-content-type-options: nosniff
age: 76
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225068
x-xss-protection: 0
server: sffe
etag: "1610489279"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:10:15 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 79 KB
79 KB 17ms
7ms XHR
audio/webm 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=audio%2Fwebm&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDEDxPO8XYOIJ5gfaZxEq4wqUJdRZfZ22qR6FAvhmAS8CIEZmgFKtDwnKElNtZyNwdenUGoXm3VIFHKbnx9HHmTes&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=68182-149070&rn=3&rbuf=4352

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

7dda59f2c016053c6a2a9b9ab3fb2850754df1b281f842ee494ad9e2b72927b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80889
client-protocol: quic
last-modified: Sat, 13 Feb 2021 12:59:12 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4066f4e21607b5df4f370f623b6f43d254b047e40e086e0f939797a04d81c86b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FE23
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

25ms
7ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8f860aa6-d24d-515d-9829-db2df990a22f&CACHEBUSTER=292804
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40019-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 15 Dec 2021 05:11:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 15 Dec 2021 05:11:31 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 390 KB
390 KB 8ms
7ms XHR
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9a863770d715fd8ab94b073061378bd6ac8a762dc35dbad50aaae9ee6bf2abf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 399066
client-protocol: quic
last-modified: Fri, 27 Aug 2021 08:55:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 154 KB
154 KB 9ms
9ms XHR
audio/webm 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=audio%2Fwebm&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDEDxPO8XYOIJ5gfaZxEq4wqUJdRZfZ22qR6FAvhmAS8CIEZmgFKtDwnKElNtZyNwdenUGoXm3VIFHKbnx9HHmTes&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=149071-306796&rn=5&rbuf=9723

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

85da445e6055d61d84ea5d00d7c0a9173e3f6b4e0cb4bd4985c75749ff00e3e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157726
client-protocol: quic
last-modified: Sat, 13 Feb 2021 12:59:12 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 15 Dec 2021 05:11:31 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FE23 32 KB
10 KB 9ms
8ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7844040e44ff7c369311b530d613e81876084030d7edacfb617952916113058f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 01:00:59 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71709
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9699
Expires: Thu, 16 Dec 2021 01:06:40 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FE23 284 B
536 B 32ms
9ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H2

200

292804
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 9623
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804

43 B
297 B

45ms
45ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.15/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.15/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
server: ms-counter-3.2.15/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/292804
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 28D5 18 KB
6 KB 305ms
195ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:57 GMT
ETag: W/"61b49f29-4783"
X-My-Name: s59
X-My-Reqtime: 0.098
X-B-Name: f36
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 60F0 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

match
s.pubmine.com/ Frame 9623
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=8f860aa6-d24d-515d-9829-db2df990a22f&expires=60
https://s.pubmine.com/match?bidder_id=1&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp_data=&gdpr=&gdpr_consent=

43 B
286 B

213ms
30ms

Image
image/gif

79.125.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.pubmine.com/match?bidder_id=1&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp_data=&gdpr=&gdpr_consent=
Requested by: Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol: HTTP/1.1
Server: 79.125.73.87 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-73-87.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

Location: //s.pubmine.com/match?bidder_id=1&external_user_id=dbbd6555-fb08-4ee4-bea4-e89df86ff8b8&ssp_data=&gdpr=&gdpr_consent=
Date: Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3 204 playback
www.youtube.com/api/stats/ Frame 0903 0
17 B 16ms
15ms Image
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=FxYX5nRbZP3eAt1B&ver=2&cmt=0.312&fmt=396&fs=0&rt=0.701&euri=https%3A%2F%2Ffan-news.org%2F&lact=724&cl=416163874&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&fexp=23858058%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24140279%2C24141079&rtn=7&afmt=251&inview=0&muted=1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=A3m5YY2KI7yK6dsPw7ym6A8&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdBRUZ6LVpGVDVMVXNKVnJtNXpUTzU1Q1lwN05tbWhvNUlQdmhCYjZEcm5TZ2JLQVBta0tETGlxM05fZXRhTXRzckVCNVJ2MmpLU1NYWlJUb2hOd3FvRDNsQklTRVhqVXR6SEhYbGZpQ2FMZE1pMi15Mi1DeHRhTm5J

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 ptracking
www.youtube.com/ Frame 0903 0
19 B 17ms
15ms Image
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/ptracking?html5=1&video_id=KY7AShchjxs&cpn=FxYX5nRbZP3eAt1B&ei=A3m5YY2KI7yK6dsPw7ym6A8&ptk=youtube_multi&oid=-JboZdfJMv20J-EgYJtBCQ.Bkd4zRq-gbbBbUyWpkumnQ.HsfuJCmYNidf4wUV9F28mw.yfdyTRzMmu3FPmmTBoa5Wg.zKSiGrgFlUYObZ6s7wQjSw&pltype=contentugc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 68A6 2 KB
814 B 26ms
8ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=8f860aa6-d24d-515d-9829-db2df990a22f&CACHEBUSTER=292804

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

8f860aa6-d24d-515d-9829-db2df990a22f
an.yandex.ru/mapuid/betweendigitalis/ Frame 9623
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F8f860aa6-d24d-515d-9829-db2df990a22f
https://an.yandex.ru/mapuid/betweendigitalis/8f860aa6-d24d-515d-9829-db2df990a22f

43 B
152 B

51ms
51ms

Image
image/gif

2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/8f860aa6-d24d-515d-9829-db2df990a22f

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:32 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/8f860aa6-d24d-515d-9829-db2df990a22f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

OPTIONS
H/1.1 204
No Content auction_multi
am-0.moevideo.biz/ssp/ Frame 0
0 172ms
51ms Preflight 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:32 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H/1.1 200
OK auction_multi Show response
am-0.moevideo.biz/ssp/ Frame 60F0 2 B
474 B 199ms
198ms Fetch
application/json 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:32 GMT
X-Balancer-Name: fvm9
Last-Modified: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://moevideo.biz
X-B-Name: fvm9
Cache-Control: no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET
DATA 200
OK truncated
/ Frame 60F0 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 60F0 49 KB
20 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 626
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame 60F0 185 KB
185 KB 90ms
89ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Wed, 15 Dec 2021 05:21:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 35ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83daf6ef9147064f097d96a14558c36b9b22d8f0c2856ceb682dea21341408af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8529
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame DB10 18 KB
6 KB 195ms
193ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:58 GMT
ETag: W/"61b49f2a-4783"
X-My-Name: s60
X-My-Reqtime: 0.097
X-B-Name: f36
Content-Encoding: gzip

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 3548 18 KB
6 KB 263ms
168ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:09 GMT
ETag: W/"61b49ef9-4783"
X-My-Name: s36
X-My-Reqtime: 0.079
X-B-Name: f36
Content-Encoding: gzip

GET
H2 200 sync
t.adx.opera.com/ Frame 9623 0
409 B 97ms
69ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=8f860aa6-d24d-515d-9829-db2df990a22f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsdk.js Show response
an.yandex.ru/system/video-ads-sdk/ Frame 60F0 87 KB
27 KB 41ms
41ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d3f822dfec2bb91d46cca888ba5484001a31b3a2a5eae3515314236440e9780b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1199978780
x-yandex-req-id: 1639545092571429-1589075682710385839900363-production-app-host-man-pcode-35
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Dec 2021 06:11:32 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/aC0X2Ui9kpg/ Frame 0903 19 KB
19 KB 26ms
10ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/aC0X2Ui9kpg/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe516b0f74aba31366366a4590ee0e41427c93dbe3731396127d68ab089b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:09:38 GMT
x-content-type-options: nosniff
age: 114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19924
x-xss-protection: 0
server: sffe
etag: "1636981270"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:09:38 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/vilRUEgkHGI/ Frame 0903 19 KB
19 KB 39ms
23ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/vilRUEgkHGI/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

206120b52a81c4df25b6100d88c2d1a6ddaffa9073579a6387bdd99d1fb55062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 04:56:13 GMT
x-content-type-options: nosniff
age: 919
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19284
x-xss-protection: 0
server: sffe
etag: "1625631422"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 06:56:13 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/cI-hih86s7M/ Frame 0903 17 KB
17 KB 31ms
17ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/cI-hih86s7M/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b9fb528e972c2da29e2fdb6e8c9f57130d25c6c2e7fc2cac6a7a7ebd7a307f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:08:03 GMT
x-content-type-options: nosniff
age: 209
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17296
x-xss-protection: 0
server: sffe
etag: "1635520671"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:08:03 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/ZDtjDThed7o/ Frame 0903 14 KB
15 KB 33ms
19ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/ZDtjDThed7o/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ab27806cf860c39501b70850a96918c47bcbebe1079c997e24cccdb4cffb6a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 04:39:28 GMT
x-content-type-options: nosniff
age: 1924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14846
x-xss-protection: 0
server: sffe
etag: "1637758534"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 06:39:28 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/S-gxNYXogKU/ Frame 0903 32 KB
32 KB 26ms
12ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/S-gxNYXogKU/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81d7afa6d3e1befb42c63be3b184e3b6ccb3318df11dd9c90b42f208eb84b059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:29 GMT
x-content-type-options: nosniff
age: 3
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32302
x-xss-protection: 0
server: sffe
etag: "1549843298"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:11:29 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/PSsMOJCT6PE/ Frame 0903 18 KB
18 KB 22ms
9ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/PSsMOJCT6PE/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11c4455b7f73e934202d6aecc347f1b84227a9a150bad36838816670844e0e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:05:33 GMT
x-content-type-options: nosniff
age: 359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18266
x-xss-protection: 0
server: sffe
etag: "1637860968"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:05:33 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/dLjH8preSkA/ Frame 0903 18 KB
18 KB 36ms
22ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/dLjH8preSkA/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7726eef93f0f179f1042632c9b7b1314aba1d04d0631ce6afd41acc1ce64d86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:01:03 GMT
x-content-type-options: nosniff
age: 629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18078
x-xss-protection: 0
server: sffe
etag: "1608639550"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:01:03 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/zH6FfFtYoB8/ Frame 0903 32 KB
32 KB 36ms
22ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/zH6FfFtYoB8/hqdefault.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f1c5e3242d78ac44e8792e3bee668ff915c1091fe36252b9bfd0c126fb55d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:27:39 GMT
x-content-type-options: nosniff
age: 6233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33184
x-xss-protection: 0
server: sffe
etag: "1614975919"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 05:27:39 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/y-HwXI-NVJ8/ Frame 0903 18 KB
18 KB 34ms
20ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/y-HwXI-NVJ8/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9a5e1dc7acfff2811a2722d6bb137c56ee096cf8e614f8cbf2a07fcaa93df55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:04:45 GMT
x-content-type-options: nosniff
age: 407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17980
x-xss-protection: 0
server: sffe
etag: "1638486145"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:04:45 GMT

GET
H3 200 hqdefault.jpg
i.ytimg.com/vi/omS5kZbpm2k/ Frame 0903 38 KB
38 KB 51ms
37ms Image
image/jpeg 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/omS5kZbpm2k/hqdefault.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f1c81343b04693d62b12837303556f9e1489606a8b297729d6c8966f057263f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38618
x-xss-protection: 0
server: sffe
etag: "1614965404"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 07:11:32 GMT

GET
H3 200 hqdefault.webp
i.ytimg.com/vi_webp/qGg0WH9rARY/ Frame 0903 21 KB
21 KB 41ms
28ms Image
image/webp 2a00:1450:4001:813::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/qGg0WH9rARY/hqdefault.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9100d381307ccda0cd3ac9b205d7da809af81c6c00a2c40d9736f1aecb1a5b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 03:57:59 GMT
x-content-type-options: nosniff
age: 4413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21154
x-xss-protection: 0
server: sffe
etag: "1638885810"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 15 Dec 2021 05:57:59 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 4 KB
4 KB 8ms
7ms XHR
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=video%2Fmp4&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=114433066&dur=1388.553&lmt=1630054691063745&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgH5uJmg-QDbyaT__MGKKamNIEm4Z_u3vOr-l0fG0PlDMCIEeEtMgF6sFsZD9LH-Nv3yYjDuSrK8FXje6epDrphCp2&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=0-4055&rn=6&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d2baf309d6969f8c2a19d21d0fb37b3ee9f332dc767dc2211c1b30931dfb51f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4056
client-protocol: quic
last-modified: Fri, 27 Aug 2021 08:58:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 15 Dec 2021 05:11:32 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0903 28 B
54 B 25ms
25ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version: 1.20211210.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtCUUJwTU93eWJUUSiD8uWNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639545091472&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1520%2C950&vis=1&wgl=true&ca_type=image&bid=ANyPxKpN76r7gbHu1QTNrAXnGFJ0cybWGGI3Lm67s9Ua_ThaUJYlHD0KnwKaURNIqH5H801NaqzFv4VlhboaacjA8xF2NwiHQw

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 97A2 13 KB
5 KB 32ms
13ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Tue, 14 Dec 2021 23:06:34 GMT
expires: Wed, 14 Dec 2022 23:06:34 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B0C0 783 B
536 B 39ms
19ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8e39d57de2d5b235614b9c6463262c8e0c39cb8394a10e4d0b65e999910d6391

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qL8oPVQ6UL1aZty45Rtw4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 15 Dec 2021 05:11:32 GMT
date: Wed, 15 Dec 2021 05:11:32 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qL8oPVQ6UL1aZty45Rtw4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 0903 0
19 B 19ms
19ms Ping
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=398&afmt=251&cpn=FxYX5nRbZP3eAt1B&el=embedded&ns=yt&fexp=23858058%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24140279%2C24141079&cl=416163874&seq=2&event=streamingstats&docid=KY7AShchjxs&ei=A3m5YY2KI7yK6dsPw7ym6A8&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.187:0.000,0.353:0.006,1.038:0.651,1.098:0.661&vps=0.187:N,0.353:PL,1.038:PA,1.098:PA&ctmp=dompaused:t.188;promise;m.NotAllowedError&user_intent=0.346&vfs=1.098:398:398:396:r&view=1.098:1333:829&bwm=1.098:807488:0.280&bwe=1.098:1146520&bat=1.098:1:1&bh=1.098:19.340&df=1.098:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 1 MB
1 MB 9ms
9ms XHR
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=video%2Fmp4&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=114433066&dur=1388.553&lmt=1630054691063745&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgH5uJmg-QDbyaT__MGKKamNIEm4Z_u3vOr-l0fG0PlDMCIEeEtMgF6sFsZD9LH-Nv3yYjDuSrK8FXje6epDrphCp2&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=302607-1752733&rn=7&rbuf=8948

