urlscan.io logo urlscan.io
SecurityTrails logo

fan-news.org Open in urlscan Pro
45.131.144.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv3...
Submission: On December 15 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 12 countries across 66 domains to perform 363 HTTP transactions. The main IP is 45.131.144.3, located in Bucharest, Romania and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is fan-news.org.
TLS certificate: Issued by R3 on December 3rd 2021. Valid for: 3 months.
This is the only time fan-news.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 45.131.144.3 39572 (ADVANCEDH...)
6 2a00:1450:400... 15169 (GOOGLE)
2 12 2a02:6b8:20::215 208722 (YNDX)
13 2a02:6b8:a::a 208722 (YNDX)
31 2a00:1148:db0... 47764 (MAILRU-AS...)
12 92.223.103.116 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
5 88.208.46.51 39572 (ADVANCEDH...)
1 2a02:6b8::16b 208722 (YNDX)
3 25 2a02:6b8::1:119 208722 (YNDX)
16 2a03:90c0:41:... 199524 (GCORE)
4 2a00:1450:400... 15169 (GOOGLE)
33 2a02:6b8::90 208722 (YNDX)
1 2 88.212.201.216 39134 (UNITEDNET)
3 9 88.212.252.22 7979 (SERVERS-COM)
1 4 31.220.27.134 39572 (ADVANCEDH...)
3 11 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 146.0.227.107 20773 (GODADDY)
1 2 104.19.133.78 13335 (CLOUDFLAR...)
1 2 185.15.175.144 43226 (SAFEDATA ...)
1 151.236.71.82 204720 (CDNETWORKS)
6 6 3.127.120.47 16509 (AMAZON-02)
2 2 3.120.83.159 16509 (AMAZON-02)
2 3 194.190.76.38 48061 (UMA-TECH-AS)
2 2 216.52.2.48 29791 (VOXEL-DOT...)
5 6 31.172.81.159 44066 (DE-FIRSTC...)
2 3 31.172.81.160 44066 (DE-FIRSTC...)
6 2a00:1450:400... 15169 (GOOGLE)
3 93.184.221.133 15133 (EDGECAST)
1 2 35.244.223.69 15169 (GOOGLE)
4 2a02:6b8::184 208722 (YNDX)
4 2a02:6b8::36 208722 (YNDX)
3 185.180.43.83 50340 (SELECTEL-MSK)
23 2a00:1450:400... 15169 (GOOGLE)
1 1 157.90.157.235 24940 (HETZNER-AS)
1 2a02:6b8::5:114 208722 (YNDX)
2 2 89.108.120.68 197695 (AS-REG)
2 2 216.58.212.130 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 92.223.103.63 199524 (GCORE)
1 5.188.150.92 199524 (GCORE)
6 83.229.25.249 199524 (GCORE)
1 92.223.103.214 199524 (GCORE)
1 34.117.231.160 15169 (GOOGLE)
1 1 35.190.16.14 15169 (GOOGLE)
3 185.137.232.40 50340 (SELECTEL-MSK)
2 8 195.209.108.35 52007 (ADRIVER-AS)
8 2a00:1450:400... 15169 (GOOGLE)
1 1 195.54.48.25 12516 (WEBORAMA ...)
4 35.201.81.244 15169 (GOOGLE)
2 2 37.252.172.250 29990 (ASN-APPNEX)
2 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 35.244.174.68 15169 (GOOGLE)
1 3 35.201.80.102 15169 (GOOGLE)
1 2 35.227.248.159 15169 (GOOGLE)
1 2 54.239.38.253 16509 (AMAZON-02)
2 2 198.47.127.19 62713 (AS-PUBMATIC)
15 2a00:1450:400... 15169 (GOOGLE)
1 1 23.79.143.124 16625 (AKAMAI-AS)
2 104.109.78.125 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
10 92.223.103.253 199524 (GCORE)
1 5.135.97.203 16276 (OVH)
1 51.38.120.206 16276 (OVH)
1 82.145.213.8 39832 (NO-OPERA)
6 83.229.25.165 199524 (GCORE)
2 2a00:1450:400... 15169 (GOOGLE)
3 87.240.190.78 47541 (VKONTAKTE...)
3 87.240.129.135 47541 (VKONTAKTE...)
1 1 80.64.106.147 20764 (RASCOM-AS...)
1 37.18.103.16 205675 (HYBRID-AS)
1 1 81.163.17.245 49505 (SELECTEL)
1 1 168.119.9.59 24940 (HETZNER-AS)
2 2 148.251.78.49 24940 (HETZNER-AS)
1 1 148.251.129.43 24940 (HETZNER-AS)
2 2 217.66.147.162 29209 (SPBMTS-AS...)
1 1 213.87.44.187 13174 (MTSNET Mo...)
1 148.251.4.142 24940 (HETZNER-AS)
1 83.222.114.188 42632 (MNOGOBYTE...)
2 3 142.250.184.194 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 80.64.106.148 20764 (RASCOM-AS...)
2 146.185.194.45 50340 (SELECTEL-MSK)
2 65.108.1.47 24940 (HETZNER-AS)
2 4 188.34.131.132 24940 (HETZNER-AS)
363 71
22    45.131.144.3 (Bucharest, Romania)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
fan-news.org
i.starhit-cdn.ru
6    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yastatic.net
13    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
yandex.ru
31    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
ad.mail.ru
12    92.223.103.116 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f54.moevideo.net
moevideo.biz
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    88.208.46.51 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
ferdarius.com
1    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
matchid.adfox.yandex.ru
25    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
16    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
33    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
an.yandex.ru
jstracer.yandex.ru
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru
counter.yadro.ru
9    88.212.252.22 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
4    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
uuidksinc.net
11    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
5    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
partner.googleadservices.com
pubads.g.doubleclick.net
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    146.0.227.107 (Ascension Island)

ASN20773 (GODADDY, DE)
ads.go2net.com.ua
2    104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)
sync.mgid.com
2    185.15.175.144 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
1    151.236.71.82 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
6    3.127.120.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-120-47.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    3.120.83.159 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-83-159.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
3    194.190.76.38 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp10.sender.ltmse.com
px.adhigh.net
2    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
6    31.172.81.159 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
3    31.172.81.160 (Muehlheim am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync3.adsniper.ru
sync3.sniperlog.ru
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    93.184.221.133 (London, United Kingdom)

ASN15133 (EDGECAST, US)
cstatic.weborama.fr
2    35.244.223.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.223.244.35.bc.googleusercontent.com
wf.frontend.weborama.fr
4    2a02:6b8::184 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
avatars.mds.yandex.net
4    2a02:6b8::36 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
favicon.yandex.net
3    185.180.43.83 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host83.seedr.ru
statsb.nativeroll.tv
23    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    157.90.157.235 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.235.157.90.157.clients.your-server.de
bidswitch-eu.splicky.com
1    2a02:6b8::5:114 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
ysa-static.passport.yandex.ru
2    89.108.120.68 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru
x01.aidata.io
2    