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

3fd052db7e6a1f9cfb73351a7f4212c5d96b6a220ac32cb2aabad40bd6092fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450127
client-protocol: quic
last-modified: Fri, 27 Aug 2021 08:58:11 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 15 Dec 2021 05:11:32 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
262 B 106ms
31ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=CreateLoader&bundleName=AdSDKLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 60F0 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/ Frame 60F0 564 KB
141 KB 31ms
31ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

17ee7fdbdfd653e9b37cb3ae78c9d89c40134f597661cdbd0f47fea68dd89e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://moevideo.biz/
Origin: https://moevideo.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 144051
x-nginx-request-id: b9361391e7c394b5
last-modified: Mon, 13 Dec 2021 20:28:58 GMT
server: nginx/1.17.9
etag: "53c17bfaf27c55ffdc459365e27537c6"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:45:13 GMT

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 4 KB
4 KB 8ms
7ms XHR
video/mp4 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=video%2Fmp4&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=60783319&dur=1388.553&lmt=1630055136770342&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAPSuUbL0Map8ERtfvXPeAdX6YDo5vMn2ihSCEHcfsDU0AiAhqOCdjsZnU5wQo0EHaAWK_wdq0vnpRie8uoRBHFw11w%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=0-4055&rn=8&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5ef31bec403a6acd1f57177cef5661e5500cf4ea08f157d439a8c231e4f64785

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
x-restrict-formats-hint: None
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4056
client-protocol: quic
last-modified: Fri, 27 Aug 2021 09:05:36 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
x-content-type-options: nosniff
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H/1.1 200
OK vkAuth.html Show response
ad.mail.ru/dist/ Frame D6E3 523 B
802 B 47ms
47ms Document
text/html 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/dist/vkAuth.html
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:32 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 523
Connection: keep-alive
Expires: Wed, 15 Dec 2021 05:21:32 GMT
Cache-Control: max-age=600
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame 60F0 83 B
450 B 102ms
54ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1639545092756&q=199847&vk=0&_=603854408
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 210d9631f472e0decab2039d19bcd2175a9c2027ed39f17b574e10b2bb0a26eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B0C0 0
0 61ms
60ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=1603628987897109&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 30ms
30ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=ModuleLoaded&bundleName=AdLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 1378267 Show response
an.yandex.ru/vmap/ Frame 60F0 2 KB
899 B 56ms
55ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=299851639545092854&pcode-icookie=UfcEjZBL4NbaERzgsVkmn45Zx9BFQD29ZDd05bfFNPhKMRpD9Th2Qx5kyM4P8jAzeatR3%2Binu4dJTfYrSoE3WY04cX0%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=949a86fa7414e45bda79d1f5673384330c0eba1136cc6d718a2a56a78f596fda&vsid=3bc9da9e36921c367f1bcd667f0b8a8fc467a697fbfbxVASx3409x1639545092&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545092860&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

09cc7c789fc0e84b57880c94210192e7521a0ad74e83269183d011e9cfa9166d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:32 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ Frame D6E3 102 KB
23 KB 150ms
69ms Script
application/x-javascript 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-190-240-87.vk.com
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:32 GMT
content-encoding: br
x-frontend: front220006
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Sun, 19 Dec 2021 05:11:32 GMT

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 97A2 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 14 Dec 2021 15:46:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:46:23 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 584F 18 KB
6 KB 171ms
169ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:10 GMT
ETag: W/"61b49efa-4783"
X-My-Name: s39
X-My-Reqtime: 0.082
X-B-Name: f36
Content-Encoding: gzip

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 60F0
Redirect Chain

https://moevideo-sync.rutarget.ru/sync
https://cs-0.moevideo.biz/ssp/cs?d=1&b=sGGKq74mG-yj

36 B
208 B

178ms
128ms

Image
image/gif

92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=1&b=sGGKq74mG-yj
Protocol: HTTP/1.1
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

Location: https://cs-0.moevideo.biz/ssp/cs?d=1&b=sGGKq74mG-yj
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 60F0 0
238 B 52ms
13ms Image
text/plain 37.18.103.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.21 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 501
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 moevideo
px.adhigh.net/p/cm/ Frame 60F0 49 B
326 B 45ms
42ms Image
image/gif 193.232.150.70
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/moevideo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.150.70 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp14.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx
x-backend-id: f14-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame 60F0 43 B
552 B 9ms
7ms Image
image/gif 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=moe2&uid=9c018f59d38f2ffbe47f
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 60F0
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=9c018f59d38f2ffbe47f&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}

36 B
208 B

175ms
130ms

Image
image/gif

92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Protocol: HTTP/1.1
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx/1.21.0
Location: https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H/1.1 200
OK rle.cgi
ad.adriver.ru/cgi-bin/ Frame 60F0 42 B
581 B 59ms
57ms Image
image/gif 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:32 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 60F0
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
https://cs-0.moevideo.biz/ssp/cs?d=81&b=105b5f7d-3d5c-423a-7feb-2c7f5b410282

36 B
208 B

138ms
137ms

Image
image/gif

92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=81&b=105b5f7d-3d5c-423a-7feb-2c7f5b410282
Protocol: HTTP/1.1
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

location: https://cs-0.moevideo.biz/ssp/cs?d=81&b=105b5f7d-3d5c-423a-7feb-2c7f5b410282
date: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 60F0
Redirect Chain

https://sync.upravel.com/moevideo/sync
https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
https://0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
https://cs-0.moevideo.biz/ssp/cs?d=91&b=0d90fa67-da3e-40a8-b774-8ffd6fb95279

36 B
208 B

206ms
156ms

Image
image/gif

92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=91&b=0d90fa67-da3e-40a8-b774-8ffd6fb95279
Protocol: HTTP/1.1
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

date: Wed, 15 Dec 2021 05:11:33 GMT
server: nginx
location: https://cs-0.moevideo.biz/ssp/cs?d=91&b=0d90fa67-da3e-40a8-b774-8ffd6fb95279
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1

204
No Content

em
sm.rtb.mts.ru/ Frame 60F0
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=moevideo&id=9c018f59d38f2ffbe47f
https://sm.rtb.mts.ru/match/second?ssp=22&exu=9c018f59d38f2ffbe47f
https://tech.rtb.mts.ru/?dsp_uid=2b6efaf1-bfab-4bb2-a0fb-c527ea462116&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=UGrjllhAae3OOpieqKhERQ

0
291 B

58ms
37ms

Image
text/plain

217.66.147.161
SPBMTS-AS Malaya ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=UGrjllhAae3OOpieqKhERQ
Protocol: HTTP/1.1
Server: 217.66.147.161 St Petersburg, Russian Federation, ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU),
Reverse DNS: host-161-147-66-217.spbmts.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
last-modified: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=UGrjllhAae3OOpieqKhERQ
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Wed, 15 Dec 2021 05:11:32 GMT

GET
H2 204 moevideo
sync.dmp.otm-r.com/match/ Frame 60F0 0
69 B 33ms
6ms Image
text/plain 138.201.65.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/moevideo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.66 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.65.201.138.clients.your-server.de
Software: nginx/1.19.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx/1.19.7

GET
H2

204

0.gif
x01.aidata.io/ Frame 60F0
Redirect Chain

https://rtb.com.ru/myvideo-sync?uid=9c018f59d38f2ffbe47f
https://rtb.com.ru/sync?noRedirect=&sspKey=41&sspUserID=9c018f59d38f2ffbe47f
https://cm.g.doubleclick.net/pixel?google_nid=adspend&google_cm&google_hm=61b97905a62fbd13aae57e89&r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61b97905a62fbd13aae57e89%26dest%3Dhtt...
https://rtb.com.ru/adx-sync?r=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D6472613%26id%3D61b97905a62fbd13aae57e89%26dest%3Dhttps%253A%252F%252Fdmg.digitaltarget.ru%252F1%252F224%252Fi%252Fi%253Fa%2...
https://x01.aidata.io/0.gif?pid=6472613&id=61b97905a62fbd13aae57e89&dest=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F224%2Fi%2Fi%3Fa%3D224%26e%3D61b97905a62fbd13aae57e89%26i%3D7041180506265261277%26r%...
https://sm.rtb.mts.ru/p?ssp=aidata&id=UGrjllhAae3OOpieqKhERQ
https://sm.rtb.mts.ru/match/second?ssp=51&exu=UGrjllhAae3OOpieqKhERQ
https://tech.rtb.mts.ru/?dsp_uid=2b6efaf1-bfab-4bb2-a0fb-c527ea462116&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D5...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3DUGrjllhAae3OOpieqKhERQ%26id%3D%24UID

0
432 B

48ms
48ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3DUGrjllhAae3OOpieqKhERQ%26id%3D%24UID
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
last-modified: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Wed, 15 Dec 2021 05:11:32 GMT

Redirect headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx/1.13.12
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D51%26em%3D2%26ssp%3Daidata%26exu%3DUGrjllhAae3OOpieqKhERQ%26id%3D%24UID
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 60F0
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
https://cs-0.moevideo.biz/ssp/cs?d=161&b=8f860aa6-d24d-515d-9829-db2df990a22f

36 B
208 B

244ms
143ms

Image
image/gif

92.223.103.92
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=161&b=8f860aa6-d24d-515d-9829-db2df990a22f
Protocol: HTTP/1.1
Server: 92.223.103.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f44.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

location: https://cs-0.moevideo.biz/ssp/cs?d=161&b=8f860aa6-d24d-515d-9829-db2df990a22f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 204 collect
dx.frontend.weborama.com/ Frame 60F0 0
16 B 17ms
16ms Image
text/plain 35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.80.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:32 GMT
via: 1.1 google
last-modified: Wed, 15 Dec 2021 05:11:32 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 1378267 Show response
an.yandex.ru/meta/ Frame 60F0 66 B
501 B 169ms
169ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456500716196129809&video-category-id=0&vsid=3bc9da9e36921c367f1bcd667f0b8a8fc467a697fbfbxVASx3409x1639545092&client-timezone-offset=0&video-content-id=0&ad-session-id=299851639545092854&pcode-icookie=UfcEjZBL4NbaERzgsVkmn45Zx9BFQD29ZDd05bfFNPhKMRpD9Th2Qx5kyM4P8jAzeatR3%2Binu4dJTfYrSoE3WY04cX0%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456500714727861265&enable-page-options=65536&rnd=0.9031833366530335&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=949a86fa7414e45bda79d1f5673384330c0eba1136cc6d718a2a56a78f596fda&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545092926&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1639545092946092-1501572685896198020100363-production-app-host-man-pcode-150
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=1603628987897109&bg=!7O-l76vNAAZKWFskSlg7ACkAdvg8WjIQaijqho-lgN4AHRVuUH5GI_gYmavN05HjjEk5eJwvUgmD-QIAAABTUgAAAAtoAQcKAM0bMhBBag8GG6D4QBoDvZt05S8fkeJL6y2B6OV1TXpRyEicgo8PJVJnj4QCS-IT6YfDLhmV1btXRT8Mumcm56kWXZL0RKas8WporUcLKhjTqNTCJ-wKZ9qzVM37sseU1094tGeDZwneaw7IqFxjTfkWNH0lkNT9g24cgQb8r3xYYUuSJDCKuZiaTzaahFKaJ30x-UTRUmHcHdczxolqGTVVGS7ydm4fSHOSrQ765GOsv_xLXwCK8qbf0QF-zFdFGWs2SXnu_plghsH3xHH-mQKxRtn08blZPjcdAYXnIUQHzHxyXvxyV2RDUxFn6LPrTD9PEwzQvEfT_3PgvV-jZKJUVnL9EFxQHxRC951S1PyquKRLnYXpFG7MgC9xQn6ICg9ZwL47BtoNyCt16h3KntGRY5qNfalDmaHhW5Ws9EsqKqZAUGGMFrIyGwIB-YpCWdpx2ojvcWajWKaI14SFRYDgKSni_pQw13sEACu61i3pGcljjx0LVDbH7HZVmvFmtwG7Xhs4846aWlQShjKSa_Ecj6ZYrhrzuL2rC0w4SESSs_HK6AyRyu4uNkflKZZrNdYdcXZCWM3_voFL-8XN7Lt6lq7di4-KUs3Ry__mslZ2zKgjuXagewvKtoSLoQwsxG1jWiZ6GR502HbqdhzzlVtA418TF5sdhh5uSmHGC8hrroOX_VI3yUmSvMYcZM6Dr7CgZBQ4UCojI0CbRSRRYM18YPD85EwHwBeEJpou_G6cH9Mj21z7x2qLZ4xj8AR1xXUU_yZ-1W1jCE2TrRZe0_CQkcqTQrjJBRAmTXUMcQhC-jogXzaDtI3rLV4YDV72oSgZ-OVR0jqQ7AYa8ummDSlctiDyYQbwkBbLC6ntQMV2yCTEl0jkp-dj_bvHlvWzTGuGvE6Tg6p_vRk6UTy_AsQT1tVodS1escMqliorY1vK6y_46ENWFT089gWpCJgxNyLMefCAwTGWHgfyDm9GFKJqIY6bQx0Zt9lzREu5LrbLX1JBff_Gciij8VCrOTM2tkKNwu_hKvKXwrqLv-cuu3nKbrDJdMCdQE0rR1Q7xBDIgTy2bRp6Vp1KVWn9_LhZYHN9VgzIKhtGC2TlCzWl0jWo8Viq1aclJapaaj5XlBB0WaeFpkPJ-hWCY7b5t43bdJiLQFHnPaJPG-7zi-4t16uLDcttFjkMHNWqYOHg3JNeGWc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
login.vk.com/ Frame D6E3 27 B
633 B 136ms
52ms XHR
text/html 87.240.129.135
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv135-129-240-87.vk.com

Software

kittenx / KPHP/7.4.109628

Resource Hash

52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
server: kittenx
x-powered-by: KPHP/7.4.109628
strict-transport-security: max-age=15768000
access-control-allow-methods: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://ad.mail.ru
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=windows-1251
content-length: 41

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 31ms
31ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&fatal=NO_AD_SECTION

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame 1D9B 105 KB
37 KB 40ms
39ms Script
application/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: br
last-modified: Fri, 29 Oct 2021 11:19:01 GMT
server: nginx/1.17.9
etag: W/"82bdc8db563d3e71c35534315f8a9fd5"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
expires: Fri, 17 Dec 2021 17:10:59 GMT
cache-control: public, max-age=31556952
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
x-nginx-request-id: a8ef2c7e48d044b3

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 1D9B 134 KB
47 KB 58ms
57ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: br
last-modified: Tue, 14 Dec 2021 15:27:53 GMT
etag: "61b88dc9-bcf4"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 48372
expires: Wed, 15 Dec 2021 06:11:33 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame 1D9B 403 B
947 B 160ms
97ms Fetch
application/json 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ffan-news.org%2F

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

37a9880ebe3c8eca7ba4a536931078484f03ab297eac1663e7bc415a6af4d840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 1D9B 37 KB
14 KB 51ms
25ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 1D9B
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BXm5YebcGZK6gQeGq4zQDw...
https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=2210929551
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=22109295...

42 B
108 B

48ms
20ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=2210929551&ipr=y

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=496532543&crd=CNPgGw&is_vtc=1&random=2210929551&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1014923426/ Frame 1D9B
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=BXm5YYbfGbKmx_APuY-oyA...
https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988&ipr=y

42 B
548 B

46ms
18ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988&ipr=y

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=551617573&crd=&is_vtc=1&random=2222424988&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3 Show response
mc.yandex.com/watch/ Frame 1D9B 167 B
266 B 31ms
31ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A438005127919%3Ahid%3A779524402%3Az%3A0%3Ai%3A20211215051133%3Aet%3A1639545093%3Ac%3A1%3Arn%3A993149448%3Arqn%3A1%3Au%3A1639545093800548598%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639545091234%3Ads%3A0%2C57%2C29%2C5%2C1%2C0%2C%2C21%2C0%2C114%2C114%2C0%2C114%3Adsn%3A0%2C58%2C29%2C4%2C2%2C0%2C%2C20%2C0%2C115%2C115%2C0%2C115%3Aco%3A0%3Ast%3A1639545093&t=gdpr()aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

64cc9facd55e2e0a70abb7ba6f744c1b12d53f8ab25895590066aa8b87f32565

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 15-Dec-2021 05:11:33 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:33 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ Frame 1D9B 43 B
136 B 31ms
30ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
last-modified: Mon, 13 Dec 2021 15:31:55 GMT
etag: "61b73d3b-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 15 Dec 2021 06:11:33 GMT

GET
H2 200 37412095 Show response
mc.yandex.com/watch/ Frame 1D9B 350 B
385 B 31ms
30ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A1%3Als%3A391899241286%3Ahid%3A779524402%3Az%3A0%3Ai%3A20211215051133%3Aet%3A1639545093%3Ac%3A1%3Arn%3A899689206%3Arqn%3A1%3Au%3A1639545093800548598%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639545091234%3Ads%3A0%2C57%2C29%2C5%2C1%2C0%2C%2C21%2C0%2C114%2C114%2C0%2C114%3Adsn%3A0%2C58%2C29%2C4%2C2%2C0%2C%2C20%2C0%2C115%2C115%2C0%2C115%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545093%3At%3A&t=gdpr(6)aw(1)lt(6000)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a7b8f94292790d15d1c858dab0171831c0d538721290c6c5bd80d8f33bc7f3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 15-Dec-2021 05:11:33 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Wed, 15-Dec-2021 05:11:33 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 1D9B 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639545093446&cv=9&fst=1639545093446&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6b9187d22346509d129facf2abd1755b8aeb7d3945377009bfe34eeffd28ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1115
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 1D9B 3 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639545093449&cv=9&fst=1639545093449&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc5805ba88e4afd7f1148b576668299b12ec7a11217ef4fc7655d4d6c857f38e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame 1D9B 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639545093451&cv=9&fst=1639545093451&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

952629aa6960ece8666b344a4f77d805e05f25b44b9dbc8170978db766eee3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame 1D9B 3 KB
1 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639545093452&cv=9&fst=1639545093452&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed59889d1e3334c0a0fe06fb704e0615e214e8401d53ab8d5701d504d73bd1b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1V7aVqcK0Si100000000U9nJPEgT-FIUGsQBeU2RDmafvwlIBPagToOo084dJ2HK-siJTwnvWWX3AYDGF5FmpPf8a7Wf4v1Ncm0aMXb1v5IWh0B3J4QEoGnWi91nMZ64jPBHHW_2sile-f-RuIYOVvKHPDnTHWOP1eQ_ZBE0firb0eaiPJh5pC2mbkaNa7sMwJyGN...
an.yandex.ru/rtbcount/ 43 B
327 B 50ms
50ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/rtbcount/1V7aVqcK0Si100000000U9nJPEgT-FIUGsQBeU2RDmafvwlIBPagToOo084dJ2HK-siJTwnvWWX3AYDGF5FmpPf8a7Wf4v1Ncm0aMXb1v5IWh0B3J4QEoGnWi91nMZ64jPBHHW_2sile-f-RuIYOVvKHPDnTHWOP1eQ_ZBE0firb0eaiPJh5pC2mbkaNa7sMwJyGN6MAsiJ8y9Jf1L3y5PD0okDc9i4t30oVjkmAqxZCol2NYGNa26PM8DdBh0Xo2ZF8eBdC81Uk198AOCitCaSLlTlq_iJXiAjW-RjWyYUpWnC_M7uMYu9Zlb6GQOgfOs9ae7DgKav6aRbtaQbBY7z4KMQANu5dr48MIulLOCKhM3gMCUrWOJx0mdYJ1UAv3_OFMMRD186RzczPG5wSm3frmeIcXWCX2rWvJxBojx21rTraPGgrubNBV-dzbHNalGbiJREEhNat-yAM5iO5RBitFNpJzUBJd_MCAzbWfZrYuysqSBOAIohBB3AB2ZD_oGQpyIVRbKrF7l9E-M0F0AMbZuu0?confirmTime=2100000&confirmRatio=1000000&test-tag=371686469795842&format-type=95&actual-format=3&rnd=5516853532961&pcode-active-testids=472134%2C0%2C45%3B462727%2C0%2C17%3B406668%2C0%2C42&banner-sizes=eyI3MjA1NzYwNTM3Nzg2NjA2NCI6IjI5NHgyODgiLCI3MjA1NzYwNDk3OTk5OTcwMSI6IjI5NHgyODgiLCI3MjA1NzYwNDM5ODQ0MjUzMyI6IjI5NHgyODgiLCI3MjA1NzYwNTI3NzYzMjQwNSI6IjI5NHgyODgifQ%3D%3D&width=1198&height=290

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 1D9B 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1639545093449&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=3498501867&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 1D9B 42 B
108 B 45ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1639545093449&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=3498501867&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 1D9B 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1639545093446&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=4207506918&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 1D9B 42 B
108 B 44ms
19ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1639545093446&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=4207506918&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/693627671/ Frame 1D9B 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/693627671/?random=1639545093452&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=785416722&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/693627671/ Frame 1D9B 42 B
108 B 45ms
20ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/693627671/?random=1639545093452&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=785416722&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/947884341/ Frame 1D9B 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/947884341/?random=1639545093451&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=880637967&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/947884341/ Frame 1D9B 42 B
108 B 45ms
21ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/947884341/?random=1639545093451&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=880637967&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
402 B 69ms
69ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545093645393-7077950833746797513-man1-1296-man-l7-balancer-8080-BAL-7083
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H/1.1 200
OK 389706 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 50ms
50ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/389706?pr=1108736&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
91 B 74ms
74ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545093647090-4702540755826092958-man1-1296-man-l7-balancer-8080-BAL-2616
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H/1.1 200
OK 201579 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 56ms
56ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 0903 28 B
54 B 21ms
21ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version: 1.20211210.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtCUUJwTU93eWJUUSiD8uWNBg%3D%3D
X-YouTube-Ad-Signals: dt=1639545091408&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image&bid=ANyPxKpN76r7gbHu1QTNrAXnGFJ0cybWGGI3Lm67s9Ua_ThaUJYlHD0KnwKaURNIqH5H801NaqzFv4VlhboaacjA8xF2NwiHQw

Response headers

date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H2 200 WKGejI_zOBC0rGa0T10BWlKhBKecoWK0im4GW8200J42URbX000003ZkWAC1Y082kGBt7_lZWgeXl_02pS6WXmBm1G6W1i01oGO2ZP7bta1fXAa74UoiMMJFUcU02W682eq1g0he1uWB19WBjCaDgWiGPEE30X7i003ojBfMADFm2mQe3v7OiuV6xBEzPv0GtRQuh...
an.yandex.ru/count/ 43 B
80 B 54ms
54ms Image
image/gif 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/count/WKGejI_zOBC0rGa0T10BWlKhBKecoWK0im4GW8200J42URbX000003ZkWAC1Y082kGBt7_lZWgeXl_02pS6WXmBm1G6W1i01oGO2ZP7bta1fXAa74UoiMMJFUcU02W682eq1g0he1uWB19WBjCaDgWiGPEE30X7i003ojBfMADFm2mQe3v7OiuV6xBEzPv0GtRQuhx-y_yHRyCYvtp7W507O5S6AzkoZZxpyO_205fMGa8A0m5J95l0_WHUe5mcP6D0O8VWOW1cm6OAQngpkcz2qX06u6S0PWghfwU3as_HBqXaIUM5YSrzpPN9sPN8lSZKvEIqow1ck2V0PWC83WXmDQJX3EbPYTcboDbfMD-aSW1t_Vn00KCXuWK1ts0eADaBHC8bk8OIN69xBLeDbRYaravSUvLfqL3OWCZQ8QkUyay7VXXa0~1=WbuejI_zOF01fH8091zaGTvhy0BUnCRGnhtGdeW1W06IgFZrsuxIdEa1Y07VxBcbWG6G0Q3bpRxKW8200fW1eENDlbIW0RRZg06suys-LBW1Xkgsf2FO0PoKevy1u07IezOPw06u0lW1o8hUlW6W0lZyoXUO0y24FR03Zow81RJ11f05y9a7i0MmwW6u1R3g0TzTu0Ltg0R00RW7W0Nn1m00mho-ey5XrYK-_J_9-0g0jHZP2n7ih5baptfdw0kqmGQ83DAR1fWDyU4-Fw0Em8GzW12EYFeVW8CGu16vyAm5w17MlU-Ld_McoOvXua2Y7eDJooYjFvWJ0k0JiEe1Y1IDwTItnVhXxJp8507G58JCxrRO5E6-kum6w1IC0j0LuRwxZ0RO5S6AzkoZZxpyOw0MmB7dZGQm5h83oHO0y3_G5jAUthu1WHUO5_QFlHsu5m705xKIq1VGXWFO5zIcEkWN3PaOe1W6i1ZPqUMD1hWO3_WOq8gMYz7uufn4W1c96G-41W000000a1a1e1d00RWP____0U0PBEWPhWdm6O320u4Q__yh8zjhXUc86i24FP0QW42e6ixvBhWQ0_KQ0G0009WRyU4-wHjJ3BSyeOjYGV0Rag2U4lWRhkck1EaS0F0_W1t_VvaT0F0_g1u1q1x5oPNycuNpghy1s1xwsXuV040GaBgW5U4mMK-65Gu5SnJ9D6aIkFkCRt5ZNqFYdfO9C6lsd0iX0U1LkBu8-80G4OJ572kCza7BCR5OHf0PwRaqEcAq9bvtNdgEGKZuPDeSV_0smL8wGwgPOR1D5040~1=WjqejI_zO5W2dHO092X_e30KM0F-nSkzhV_MYAG1W06pbwEuzu7ajYc80VcMhlTwa06gZvR3qO20W0AO0QgFbiDHe07QZgW1sewMmr6u0RhhZiCYs07uqvgS0U01oCkc7UW1i0Fu0PwOthu1c0AiujKNe0AIwTGOe0C4i0C2k0Jy0UW4lGM81RRlCf05tP0ui0NGeWwu1T2Y3i05zfi-o0NTw0_G1TFQ1U05b06O1ixymxCEg0R00RW7j0RG1mBO1n3W1uOAyGS00000micqgWo02W712gspzpGbHm90oVWAWBKOsGiHxAnPPCzwP-WBjkyoY0oUcDw-0UWCcmQO3V7XFh0-e0x0X3s04FpdjHwQ41i9G0GHKRWUXUjHs3yPo130i9A2u16vyAm5w17MlU-Ld_McoOvXua2Tm5SpfchMFvWJ0k0JqA8EW1I0O8WKZUdKjyNwuUqye1JGeWwe5DsGEB0Km8cHxBWBo1G1q1IdZPuDs1Jllw6D1kWKZ0B85TBnhSMd1T0Lxx-XZGRO5S6AzkoZZxpyOw0MmB7dZGQm5h83k1O1m1PWoHRG5fwOthu1WHUO5vcsjoAu5m705xKIq1VGXWFO5uksF-0NZBNr-mNe5mJu5yEFZ8q6cHYW61Mm6DdHvOq6k1W4-1ZGYfQBqVZYd4I06OaP3uG60000002G6G6W6S01k1d___y1u1ajw1ck2V0PWC83-1cw-kKUWHh__wEQ4b7Cv8WQm8Gza1g0GA0QaSYBX-wIhvj5k1e3zHe10000c1lnuJxO6m7f6w3hv0HI40D1y1lzlYNu6vY-3-aS0F0_W1t_VvaT0F0_u1tUZY6e7W7G7h2eoBN_lhNPpm7O7lhQ7eWV_m4R009ou1AGca23mE7ofmmhmHIigeYc8PAWeIJQ6bRSXRiWxc-P0ELo4gn9-isH1AzkC4Qi1WspWl2U4Qe3o08oJX4WhFpq7CD8pRo3RG8E~1=WdWejI_zO042THC09276bZb90GEqYxcspTcxmB81W065mgy2Y06X_voZQ901og37cCs0W802c07AeCUOJQ01rfse0TQTnvXDk07eZyIq8TW1fhEYc07W0TYyv0de0VG1e0B2ggqKe0C6i0Fk5eW5iSSBa0MufGom1RsW1BW5lQ04m0MimYV81RJM3T05WQ01u0MKg0R00RW7W0NG1mBO1n3W1v0DyGS00000mg7LbWjjcB_73TG_oTaB4UoiMMJFUcVe2x77cmQO3V7XFd0ze0x0X3s04DFNkHp0i13W4Rdmh0Ne4TQzxvMVzQR9Zc7YG2joIcAabi0_c1C2u1Eze0I858tfrBV5-k7jFA0KlQ04g1IufGom5FQiY62u582xi270582naMJ850JG59dmYHtO5Fw1Xue6w1IC0j0L_e67YWRO5S6AzkoZZxpyOw0MmB7dZGQm5h83oHRG5kB6thu1WHUO5wUfYGMu5m705xKIq1VGXWFO5ydBFEWN0faOe1W8i1ZPqUMD1hWO4lWOq8gMYz7uufn4W1c96G-41W000000a1a1e1d00RWP____0U0P0UWPhWdm6O320u4Q__yB5Bi_YtY86i24FP0QW820W820Y43r6W40002O6_7XFjWR0UaRv5FimQRQGa7m6xhmimFu6vYmg07f780T_t-P7U0TiSe5g1u1q1xMuihgneYVwNhO7llQ7eWV____0Hq0EZK63iaWPdmiZvpxP5ZXK317aKn3f1fw9E8MPDmi4-lKx0qHGXQzgn1C4L03WGi8YR7xcQqmLZdP4Hi3ykqy5m728dgEGV1Oa88hfVCS_jISMpFhO9k00m00~1=WeiejI_zO0i23HG0j2AUWDkp2mEInicAwFJChTG1W07wYO3-viY0j5M80UB6yOE00P01gfw2tzE0W802c06gdeBVKw01egW1ehW1-CpMZoFO0Q3QpPu1u06yqfaPw0640_W1ff3UlW6W0kpxmnYW0mYm0u45Y0NUnpEG1PpfDB05-hODk0NwjWt01RpqNiW5p90Oq0NAhmNW1PG1c0RGZDF31wW6m06u1xG6q0S2s0SGu0U62l47mlRzeGo02W712bZRSDQD2k8_oVWAWBKOsGiHxAnPPCzwP-WBtiSpY0p0wzw-0UWCcmQO3V7XFg0Em8GzW12GgyyVmB0Iu16vyAm5w17MlU-Ld_McoOvXua1B0tiA4RxSFvWJ0k0J-hODY1IDwTItnVhXxJoW5Fgs3QWKdEaqi1JhhR09k1I0c-u2hBxcIjWKdBoFZGRe58m2q1MSl8-D1jWLmOhsxAEFlFnZe1R0iUUD1h0MiWF95j0MmElUlW615vWNgFde7BWN0S0NjHBG5z260zWNbg0yu1UeWSxz1UWN0_WN-AlSZGQP6A0O1h0OsT7bZGQu61hu6D2AbelH-EASH80PYHaFX0O00000090P0Q0Pm06u6V___m7W6GBe6Qu9y1c0mWE16l__wrX1hherY1h0X3sW6kQyfjxzWSUSDRWQ0_KQ0G0009WRyU4-s1i1wHjXxYl6QG0KGV0RaTPE-1lLvYRf780T_t-P7QWU0T0UmkMaj9ZErA55s1xwsXuR03Y4Y9WnmZnoKfHXzQDWHIsYQOXqw14Tw8NQx5v3ufgM2I1hzbmB8U7VLRYy2FW3TDfPGX3Uuq5r05b6pmKW010MAJt7WFALqbc0TLAJx62RW0C0~1?stat-id=2&test-tag=371686553714241&banner-sizes=eyI3MjA1NzYwNTM3Nzg2NjA2NCI6IjI5NHgyODgiLCI3MjA1NzYwNDk3OTk5OTcwMSI6IjI5NHgyODgiLCI3MjA1NzYwNDM5ODQ0MjUzMyI6IjI5NHgyODgiLCI3MjA1NzYwNTI3NzYzMjQwNSI6IjI5NHgyODgifQ%3D%3D&format-type=95&actual-format=3&pcodever=50852&banner-test-tags=eyI3MjA1NzYwNTM3Nzg2NjA2NCI6IjU3MzYxIiwiNzIwNTc2MDQ5Nzk5OTk3MDEiOiI0MjUxNjY2IiwiNzIwNTc2MDQzOTg0NDI1MzMiOiI1NzM2MyIsIjcyMDU3NjA1Mjc3NjMyNDA1IjoiNTczNjQifQ%3D%3D&pcode-active-testids=472134%2C0%2C45%3B462727%2C0%2C17%3B406668%2C0%2C42&width=1198&height=290&confirmTime=2122000&confirmRatio=1000000&wmode=0

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 166ms
74ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ffan-news.org%2F&request_id=2335944322&placement_id=1507&mimes=video%2Fmp4&placement=3&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK 197143 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 54ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/197143?pr=6544755&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
141 B 74ms
73ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cqqef&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1206093, "code_type":"regular"}
x-yandex-req-id: 1639545093817171-5401729177218056870-man1-1296-man-l7-balancer-8080-BAL-1215
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:33 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:33 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 55ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=5308987&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=3352028&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 726513 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 98ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/726513?dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 13 KB
3 KB 67ms
44ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_2&description_url=https%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545094

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

034a35fc02a1b184c1de039c0e7432cd4f6db07b19ba1832d1a9a4c72cdd0430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2337
x-xss-protection: 0
google-lineitem-id: 5787806370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364017550
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 106ms
55ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=4530672&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 135ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=6888071&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 75ms
75ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=872063116&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK vast Show response
stats.seedr.com/ Frame 60F0 837 B
1 KB 162ms
52ms XHR
text/xml 146.185.194.45
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.seedr.com/vast?gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Ffan-news.org%2F&sc=2453713131&pr=4035801
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host45.seedr.ru
Software: nginx /
Resource Hash: ac1000e81aaf6d3b8a81bc32622f106276903c23ba0313d3639e72943ad4b36b

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 pl15526 Show response
ssp.bidvol.com/vast/ Frame 60F0 49 B
506 B 128ms
67ms XHR
text/xml 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:34 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: 4011814b-8f23-49cb-a889-03dbaaec1c81
expires: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 24 KB
3 KB 61ms
45ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_1&description_url=http%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545094

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e1e9ec3d661766319fbe12fc5ffcf100a4e12cfe68bcb93e04592b6d6af1047b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3216
x-xss-protection: 0
google-lineitem-id: 5848710468,5831389590
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373900739,138370852748
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 48ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=1333498&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2

204

myvideo-confirm-vast Show response
adx.com.ru/ Frame 60F0
Redirect Chain

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream
https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

0
206 B

4ms
4ms

XHR
text/plain

188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
Protocol: H2
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://moevideo.biz
date: Wed, 15 Dec 2021 05:11:34 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

date: Wed, 15 Dec 2021 05:11:34 GMT
server: nginx/1.20.1
access-control-allow-origin: https://moevideo.biz
p3p: CP="adx.com.ru does not have a P3P policy"
location: /myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 168

GET
H2 200 nr-vpaid.min.js Show response
cdn01.nativeroll.tv/js/ Frame FDDC 13 KB
6 KB 8ms
8ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-3549"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:43:59+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:43:00 GMT

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 58ms
57ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=3&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=915778985&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:34 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 57ms
57ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=482119652&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:34 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-player.min.js Show response
cdn01.nativeroll.tv/js/ Frame 651F 538 KB
143 KB 11ms
11ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:34 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-8683f"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:45:13+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:44:44 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 651F 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 629
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H2 200 nr-box.html Show response
cdn01.nativeroll.tv/js/ Frame ECC2 7 KB
3 KB 7ms
7ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:35 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 16:39:02 GMT
vary: Accept-Encoding
etag: W/"61b382a6-1b7e"
cache: HIT
x-cached-since: 2021-12-12T09:58:35+00:00
x-id: fr5-up-gc29
content-encoding: gzip

OPTIONS
H2 204 hosts.json
cdn02.nativeroll.tv/player/ Frame 0
0 47ms
47ms Preflight 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:35 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-max-age: 1728000
access-control-allow-origin: https://moevideo.biz
x-id: fr5-up-gc29

GET
H2 200 hosts.json Show response
cdn02.nativeroll.tv/player/ Frame 651F 302 B
250 B 8ms
6ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control: no-cache
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Wed, 15 Dec 2021 05:11:35 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 22:46:48 GMT
server: nginx
etag: W/"61b91ed8-12e"
x-cached-since: 2021-12-14T22:49:59+00:00
content-type: application/json
access-control-allow-origin: https://moevideo.biz
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache: HIT

GET
H/1.1 200
OK 6194d28b365f7e44bb060303 Show response
statsb.nativeroll.tv/nr/aserver/group/ Frame 651F 67 B
402 B 53ms
53ms XHR
application/json 185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303?event=visit&gid=6194d28b365f7e44bb060303&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2F&title=&ref=moevideo.biz&block_enabled=0&width=400&height=225&offset_px=0&offset_pct=0&lenght_px=225&cookie_enabled=1&t=2021-12-15T05%3A11%3A35&mode=vpaid&data_saver=false&sc=2453713131&nr_f=MTYzOTU0NTA5NTE5Ng%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&referrer=https%3A%2F%2Ffan-news.org%2F&audiableVideoSlot=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=7cc4866c-0da5-40c3-a1d8-18e023dcfb30
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:35 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *
Content-Length: 67

GET
H/1.1 200
OK 6194d28b365f7e44bb060303.jsonp Show response
statsb.nativeroll.tv/nr/aserver/group/ Frame FDDC 0
454 B 60ms
59ms Script
text/html 185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303.jsonp?event=impression&v=1.19.15&gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&title=&cookie_enabled=1&block_enabled=0&ref=moevideo.biz&width=400&offset_px=0&offset_pct=0&lenght_px=225&nr_f=MTYzOTU0NTA5NTI1Mw%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK native Show response
moevideo.biz/ Frame 60F0 46 KB
18 KB 293ms
292ms Document
text/html 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx / PHP/5.5.38
Resource Hash: 64071a126337a5e705f06ebeff4bcfaf251e099f854cf52052e0528ce02e9a0d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.38
X-My-Adv-Time: 0.0028440952301
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Wed, 15 Dec 2021 05:11:35 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.011
X-Mv-Embed-Version: 1403
X-My-Name: s43
X-My-Reqtime: 0.105
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 60F0 54 KB
15 KB 278ms
277ms Stylesheet
text/css 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:03:30 GMT
Server: nginx
X-My-Name: s24
ETag: W/"61a74872-d99f"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.087

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1746/ Frame 60F0 585 KB
147 KB 270ms
270ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:04:32 GMT
Server: nginx
X-My-Name: s27
ETag: W/"61a748b0-922a1"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.087

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 45A6 18 KB
6 KB 168ms
168ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:04 GMT
ETag: W/"61b49ef4-4783"
X-My-Name: s24
X-My-Reqtime: 0.079
X-B-Name: f36
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 60F0 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 204
No Content auction_multi
am-0.moevideo.biz/ssp/ Frame 0
0 51ms
50ms Preflight 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:36 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H/1.1 200
OK auction_multi Show response
am-0.moevideo.biz/ssp/ Frame 60F0 2 B
474 B 201ms
201ms Fetch
application/json 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:36 GMT
X-Balancer-Name: fvm9
Last-Modified: Wed, 15 Dec 2021 05:11:36 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://moevideo.biz
X-B-Name: fvm9
Cache-Control: no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET
DATA 200
OK truncated
/ Frame 60F0 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 60F0 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 630
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame 60F0 185 KB
185 KB 90ms
90ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:36 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Wed, 15 Dec 2021 05:21:36 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame E948 18 KB
6 KB 178ms
178ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:05 GMT
ETag: W/"61b49ef5-4783"
X-My-Name: s25
X-My-Reqtime: 0.087
X-B-Name: f36
Content-Encoding: gzip

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 1CE5 18 KB
6 KB 192ms
192ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:02 GMT
ETag: W/"61b49ef2-4783"
X-My-Name: s17
X-My-Reqtime: 0.096
X-B-Name: f36
Content-Encoding: gzip

POST
H3 204 atr Show response
www.youtube.com/api/stats/ Frame 0903 0
19 B 21ms
20ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=FxYX5nRbZP3eAt1B&ver=2&cmt=4.599&fmt=398&fs=0&rt=5.215&euri=https%3A%2F%2Ffan-news.org%2F&lact=3935&cl=416163874&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&fexp=23858058%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24140279%2C24141079&afmt=251&muted=1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=A3m5YY2KI7yK6dsPw7ym6A8&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdBRUZ6LVpGVDVMVXNKVnJtNXpUTzU1Q1lwN05tbWhvNUlQdmhCYjZEcm5TZ2JLQVBta0tETGlxM05fZXRhTXRzckVCNVJ2MmpLU1NYWlJUb2hOd3FvRDNsQklTRVhqVXR6SEhYbGZpQ2FMZE1pMi15Mi1DeHRhTm5J

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version: 1.20211210.00.01
X-YouTube-Time-Zone: Etc/Unknown
X-YouTube-Ad-Signals: dt=1639545091472&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image&bid=ANyPxKpN76r7gbHu1QTNrAXnGFJ0cybWGGI3Lm67s9Ua_ThaUJYlHD0KnwKaURNIqH5H801NaqzFv4VlhboaacjA8xF2NwiHQw

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:36 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsdk.js Show response
an.yandex.ru/system/video-ads-sdk/ Frame 60F0 87 KB
27 KB 53ms
53ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8bcb706aa91e56db54c103b5e4227f0f148741c1472774e2e89abf48087360bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1199978780
x-yandex-req-id: 1639545096793236-1001296305070479681800365-production-app-host-vla-pcode-76
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Dec 2021 06:11:36 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 31ms
31ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=CreateLoader&bundleName=AdSDKLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 60F0 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 loader.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/ Frame 60F0 564 KB
141 KB 30ms
29ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

17ee7fdbdfd653e9b37cb3ae78c9d89c40134f597661cdbd0f47fea68dd89e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://moevideo.biz/
Origin: https://moevideo.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:36 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 144051
x-nginx-request-id: b9361391e7c394b5
last-modified: Mon, 13 Dec 2021 20:28:58 GMT
server: nginx/1.17.9
etag: "53c17bfaf27c55ffdc459365e27537c6"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:45:13 GMT

GET
H/1.1 200
OK vkAuth.html Show response
ad.mail.ru/dist/ Frame 38FD 523 B
802 B 51ms
51ms Document
text/html 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/dist/vkAuth.html
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 523
Connection: keep-alive
Expires: Wed, 15 Dec 2021 05:21:36 GMT
Cache-Control: max-age=600
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame 60F0 83 B
450 B 49ms
48ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1639545096900&q=199847&vk=0&_=264286951
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: fdc6d86d0f622c743657b3d3993ce5ab55bf206e8469ab838bdb81dca434c512

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:36 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 49ms
48ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=ModuleLoaded&bundleName=AdLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 1378267 Show response
an.yandex.ru/vmap/ Frame 60F0 2 KB
905 B 56ms
56ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=6024691639545096946&pcode-icookie=2VIAdixu7ZuNJTl203l2%2Fs2o64N5g0mdb5XFeUrjlIe6BOBi%2BCyOzOFgqMBb4mg2pzuZ3bs7xyD1%2FkJP6YzsPBFdNnA%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=95163c80af50040b02c8c2f4dbaf46f3c3b79f1f74f43d04ecc0c5ad80075d75&vsid=b131e7afafd7fd5face0b9d4e09f40128761bc07d757xVASx3409x1639545096&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545096948&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

b8bb413bd7708e72b67498ad0b6ff7a330fad539ab76ef642c86ad1d21e7f30e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:36 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:36 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:36 GMT

GET
H3 200 openapi.js Show response
vk.com/js/api/ Frame 38FD 102 KB
23 KB 122ms
40ms Script
application/x-javascript 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-190-240-87.vk.com
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:37 GMT
content-encoding: br
x-frontend: front224007
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Sun, 19 Dec 2021 05:11:37 GMT

GET
H2 200 1378267 Show response
an.yandex.ru/meta/ Frame 60F0 66 B
423 B 172ms
171ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456501787228171281&video-category-id=0&vsid=b131e7afafd7fd5face0b9d4e09f40128761bc07d757xVASx3409x1639545096&client-timezone-offset=0&video-content-id=0&ad-session-id=6024691639545096946&pcode-icookie=2VIAdixu7ZuNJTl203l2%2Fs2o64N5g0mdb5XFeUrjlIe6BOBi%2BCyOzOFgqMBb4mg2pzuZ3bs7xyD1%2FkJP6YzsPBFdNnA%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456501785654258705&enable-page-options=65536&rnd=0.7320223363790894&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=95163c80af50040b02c8c2f4dbaf46f3c3b79f1f74f43d04ecc0c5ad80075d75&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545097007&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:37 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:37 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1639545097034446-97406358715693445300394-production-app-host-vla-pcode-183
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:37 GMT

GET
H2 200 / Show response
login.vk.com/ Frame 38FD 27 B
550 B 44ms
44ms XHR
text/html 87.240.129.135
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv135-129-240-87.vk.com

Software

kittenx / KPHP/7.4.109628

Resource Hash

52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:37 GMT
content-encoding: gzip
server: kittenx
x-powered-by: KPHP/7.4.109628
strict-transport-security: max-age=15768000
access-control-allow-methods: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://ad.mail.ru
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=windows-1251
content-length: 41

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 51ms
51ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&fatal=NO_AD_SECTION

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 163 KB
163 KB 8ms
8ms XHR
audio/webm 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=audio%2Fwebm&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDEDxPO8XYOIJ5gfaZxEq4wqUJdRZfZ22qR6FAvhmAS8CIEZmgFKtDwnKElNtZyNwdenUGoXm3VIFHKbnx9HHmTes&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=306797-473667&rn=9&rbuf=14571

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

10bcdfd96dff099d9a2919585d8eea69a35e1c5c02c614870e175b7b731625c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:37 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166871
client-protocol: quic
last-modified: Sat, 13 Feb 2021 12:59:12 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21294
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 15 Dec 2021 05:11:37 GMT

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
161 B 83ms
83ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:37 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545097728333-15920776353185507763-man1-1296-man-l7-balancer-8080-BAL-3638
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:37 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:37 GMT

GET
H/1.1 200
OK 389706 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 55ms
55ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/389706?pr=1054068&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
91 B 106ms
106ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:37 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545097729969-5165754439246000509-man1-1296-man-l7-balancer-8080-BAL-8681
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:37 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:37 GMT

GET
H/1.1 200
OK 201579 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 49ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 76ms
75ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ffan-news.org%2F&request_id=233795445&placement_id=1507&mimes=video%2Fmp4&placement=3&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:37 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK 197143 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 58ms
58ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/197143?pr=611789&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
91 B 87ms
87ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cqqef&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:37 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1206093, "code_type":"regular"}
x-yandex-req-id: 1639545097947667-15955232019472961431-man1-1296-man-l7-balancer-8080-BAL-8052
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:37 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:37 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 54ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=2199442&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=4309450&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 726513 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/726513?dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 13 KB
2 KB 42ms
41ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9a4c5b14afbccaddd87324faaf912335e01cbc78941c3325d732b1502db482f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2307
x-xss-protection: 0
google-lineitem-id: 5787806370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364017550
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 48ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=8227965&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 53ms
53ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=8699424&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 80ms
80ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=1715100146&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK vast Show response
stats.seedr.com/ Frame 60F0 837 B
1 KB 51ms
51ms XHR
text/xml 146.185.194.45
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.seedr.com/vast?gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Ffan-news.org%2F&sc=2453713131&pr=9791308
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host45.seedr.ru
Software: nginx /
Resource Hash: 27917b05095f4092127f6f3380273b87cb4e0e967bd92f0a81993d6c20d947ef

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 pl15526 Show response
ssp.bidvol.com/vast/ Frame 60F0 49 B
505 B 76ms
74ms XHR
text/xml 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:38 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: 416df25d-67e7-4634-8c96-7fd7defbce5a
expires: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 24 KB
3 KB 50ms
50ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

22eadac7487541011261158bb290959aa9da6759add83e8f31f009593f239201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3224
x-xss-protection: 0
google-lineitem-id: 5848710468,5831389590
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373900739,138370852748
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 59ms
58ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=248165&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2

204

myvideo-confirm-vast Show response
adx.com.ru/ Frame 60F0
Redirect Chain

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream
https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

0
206 B

4ms
4ms

XHR
text/plain

188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
Protocol: H2
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://moevideo.biz
date: Wed, 15 Dec 2021 05:11:38 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

date: Wed, 15 Dec 2021 05:11:38 GMT
server: nginx/1.20.1
access-control-allow-origin: https://moevideo.biz
p3p: CP="adx.com.ru does not have a P3P policy"
location: /myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 168

GET
H3 204 watchtime
www.youtube.com/api/stats/ Frame 0903 0
17 B 16ms
16ms Image
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=FxYX5nRbZP3eAt1B&ver=2&cmt=6.471&fmt=398&fs=0&rt=7.088&euri=https%3A%2F%2Ffan-news.org%2F&lact=5808&cl=416163874&state=playing&volume=100%2C100%2C100%2C100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&rtn=17&afmt=251&idpj=-4&ldpj=-26&rti=7&size=400%3A225&inview=0&st=0%2C0.414%2C0.614%2C0.661&et=0.312%2C0.614%2C0.661%2C6.471&muted=1%2C1%2C1%2C1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=A3m5YY2KI7yK6dsPw7ym6A8&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdBRUZ6LVpGVDVMVXNKVnJtNXpUTzU1Q1lwN05tbWhvNUlQdmhCYjZEcm5TZ2JLQVBta0tETGlxM05fZXRhTXRzckVCNVJ2MmpLU1NYWlJUb2hOd3FvRDNsQklTRVhqVXR6SEhYbGZpQ2FMZE1pMi15Mi1DeHRhTm5J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:38 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-vpaid.min.js Show response
cdn01.nativeroll.tv/js/ Frame FEA5 13 KB
5 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:38 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-3549"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:43:59+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:43:00 GMT

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 57ms
57ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=3&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=386032605&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:38 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-player.min.js Show response
cdn01.nativeroll.tv/js/ Frame BD32 538 KB
143 KB 9ms
9ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:38 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-8683f"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:45:13+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:44:44 GMT

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 59ms
59ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=501911454&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:38 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame BD32 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 633
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H2 200 nr-box.html Show response
cdn01.nativeroll.tv/js/ Frame ABEE 7 KB
3 KB 8ms
8ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:39 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 16:39:02 GMT
vary: Accept-Encoding
etag: W/"61b382a6-1b7e"
cache: HIT
x-cached-since: 2021-12-12T09:58:35+00:00
x-id: fr5-up-gc29
content-encoding: gzip

OPTIONS
H2 204 hosts.json
cdn02.nativeroll.tv/player/ Frame 0
0 47ms
47ms Preflight 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:39 GMT
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-max-age: 1728000
access-control-allow-origin: https://moevideo.biz
x-id: fr5-up-gc29

GET
H2 200 hosts.json Show response
cdn02.nativeroll.tv/player/ Frame BD32 302 B
234 B 7ms
7ms XHR
application/json 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn02.nativeroll.tv/player/hosts.json
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control: no-cache
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Wed, 15 Dec 2021 05:11:39 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 22:46:48 GMT
server: nginx
etag: W/"61b91ed8-12e"
x-cached-since: 2021-12-14T22:49:59+00:00
content-type: application/json
access-control-allow-origin: https://moevideo.biz
access-control-expose-headers: Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache: HIT

GET
H/1.1 200
OK 6194d28b365f7e44bb060303 Show response
statsb.nativeroll.tv/nr/aserver/group/ Frame BD32 67 B
402 B 54ms
53ms XHR
application/json 185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303?event=visit&gid=6194d28b365f7e44bb060303&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2F&title=&ref=moevideo.biz&block_enabled=0&width=400&height=225&offset_px=0&offset_pct=0&lenght_px=225&cookie_enabled=1&t=2021-12-15T05%3A11%3A39&mode=vpaid&data_saver=false&sc=2453713131&nr_f=MTYzOTU0NTA5OTI4Mw%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&referrer=https%3A%2F%2Ffan-news.org%2F&audiableVideoSlot=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=7cc4866c-0da5-40c3-a1d8-18e023dcfb30
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:39 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *
Content-Length: 67

GET
H/1.1 200
OK 6194d28b365f7e44bb060303.jsonp Show response
statsb.nativeroll.tv/nr/aserver/group/ Frame FEA5 0
454 B 103ms
102ms Script
text/html 185.180.43.83
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303.jsonp?event=impression&v=1.19.15&gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&title=&cookie_enabled=1&block_enabled=0&ref=moevideo.biz&width=400&offset_px=0&offset_pct=0&lenght_px=225&nr_f=MTYzOTU0NTA5OTM0MA%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host83.seedr.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, OPTIONS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK native Show response
moevideo.biz/ Frame 60F0 46 KB
18 KB 269ms
268ms Document
text/html 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx / PHP/5.5.38
Resource Hash: ef28bb2938c0a1d2b826edc2d166949da4555d3599c1dbca64fda8600f00b015

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://fan-news.org/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.38
X-My-Adv-Time: 0.00281310081482
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Wed, 15 Dec 2021 05:11:39 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.011
X-Mv-Embed-Version: 1403
X-My-Name: s40
X-My-Reqtime: 0.093
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 60F0 54 KB
15 KB 223ms
223ms Stylesheet
text/css 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:03:30 GMT
Server: nginx
X-My-Name: s31
ETag: W/"61a74872-d99f"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.086

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1746/ Frame 60F0 585 KB
147 KB 265ms
265ms Script
application/javascript 92.38.138.91
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.91 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f10.moevideo.net
Software: nginx /
Resource Hash: f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Dec 2021 10:04:32 GMT
Server: nginx
X-My-Name: s10
ETag: W/"61a748b0-922a1"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-My-Reqtime: 0.081

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame FA24 18 KB
6 KB 189ms
189ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:06 GMT
ETag: W/"61b49ef6-4783"
X-My-Name: s29
X-My-Reqtime: 0.087
X-B-Name: f36
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 60F0 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 204
No Content auction_multi
am-0.moevideo.biz/ssp/ Frame 0
0 60ms
60ms Preflight 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:40 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H/1.1 200
OK auction_multi Show response
am-0.moevideo.biz/ssp/ Frame 60F0 2 B
474 B 203ms
203ms Fetch
application/json 83.229.25.119
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.229.25.119 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: fvm9.moevideo.net
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:40 GMT
X-Balancer-Name: fvm9
Last-Modified: Wed, 15 Dec 2021 05:11:40 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://moevideo.biz
X-B-Name: fvm9
Cache-Control: no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET
DATA 200
OK truncated
/ Frame 60F0 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 60F0 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 634
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame 60F0 185 KB
185 KB 90ms
89ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:40 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Wed, 15 Dec 2021 05:21:40 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame E11C 18 KB
6 KB 174ms
174ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:00 GMT
ETag: W/"61b49ef0-4783"
X-My-Name: s8
X-My-Reqtime: 0.083
X-B-Name: f36
Content-Encoding: gzip

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame CF7B 18 KB
6 KB 188ms
188ms Document
text/html 92.223.103.253
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f36.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 11 Dec 2021 12:52:00 GMT
ETag: W/"61b49ef0-4783"
X-My-Name: s9
X-My-Reqtime: 0.093
X-B-Name: f36
Content-Encoding: gzip

GET
H2 200 adsdk.js Show response
an.yandex.ru/system/video-ads-sdk/ Frame 60F0 87 KB
27 KB 80ms
80ms Script
text/javascript 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

d481ab7c246a0445460e151775cb488d640481424c36cb45fab2e4bba9196514

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1199978780
x-yandex-req-id: 1639545100825736-1404572292867436889000367-production-app-host-sas-pcode-184
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 15 Dec 2021 06:11:40 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 32ms
32ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=CreateLoader&bundleName=AdSDKLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 60F0 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK vkAuth.html Show response
ad.mail.ru/dist/ Frame CFBE 523 B
802 B 47ms
47ms Document
text/html 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/dist/vkAuth.html
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 523
Connection: keep-alive
Expires: Wed, 15 Dec 2021 05:21:40 GMT
Cache-Control: max-age=600
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame 60F0 83 B
450 B 53ms
53ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1639545100966&q=199847&vk=0&_=423413547
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9b2b134959336a02a45010b7e194b0f84e6edef749e29ee3b5e093d14e8d98b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2269&slot=content&api=2.0&ref=fan-news.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:40 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 loader.bundle.js Show response
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/ Frame 60F0 564 KB
141 KB 30ms
29ms Script
text/javascript 2a02:6b8:20::215
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

17ee7fdbdfd653e9b37cb3ae78c9d89c40134f597661cdbd0f47fea68dd89e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://moevideo.biz/
Origin: https://moevideo.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:40 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 144051
x-nginx-request-id: b9361391e7c394b5
last-modified: Mon, 13 Dec 2021 20:28:58 GMT
server: nginx/1.17.9
etag: "53c17bfaf27c55ffdc459365e27537c6"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2051 11:45:13 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 60ms
59ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&values=ModuleLoaded&bundleName=AdLoader

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 1378267 Show response
an.yandex.ru/vmap/ Frame 60F0 2 KB
906 B 58ms
58ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=2851691639545101048&pcode-icookie=tRpttGU%2FlQzDEGc%2BZ%2FbkEaZmXCGCI0VhRfEgkkfeFs%2FTSOdeFQ3rmDTu7T363SpkcTuQlx0YqK9W3EtVictmhS35h10%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=dd06e1e78fee19a9f6d556e8e1254fd8f1189e782d6777ee47c34b2a450a558f&vsid=89a635335e309c516c1af8aae84a400461b48f80eb13xVASx3409x1639545100&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545101053&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a765fcd9bdd316036f5854f4587f9ac039724a212b76a19444e254802c9ca25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:41 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:41 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:41 GMT

GET
H3 200 openapi.js Show response
vk.com/js/api/ Frame CFBE 102 KB
23 KB 42ms
41ms Script
application/x-javascript 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv67-190-240-87.vk.com
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:41 GMT
content-encoding: br
x-frontend: front224007
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Sun, 19 Dec 2021 05:11:41 GMT

GET
H2 200 / Show response
login.vk.com/ Frame CFBE 27 B
550 B 47ms
46ms XHR
text/html 87.240.129.135
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv135-129-240-87.vk.com

Software

kittenx / KPHP/7.4.109628

Resource Hash

52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:41 GMT
content-encoding: gzip
server: kittenx
x-powered-by: KPHP/7.4.109628
strict-transport-security: max-age=15768000
access-control-allow-methods: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://ad.mail.ru
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=windows-1251
content-length: 41

GET
H2 200 1378267 Show response
an.yandex.ru/meta/ Frame 60F0 66 B
367 B 164ms
163ms XHR
text/xml 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456502864552193041&video-category-id=0&vsid=89a635335e309c516c1af8aae84a400461b48f80eb13xVASx3409x1639545100&client-timezone-offset=0&video-content-id=0&ad-session-id=2851691639545101048&pcode-icookie=tRpttGU%2FlQzDEGc%2BZ%2FbkEaZmXCGCI0VhRfEgkkfeFs%2FTSOdeFQ3rmDTu7T363SpkcTuQlx0YqK9W3EtVictmhS35h10%3D&pcode-test-ids=472915%2C0%2C2%3B462893%2C0%2C71%3B473409%2C0%2C69&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22ENABLE_INTERSECTION_OBSERVER_TRACK_VISIBILITY%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473409%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2269%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456502862761487377&enable-page-options=65536&rnd=0.20202169433294004&adsdk-bundle-version=473409&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11585&sid=dd06e1e78fee19a9f6d556e8e1254fd8f1189e782d6777ee47c34b2a450a558f&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545101117&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473409%2C0%2C69&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:41 GMT
content-encoding: gzip
last-modified: Wed, 15 Dec 2021 05:11:41 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id: 1639545101137909-713572452218027735100367-production-app-host-man-pcode-173
strict-transport-security: max-age=31536000
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:41 GMT

POST
H2 200 jstracer
jstracer.yandex.ru/ Frame 60F0 2 B
31 B 53ms
53ms Ping
application/json 2a02:6b8::90
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://jstracer.yandex.ru/jstracer?AdSDKJS=473409&fatal=NO_AD_SECTION

Requested by

Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473409/bundles-es2017/loader.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
timing-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 2
x-xss-protection: 1; mode=block

POST
H3 204 qoe
www.youtube.com/api/stats/ Frame 0903 0
19 B 15ms
15ms Ping
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=398&afmt=251&cpn=FxYX5nRbZP3eAt1B&el=embedded&ns=yt&fexp=23858058%2C23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24082662%2C24129402%2C24140279%2C24141079&cl=416163874&seq=3&event=streamingstats&docid=KY7AShchjxs&ei=A3m5YY2KI7yK6dsPw7ym6A8&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=1.106:0.661,1.302:0.726,2.052:1.436,10.001:9.385&vps=1.302:PL,10.001:PL&bwm=10.001:1621054:0.365&bwe=10.001:1396340&bat=10.001:1:1&bh=10.001:20.821&df=10.001:9

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:41 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
91 B 128ms
128ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:41 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545101830500-3619687837861916343-man1-1296-man-l7-balancer-8080-BAL-5536
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:41 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:41 GMT

GET
H/1.1 200
OK 389706 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 54ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/389706?pr=1499240&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:41 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
160 B 71ms
71ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:41 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id: 1639545101832038-4321923298143239478-man1-1296-man-l7-balancer-8080-BAL-3408
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:41 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:41 GMT

GET
H/1.1 200
OK 201579 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 51ms
51ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:41 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 75ms
74ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ffan-news.org%2F&request_id=2332092729&placement_id=1507&mimes=video%2Fmp4&placement=3&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK 197143 Show response
ad.mail.ru/vast/ Frame 60F0 61 B
414 B 54ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/197143?pr=7885936&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 getCode Show response
yandex.ru/ads/adfox/357578/ Frame 60F0 0
160 B 64ms
64ms XHR
text/plain 2a02:6b8:a::a
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/adfox/357578/getCode?p1=cqqef&p2=gxkz&puid1=

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:42 GMT
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox: {"default":true, "place_id":1206093, "code_type":"regular"}
x-yandex-req-id: 1639545102012316-14452066506872995025-man1-1296-man-l7-balancer-8080-BAL-9353
report-to: { "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://moevideo.biz
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
last-modified: Wed, 15 Dec 2021 05:11:42 GMT
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 15 Dec 2021 05:11:42 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 55ms
54ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=1372481&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=574630&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 726513 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 48ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/726513?dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 13 KB
2 KB 47ms
47ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3082283843446dd4d52d11d6142452abf506618de38bb831c2095b951c955cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2297
x-xss-protection: 0
google-lineitem-id: 5787806370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364017550
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
48ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=5742696&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 77ms
77ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=791009&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H3 200 videoplayback Show response
r5---sn-4g5e6nsk.googlevideo.com/ Frame 0903 335 KB
335 KB 8ms
7ms XHR
audio/webm 2a00:1450:4001:62::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566691&ei=A3m5YY2KI7yK6dsPw7ym6A8&ip=2a01%3A4f8%3Aa1%3A1a1%3A89%3A%3A1&id=o-AA36kCrgcpkk3ILkIOO-yaFmwJLLvWuEsPfCC284B1nX&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C26&mn=sn-4g5e6nsk%2Csn-5hnekn76&ms=au%2Conr&mv=m&mvi=5&pl=42&gcr=de&initcwndbps=793750&vprv=1&mime=audio%2Fwebm&ns=dr_dwAtFJDNbL7YRNKOEc30G&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544939&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=JvdOn1LHAEBLVw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgDEDxPO8XYOIJ5gfaZxEq4wqUJdRZfZ22qR6FAvhmAS8CIEZmgFKtDwnKElNtZyNwdenUGoXm3VIFHKbnx9HHmTes&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgTh4bt4PLIbIZsJFrbbkNn8G1RyfNJbnrYDn1QgqktEQCIQDyBDpj_2_r1dNQvjmMQQSqbOmps2MW-63MEB1rMAlW1w%3D%3D&alr=yes&cpn=FxYX5nRbZP3eAt1B&cver=1.20211210.00.01&range=473668-816777&rn=10&rbuf=19975

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

1b0549bd581fa02316405b6fe5a02ce2fda22059442c6ccd9cedcf0e7f6299a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:42 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343110
client-protocol: quic
last-modified: Sat, 13 Feb 2021 12:59:12 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21289
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Wed, 15 Dec 2021 05:11:42 GMT

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 60F0 27 B
438 B 77ms
76ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=2085159941&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H/1.1 200
OK vast Show response
stats.seedr.com/ Frame 60F0 837 B
1 KB 51ms
51ms XHR
text/xml 146.185.194.45
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.seedr.com/vast?gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Ffan-news.org%2F&sc=2453713131&pr=7857931
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS: host45.seedr.ru
Software: nginx /
Resource Hash: 8d168a82c17f5ad471ee732d6ee159c8cccfd07e80221d0d6068c4c4620794e7

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/xml; charset=utf-8
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H2 200 pl15526 Show response
ssp.bidvol.com/vast/ Frame 60F0 49 B
505 B 65ms
64ms XHR
text/xml 65.108.1.48
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Ffan-news.org%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.48.1.108.65.clients.your-server.de
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 15 Dec 2021 05:11:42 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: 9d6fd655-2d26-4eb2-9231-ce0d44d7b4e9
expires: 0

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 60F0 24 KB
3 KB 50ms
49ms XHR
text/xml 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

202f33b02ef6aeeb400674b986963f9c341f77ebaa294cfe4d0e7479b69e2ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 05:11:42 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3216
x-xss-protection: 0
google-lineitem-id: 5848710468,5831389590
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138373900739,138370852748
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 60F0 60 B
413 B 49ms
49ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=3585858&sc=2453713131&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2

204

myvideo-confirm-vast Show response
adx.com.ru/ Frame 60F0
Redirect Chain

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream
https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false

0
206 B

4ms
4ms

XHR
text/plain

188.34.131.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
Protocol: H2
Server: 188.34.131.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.134.131.34.188.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://moevideo.biz
date: Wed, 15 Dec 2021 05:11:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

date: Wed, 15 Dec 2021 05:11:42 GMT
server: nginx/1.20.1
access-control-allow-origin: https://moevideo.biz
p3p: CP="adx.com.ru does not have a P3P policy"
location: /myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97906d41e06b6d90deee0&vpaid=false
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 168

GET
H2 200 nr-vpaid.min.js Show response
cdn01.nativeroll.tv/js/ Frame 7166 13 KB
5 KB 8ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:42 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-3549"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:43:59+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:43:00 GMT

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 64ms
63ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=3&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=1142707127&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:42 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 nr-player.min.js
cdn01.nativeroll.tv/js/ Frame A097 538 KB
143 KB 10ms
10ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Wed, 15 Dec 2021 05:11:43 GMT
content-encoding: gzip
last-modified: Tue, 14 Dec 2021 15:42:32 GMT
server: nginx
etag: W/"61b8bb68-8683f"
vary: Accept-Encoding
x-cached-since: 2021-12-15T03:45:13+00:00
content-type: application/javascript; charset=utf-8
cache-control: max-age=7200
cache: HIT
expires: Tue, 14 Dec 2021 17:44:44 GMT

GET
H/1.1 200
OK erle.cgi
ad.adriver.ru/cgi-bin/ Frame 60F0 142 B
863 B 118ms
117ms XHR
text/xml 195.209.108.47
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=532445174&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.47 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 15 Dec 2021 05:11:43 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 analytics.js
www.google-analytics.com/ Frame A097 49 KB
0 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 637
date: Wed, 15 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 15 Dec 2021 07:01:06 GMT

GET
H2 200 nr-box.html
cdn01.nativeroll.tv/js/ Frame ADBA 0
0 8ms
8ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by: Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

server: nginx
date: Wed, 15 Dec 2021 05:11:43 GMT
content-type: text/html; charset=utf-8
last-modified: Fri, 10 Dec 2021 16:39:02 GMT
vary: Accept-Encoding
etag: W/"61b382a6-1b7e"
cache: HIT
x-cached-since: 2021-12-12T09:58:35+00:00
x-id: fr5-up-gc29
content-encoding: gzip

OPTIONS hosts.json
cdn02.nativeroll.tv/player/ Frame 0
0

GET hosts.json
cdn02.nativeroll.tv/player/ Frame A097 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nativeroll-sync.rutarget.ru
URL: https://nativeroll-sync.rutarget.ru/sync

Domain: cdn02.nativeroll.tv
URL: https://cdn02.nativeroll.tv/player/hosts.json

Domain: cdn02.nativeroll.tv
URL: https://cdn02.nativeroll.tv/player/hosts.json

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

118 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 23:27:11	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-19 23:27:11	Name: pcs3 Value: 1
fan-news.org/articles	1970-01-20 08:11:21	Name: seedr_cid Value: 7cc4866c-0da5-40c3-a1d8-18e023dcfb30
fan-news.org/	1978-01-11 21:31:40	Name: __utm Value: %7B%7D
fan-news.org/	1970-01-20 08:11:21	Name: __uid Value: cnv38d881bfeef401d8063f383d63e0a98c
fan-news.org/	1970-01-20 08:11:21	Name: __gender Value: -1
fan-news.org/	1970-01-20 08:11:21	Name: __age Value: j%3A%7B%22min%22%3A0%2C%22max%22%3A0%7D
fan-news.org/	1969-12-31 23:59:59	Name: connect.sid Value: s%3A91xvIiaaYPh3uIt-MLCbMGM9SuqOH-bK.PkGMZWTbngK6QWNPvdX4%2Fb7HsCwv0AqIs0j8hIjOb%2FQ
fan-news.org/	1970-01-19 23:27:11	Name: blocked Value: yes
.fan-news.org/	1970-01-20 08:11:21	Name: kdSspUid Value: 30e7209b-1586-4cf9-b58e-fbd205e04761
.uuidksinc.net/	1970-01-20 08:11:21	Name: jcsuuid Value: CDSfxWQNMmpubcnywfx7
.mail.ru/	1970-01-20 03:44:57	Name: i Value: AQACeblhAQC8EAUCAQA=
.mail.ru/	1970-01-20 16:56:57	Name: p Value: 4DgAAIT+4gAA
ferdarius.com/	1970-01-21 19:15:22	Name: userid Value: 480e747c-fb3a-48b5-bc51-9798c22dc93a
.yadro.ru/	1970-01-20 08:10:51	Name: FTID Value: 1XkNaG0-Dk8D1XkNaG002GfM
.betweendigital.com/	1970-01-20 08:11:21	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 08:11:21	Name: tuuid Value: 8f860aa6-d24d-515d-9829-db2df990a22f
.betweendigital.com/	1970-01-20 08:11:21	Name: ss Value: 1
.fan-news.org/	1970-01-20 08:11:21	Name: _ym_uid Value: 1639545091207091244
.fan-news.org/	1970-01-20 08:11:21	Name: _ym_d Value: 1639545091
.mc.yandex.com/	1970-01-19 23:25:45	Name: sync_cookie_csrf Value: 2096865181fake
.yadro.ru/	1970-01-20 08:10:51	Name: VID Value: 2POKIr1so3OD1XkNaG002Gkn
.mc.yandex.ru/	1970-01-19 23:25:45	Name: sync_cookie_csrf Value: 907101293fake
.ads.go2net.com.ua/	1970-01-20 16:56:57	Name: am-uid Value: 9f2c253ca5964f6a8f7c4abc15725ab1
.yandex.com/	1970-01-20 08:11:21	Name: yandexuid Value: 6347589201639545090
.yandex.com/	1970-01-20 08:11:21	Name: yuidss Value: 6347589201639545090
.mc.yandex.com/	1970-01-19 23:27:11	Name: sync_cookie_ok Value: synced
.fan-news.org/	1970-01-19 23:26:57	Name: _ym_isad Value: 2
.fan-news.org/	1970-01-20 08:47:21	Name: __gads Value: ID=ef6c8b4772dc2649-224344a206cd0044:T=1639545090:RT=1639545090:S=ALNI_Mbb_uWK6GepCKbBkhH4eGQDKtb85g
.mgid.com/	1970-01-25 20:31:23	Name: muidn Value: lbevoqqolfbl
.mgid.com/	1970-01-19 23:25:46	Name: __cf_bm Value: PmEC8n8iVbKbvOrFo6mJqwsumHmcUBMVR5OtT20flBg-1639545091-0-AZh7tV/1OWPESH9CGUWfQBI+i2Hsz6XFTD+ihIJuuLcXVt5E1js0bKwyC8X1sypWKhcWSWiZc28ToZYSwWRT/IY=
.yandex.ru/	1970-01-23 15:01:45	Name: yandexuid Value: 9541228611639545090
.fan-news.org/	1970-01-20 16:56:57	Name: _ga Value: GA1.2.927257816.1639545091
.fan-news.org/	1970-01-19 23:27:11	Name: _gid Value: GA1.2.1729201532.1639545091
.dmg.digitaltarget.ru/	1970-01-21 01:20:57	Name: viuserid Value: zWs-M85nBwgUf.c7p2Ks
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 870855421639545091
.yandex.com/	1970-01-23 15:01:45	Name: i Value: u3FbcPMTjhq9kmaBcEzvU4oLJGx1XQdvf3Qgo2RkKoayS62nHHzxYlc11b43E9KVvTERogsH3uMERZkBo1ue3UNsRfA=
.bidswitch.net/	1970-01-20 08:11:21	Name: tuuid Value: dbbd6555-fb08-4ee4-bea4-e89df86ff8b8
.bidswitch.net/	1970-01-20 08:11:21	Name: c Value: 1639545091
.bidswitch.net/	1970-01-20 08:11:21	Name: tuuid_lu Value: 1639545091
.yandex.com/	1970-01-20 08:11:21	Name: ymex Value: 1671081091.yrts.1639545091#1671081091.yrtsi.1639545091
.weborama.fr/	1970-01-20 08:57:25	Name: AFFICHE_W Value: Vdo7rUq@ZVRV71
.adsniper.ru/	1970-01-27 06:37:45	Name: uuid3 Value: IiQ3NzAzODQxNC01ZDY1LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.mookie1.com/	1970-01-20 08:54:33	Name: id Value: 10810539063100642173
.mookie1.com/	1970-01-20 08:54:33	Name: mdata Value: 1\|10810539063100642173\|1639545091154
.mookie1.com/	1970-01-20 08:54:33	Name: ov Value: 2db6c291d064b8b9fd52d1d4c09c408d
.lijit.com/	1970-01-20 08:11:21	Name: ljt_reader Value: e9118079f2925299312907f4
.adhigh.net/	1970-01-20 08:11:21	Name: gi_u Value: ugK7n8goqfJC.AikABlF9vIC0bg
sync.mgid.com/	1970-01-20 00:08:57	Name: mg_sync Value: {"117798":1639545091}
.fan-news.org/	1970-01-19 23:25:46	Name: _ym_visorc Value: w
.bumlam.com/	1970-01-27 06:37:45	Name: suuid3 Value: IiQ3NzAzODQxNC01ZDY1LTExZWMtYTZlOS0wMDI1OTBjODI0Mzc*
.adhigh.net/	1970-01-20 08:11:21	Name: bsw_sync Value: I9N
.adhigh.net/	1970-01-20 08:11:21	Name: btw_sync Value: I9N
.tapad.com/	1970-01-20 00:52:09	Name: TapAd_TS Value: 1639545091271
.tapad.com/	1970-01-20 00:52:09	Name: TapAd_DID Value: d7a67273-30e6-40ce-877d-9c8d1a258b31
.tapad.com/	1970-01-20 00:52:09	Name: TapAd_3WAY_SYNCS Value:
cstatic.weborama.fr/	1970-01-19 23:29:45	Name: _xttrk2_ids_sync Value: 1
cstatic.weborama.fr/	1970-01-19 23:29:45	Name: _xttrk2_ids Value: 1
cstatic.weborama.fr/	1970-01-19 23:29:45	Name: _xttrk2 Value: 1
cstatic.weborama.fr/	1970-01-19 23:29:45	Name: _xttrk2_mpub Value: 1
cstatic.weborama.fr/	1970-01-19 23:29:45	Name: _xttrk2_uk Value: 1
.mookie1.com/	1970-01-19 23:40:09	Name: syncdata_TAP Value: 1
.rlcdn.com/	1970-01-20 08:11:21	Name: rlas3 Value: qTVbsrlDf2x2mqOsadWZJvmgl6VN12SHzC2pLUEqI1M=
.rlcdn.com/	1970-01-20 00:52:09	Name: pxrc Value: CAA=
.doubleclick.net/	1970-01-20 08:47:21	Name: IDE Value: AHWqTUm17vbgvrJXknjUH2Bo2PDyRyg_ggIzbxErvlA6wSYz2uNEilKbS8Bgkw3x8jY
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: MI6EfUPOw24
.youtube.com/	1970-01-20 03:44:57	Name: VISITOR_INFO1_LIVE Value: BQBpMOwybTQ
.adnxs.com/	1970-01-20 01:35:21	Name: uuid2 Value: 6134647262890898040
.criteo.com/	1970-01-20 08:47:21	Name: uid Value: e11c5338-85dc-4f98-8a92-355343a1ce24
.weborama.com/	1970-01-20 08:57:25	Name: wui Value: A1A34AA2-7CDA-4710-A98F-F7FEDDA70EE5
.pubmatic.com/	1970-01-19 23:27:11	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 01:35:21	Name: KADUSERCOOKIE Value: E0DD18DC-8B9A-4E57-A393-AFDCE75363E2
.weborama.com/	1970-01-19 23:35:49	Name: wam-sync Value: ok
.agkn.com/	1970-01-20 08:11:21	Name: ab Value: 0001%3ASsfwj80g%2FqxxAI1b3zW2rXh%2B4iyspSGZ
.mookie1.com/	1970-01-19 23:40:09	Name: syncdata_NEU Value: 1
.aidata.io/	1970-01-20 16:56:57	Name: __upin Value: UGrjllhAae3OOpieqKhERQ
.aidata.io/	1970-01-20 16:56:57	Name: __upints Value: 1639545091
.amazon-adsystem.com/	1970-01-20 04:10:52	Name: ad-id Value: A6-tF9N4tECgutHrl7bEYL0
.amazon-adsystem.com/	1970-01-21 19:39:40	Name: ad-privacy Value: 0
.nativeroll.tv/	1970-01-20 08:11:21	Name: cid Value: 7cc4866c-0da5-40c3-a1d8-18e023dcfb30
.nativeroll.tv/	1970-01-19 23:25:52	Name: wdata[social_class] Value: 0
.nativeroll.tv/	1970-01-19 23:25:52	Name: wdata[age] Value: 0
.nativeroll.tv/	1970-01-19 23:25:52	Name: wdata[gender] Value: 0
.nativeroll.tv/	1970-01-19 23:25:52	Name: wdata[expire] Value: 1639552291
.nativeroll.tv/	1970-01-19 23:28:37	Name: nr[expire] Value: 1639717891
.mail.ru/	1970-01-20 08:12:47	Name: VID Value: 36DwpE2NJGI600000Y14H4I6:::0-0-0-6d3d1c3:CAASEJBKX852IwdEQO2ooqx8_NIaYAwgB090w5eaoJ6u4m5OuOuLx231o7L21NS0RCPtLdWHptdJTCrpo1LwR9BKqiGINQDsC8gqLXbwhuLMb-qhkD1Pg3mPSZu6Hx1pQRlhGErco3ASXCqR7S0_6-8uHTBbRw
.yandex.ru/	1970-01-23 15:01:45	Name: yuidss Value: 9541228611639545090
.sniperlog.ru/	1970-01-20 12:23:21	Name: guid Value: 4C7B8C63995BD716
.adriver.ru/	1970-01-20 16:56:57	Name: cid Value: AeaI5aCe9aBiaCIToxMfQiQ
.tns-counter.ru/	1970-01-20 08:11:21	Name: guid Value: 53F7682161B97904X1639545092
playreplay.me/	1970-01-20 08:11:21	Name: mvuid Value: 9c018f59d38f2ffbe47f
playreplay.me/	1969-12-31 23:59:59	Name: mvsid Value: 33fdc37a-3dad-4db5-843b-3b0de4c231e5
moevideo.biz/	1970-01-20 08:11:21	Name: mvuid Value: 9c018f59d38f2ffbe47f
moevideo.biz/	1969-12-31 23:59:59	Name: mvsid Value: 33fdc37a-3dad-4db5-843b-3b0de4c231e5
thesame.tv/	1970-01-20 08:11:21	Name: mvuid Value: 9c018f59d38f2ffbe47f
thesame.tv/	1969-12-31 23:59:59	Name: mvsid Value: 33fdc37a-3dad-4db5-843b-3b0de4c231e5
playreplay.net/	1970-01-20 08:11:21	Name: mvuid Value: 9c018f59d38f2ffbe47f
playreplay.net/	1969-12-31 23:59:59	Name: mvsid Value: 33fdc37a-3dad-4db5-843b-3b0de4c231e5
cs-0.moevideo.biz/	1970-01-20 08:11:21	Name: mvuid Value: 9c018f59d38f2ffbe47f
cs-0.moevideo.biz/	1969-12-31 23:59:59	Name: mvsid Value: 33fdc37a-3dad-4db5-843b-3b0de4c231e5
.adx.opera.com/	1970-01-20 00:08:57	Name: UID Value: c312c4acaa3b4b10878b0855181c5cc7
.upravel.com/	1970-01-19 23:25:45	Name: session_tptc Value: 1639545092930
.upravel.com/	1970-01-23 15:01:45	Name: user_id Value: 0d90fa67-da3e-40a8-b774-8ffd6fb95279
.betweendigital.com/	1970-01-20 08:11:21	Name: ut Value: Ybl5BAAOU_ihyl_TDTSif1ul29ru8sR1zBoiVA==
.mts.ru/	1970-01-20 07:58:23	Name: dspid Value: 2b6efaf1-bfab-4bb2-a0fb-c527ea462116
rtb.com.ru/	1970-01-20 08:11:21	Name: as-user Value: 61b97905a62fbd13aae57e89
.whiteboxdigital.ru/	1970-01-20 16:56:38	Name: MiId Value: 51f299a5-a10e-4957-bbe5-26da3b1cdf35
.an.yandex.ru/	1970-01-19 23:35:49	Name: yabs-vdrf Value: A0
.yandex.ru/	1970-01-20 16:56:57	Name: i Value: dIUwIzQD7uQl2+OKdrN/u8mT8IBlb9b71UXzETQTwRQrW5/CIbFxAMaYHSTZ949aOTlqC1FPnrCCWl+Ek/cr+jusSE8=
.rutarget.ru/	1970-01-20 03:44:57	Name: userId Value: sGGKq74mG-yj
.vk.com/	1970-01-20 08:20:07	Name: remixlang Value: 6
.vk.com/	1970-01-19 23:25:45	Name: remixlns Value: 9d6a7ab16fb8d69db1
.mts.ru/	1970-01-23 13:49:45	Name: mts_id Value: 3947c23b-c0e9-4ec9-acf0-3caa1e3da713
.mts.ru/	1970-01-23 13:49:45	Name: mts_id_last_sync Value: 1639545093
.yandex.ru/	1970-01-20 16:56:57	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-20 16:56:57	Name: is_gdpr_b Value: COXsVhDYVhgB
adx.com.ru/	1970-01-20 08:11:21	Name: yabbi-user Value: 61b97906d41e06b6d90deee0
ssp.bidvol.com/	1970-02-13 19:57:08	Name: bvuid Value: 79ck2ycgev

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545090&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545090699&bpp=2&bdt=434&idt=166&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6338030482093&frm=20&pv=2&ga_vid=1796420023.1639545091&ga_sid=1639545091&ga_hid=749043234&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063824%2C31063247&oid=2&pvsid=1603628987897109&pem=191&tmod=465&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=193 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://nativeroll-sync.rutarget.ru/sync Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d90fa67-da3e-40a8-b774-8ffd6fb95279.sync.upravel.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.adriver.ru
ad.mail.ru
ads.betweendigital.com
ads.go2net.com.ua
adservice.google.com
adservice.google.de
adx.com.ru
am-0.moevideo.biz
an.yandex.ru
ap.lijit.com
avatars.mds.yandex.net
cache.betweendigital.com
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
clientside-video-bidder.rutarget.ru
cm.g.doubleclick.net
counter.yadro.ru
cs-0.moevideo.biz
cstatic.weborama.fr
dm-eu.hybrid.ai
dmg.digitaltarget.ru
ds.frontend.weborama.fr
dx.frontend.weborama.com
eus.rubiconproject.com
exchange.buzzoola.com
fan-news.org
favicon.yandex.net
ferdarius.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.starhit-cdn.ru
i.ytimg.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
jstracer.yandex.ru
login.vk.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
nativeroll-sync.rutarget.ru
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.tapad.com
playreplay.me
playreplay.net
pubads.g.doubleclick.net
px.adhigh.net
r5---sn-4g5e6nsk.googlevideo.com
redirect.frontend.weborama.fr
rtb.com.ru
s.pubmine.com
s.uuidksinc.net
secure-assets.rubiconproject.com
secure.adnxs.com
sm.rtb.mts.ru
ssp.bidvol.com
static.doubleclick.net
stats.seedr.com
statsb.nativeroll.tv
sync.bumlam.com
sync.dmp.otm-r.com
sync.mgid.com
sync.upravel.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tech.rtb.mts.ru
thesame.tv
token.rubiconproject.com
tpc.googlesyndication.com
uuidksinc.net
vk.com
wam-google.solution.weborama.fr
wf.frontend.weborama.fr
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
yt3.ggpht.com
cdn02.nativeroll.tv
nativeroll-sync.rutarget.ru
104.109.78.125
104.19.135.78
138.201.65.66
142.250.184.226
142.250.185.226
142.250.186.66
144.76.138.28
146.0.227.107
146.185.194.45
148.251.237.106
151.236.71.19
168.119.9.59
18.168.102.56
18.185.209.98
185.15.175.157
185.180.43.83
185.33.220.244
188.34.131.134
193.232.150.70
195.209.108.47
198.47.127.19
2001:6d0:4001::226
213.87.44.187
216.52.2.30
217.66.147.161
23.111.200.117
23.79.143.124
2a00:1148:db00::17
2a00:1450:4001:62::a
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:813::2016
2a00:1450:4001:827::2001
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2001
2a00:1450:4001:830::2003
2a02:2638:1::13
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:41:2801::254
31.172.81.159
31.172.81.160
31.172.81.172
31.220.27.134
34.117.231.160
34.98.67.61
35.190.16.14
35.201.80.102
35.201.81.244
35.227.248.159
35.244.174.68
35.244.223.69
37.18.103.21
45.131.144.3
5.188.150.181
51.89.9.251
52.95.115.196
65.108.1.48
69.173.144.138
79.125.73.87
80.64.106.147
80.64.106.150
81.163.17.245
82.145.213.8
83.222.114.189
83.229.25.119
87.240.129.135
87.240.190.67
88.208.46.51
88.212.201.204
89.108.120.68
91.216.195.7
92.223.103.220
92.223.103.253
92.223.103.27
92.223.103.92
92.38.138.91
93.184.221.133
000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
032db54c9a5924f99963ef4d0b879103d8bf6552eea1c55323acd9f9cba44b17
034a35fc02a1b184c1de039c0e7432cd4f6db07b19ba1832d1a9a4c72cdd0430
056185e7c774a468e9fd7fc6c37bdf7a0dfe296e018ee3b9936b5c5ef5c2ba36
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d
09cc7c789fc0e84b57880c94210192e7521a0ad74e83269183d011e9cfa9166d
0a489aa606d06d0abd0937933855334c0514f88cc50c81ad818b8513fcc18f66
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0c8c9bf4d27683e3a521802108e1408830886af69bd6df88cae1d0819c0d5348
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f8c642ae1197089671162d94712b5faa270cd8a2e20f4ce9d2e6b9d19757fc6
10bcdfd96dff099d9a2919585d8eea69a35e1c5c02c614870e175b7b731625c9
11c4455b7f73e934202d6aecc347f1b84227a9a150bad36838816670844e0e01
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160fcf2a175ed7a3b23f5df798eed25f4e08655f2551de784a85dead75db1dd8
17ee7fdbdfd653e9b37cb3ae78c9d89c40134f597661cdbd0f47fea68dd89e0f
1809e45521e57c75debded67b84f99955d5c9bc5df14a5fde0bccb452153623b
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1b0549bd581fa02316405b6fe5a02ce2fda22059442c6ccd9cedcf0e7f6299a0
1b6b9187d22346509d129facf2abd1755b8aeb7d3945377009bfe34eeffd28ae
1ea7b195ecb7187dda4e10ea9f3e223d8bc6882eb5e49876c76b26a2252890fb
1f1c81343b04693d62b12837303556f9e1489606a8b297729d6c8966f057263f
202f33b02ef6aeeb400674b986963f9c341f77ebaa294cfe4d0e7479b69e2ef3
204d939114e2b883261a5e15dc10eedd1b4bb4f9f733262ec7b530a17fe2e29d
206120b52a81c4df25b6100d88c2d1a6ddaffa9073579a6387bdd99d1fb55062
210d9631f472e0decab2039d19bcd2175a9c2027ed39f17b574e10b2bb0a26eb
211a6699a8d64b4a378c224eda800e00b615dbb4fe3019410758b3d67fb0d3c2
22eadac7487541011261158bb290959aa9da6759add83e8f31f009593f239201
27917b05095f4092127f6f3380273b87cb4e0e967bd92f0a81993d6c20d947ef
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2
2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657
2e6558ef1e0629d90b0a67fabce47a690d39c776348c1b71eeb9a6acba7a0076
3082283843446dd4d52d11d6142452abf506618de38bb831c2095b951c955cdf
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5
35f312ae2ead5e6c91932929d5716c613529b1b98218763b1825984fbf510958
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37a9880ebe3c8eca7ba4a536931078484f03ab297eac1663e7bc415a6af4d840
37be1661b36dfdf2a068c96ff73bcdf99da77a4c9e7b0dc290d859dcb02695b9
395042195ec5d9206b93c7452687966e20f513b22f20422e081316ced3d58eac
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5
3c7c1e301e0665e699fa523e7309c4b2e945039fd065f4a97ba3d5bbdf38d74d
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89
3fd052db7e6a1f9cfb73351a7f4212c5d96b6a220ac32cb2aabad40bd6092fe7
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4066f4e21607b5df4f370f623b6f43d254b047e40e086e0f939797a04d81c86b
409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4460976afd7cf0a53dc9a99dc33f599e6cb7f04978085b7d26a0355fd9184d36
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd
51a5840767a28671be3dde2766a9d824e1e0608b17f5eca14e89bd7047e2f94a
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b7de86913eee22dbd06bea04727646aa8e1c81a8a99165bebe3b7627c25612
550c9da427a76b05374a263e56f08ea0db57d7fd44f33abea68182afe165233f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
595a3984a97bf87139e5b67ef1d404cc01351692e8dd6555f13f523949183631
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ef31bec403a6acd1f57177cef5661e5500cf4ea08f157d439a8c231e4f64785
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
64071a126337a5e705f06ebeff4bcfaf251e099f854cf52052e0528ce02e9a0d
64cc9facd55e2e0a70abb7ba6f744c1b12d53f8ab25895590066aa8b87f32565
66237e08a53ce9e6b3accf3080eb9b0c64a1f6e374cd052eb13b9d8086862a13
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69d1b4e635f8c320c345bef9e268beb8a82786fd810e8f58b112dbea43e774ed
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6d6fa4a725cc51ca8f18b629b25ca81dec5c6176e48d9ed4905adccfdd03f6a8
6d760debaa53e053954156da12851f5be92414911e09f0f9e2ecd1bc1e3bb86f
706832d53a59a4358f53f82220378b7d9d16c4e9593ce8a3ec7eda8b3f76652e
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71fe516b0f74aba31366366a4590ee0e41427c93dbe3731396127d68ab089b5d
7547c18297ea1591b609b335c3e7ae29f188a1747ff232945a6a1bc0a191d992
7844040e44ff7c369311b530d613e81876084030d7edacfb617952916113058f
79e52445208a3bfe13b1845db82b0c681c77773086587b614267a1069fed09a0
7b3fa74fbed97a5c5d4fd43f7dac33cb7efca29040f7d39e95effec2a9a847fb
7bfe46724e9124e987b776b635406a673650e8d381a15dfd7ddda6687fe77ada
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7dda59f2c016053c6a2a9b9ab3fb2850754df1b281f842ee494ad9e2b72927b7
81d7afa6d3e1befb42c63be3b184e3b6ccb3318df11dd9c90b42f208eb84b059
83daf6ef9147064f097d96a14558c36b9b22d8f0c2856ceb682dea21341408af
85da445e6055d61d84ea5d00d7c0a9173e3f6b4e0cb4bd4985c75749ff00e3e7
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2
8903986c927e122375ba7e0e972f366ae8c7104bf6f9fd4bccac2ada20949158
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
8ab27806cf860c39501b70850a96918c47bcbebe1079c997e24cccdb4cffb6a0
8bcb706aa91e56db54c103b5e4227f0f148741c1472774e2e89abf48087360bd
8d168a82c17f5ad471ee732d6ee159c8cccfd07e80221d0d6068c4c4620794e7
8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987
8e39d57de2d5b235614b9c6463262c8e0c39cb8394a10e4d0b65e999910d6391
8f1c5e3242d78ac44e8792e3bee668ff915c1091fe36252b9bfd0c126fb55d10
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fd337ed3ade9e1cddea43b483b2c0ce39916c02e151ca36c78e06a379cf064b
94c3cfae4f79aace426bc85ac8204aaa0e14fd7a6e883516dee4ca6eec3467f9
952629aa6960ece8666b344a4f77d805e05f25b44b9dbc8170978db766eee3db
997bf5e22353927681f54b08480a8330662745d04c0c9f3eb1c5a063b9ae888a
999347853aeb4af6a251e2fe53066a08e89981484902babf8f79c9cc389c1e1b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4c5b14afbccaddd87324faaf912335e01cbc78941c3325d732b1502db482f8
9a863770d715fd8ab94b073061378bd6ac8a762dc35dbad50aaae9ee6bf2abf1
9b2b134959336a02a45010b7e194b0f84e6edef749e29ee3b5e093d14e8d98b0
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cd7647a9642b5025254ccf7c62e6fb3ad01ed6e7384002900fcbc8f3ba97d7
a3ce49879d064ad5f44706721d775729f04a134dc9143d2e88347b8ef7e93fb9
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5277c6038ee71d8f15ae61339cf5a1020f58cda8958a93916399ff1cdfdfe1d
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a765fcd9bdd316036f5854f4587f9ac039724a212b76a19444e254802c9ca25a
a7b8f94292790d15d1c858dab0171831c0d538721290c6c5bd80d8f33bc7f3b4
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ac1000e81aaf6d3b8a81bc32622f106276903c23ba0313d3639e72943ad4b36b
b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e
b546bc7cab1df71d3cf4c78db089e44f39d9fba2861a3d680032542b16dc6aa3
b7726eef93f0f179f1042632c9b7b1314aba1d04d0631ce6afd41acc1ce64d86
b8bb413bd7708e72b67498ad0b6ff7a330fad539ab76ef642c86ad1d21e7f30e
bb59f8a61f1eee13ad5e74876af09c3803e8f8dfb792fd2cb588d97999c8c87c
bb8d7b950db8e1947fbf21a39beba854f76f5b7204252befb4a59ba03869fe49
bc5805ba88e4afd7f1148b576668299b12ec7a11217ef4fc7655d4d6c857f38e
beb2fff3d6f7c3698d6c642339319424205998e26096920e2b8da0c4d3f3a447
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375
c6c25c93d1a2f470a37ac3376616d2a610ba91d5b8509c1ba09138a6004fb195
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d050d98a9a5b900ad391de8acce6aa014ea652d0f1b1c5323d6c4c2aeab61c1a
d2baf309d6969f8c2a19d21d0fb37b3ee9f332dc767dc2211c1b30931dfb51f8
d34213fc823a3679227e89935c5e0993034ec2c79ec77a843e043ab284540fe2
d3b9fb528e972c2da29e2fdb6e8c9f57130d25c6c2e7fc2cac6a7a7ebd7a307f
d3f822dfec2bb91d46cca888ba5484001a31b3a2a5eae3515314236440e9780b
d481ab7c246a0445460e151775cb488d640481424c36cb45fab2e4bba9196514
d709510877e0031541be86a73031c01d6b500acb0362d06e0bf1de98ecba6ff0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d91937cd29812351a3a6944ec0cd3ecf9be5fd3774873a3084a8230df19ef33c
d9a5e1dc7acfff2811a2722d6bb137c56ee096cf8e614f8cbf2a07fcaa93df55
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
dc423d0a2f66930b23e480184826762ac710575f9c38f2046581f303173ef8cf
dd78a583ab2c11c98b2e276810da4906d5ed42c7045a890fb8f02d7d569c9127
de24c84ab713cc371f3462f1ec6b4089137a24f836fd3afd5d77464667d012ff
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956
e05b9c3028c418c16683af2968e3c68550431dc1f5bd2abaf6c3d7623ab42d34
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e1e9ec3d661766319fbe12fc5ffcf100a4e12cfe68bcb93e04592b6d6af1047b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9e6975086ca036bae4100a36dc18770ec7ff58051e8b9e956bc4940d145ac2a
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ecaf6f4324283109294c9e67f0ed910b5f51a3c12a1f2b305391ce6c8bff8a2f
ed59889d1e3334c0a0fe06fb704e0615e214e8401d53ab8d5701d504d73bd1b9
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef28bb2938c0a1d2b826edc2d166949da4555d3599c1dbca64fda8600f00b015
f021da5ea1f7c2ef8919e5cd1332918740f3b43d791e7f590f6df51c17cc6d3b
f07185032b100366a70c5b4453901e2b299ff2e1d717238004f6e92984c05414
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7
f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a
f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c
f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd
f9100d381307ccda0cd3ac9b205d7da809af81c6c00a2c40d9736f1aecb1a5b9
fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
fdc6d86d0f622c743657b3d3993ce5ab55bf206e8469ab838bdb81dca434c512

fan-news.org Open in urlscan Pro 45.131.144.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

376 Requests

89 %HTTPS

30 %IPv6

66 Domains

99 Subdomains

73 IPs

12 Countries

8743 kBTransfer

18365 kBSize

118 Cookies

3 Outgoing links

Redirected requests

376 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 18 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fan-news.org Open in urlscan Pro
45.131.144.3 Public Scan

Screenshot
Live screenshot

Full Image

376
Requests

89 %
HTTPS

30 %
IPv6

66
Domains

99
Subdomains

73
IPs

12
Countries

8743 kB
Transfer

18365 kB
Size

118
Cookies

376 HTTP transactions
18 data transactions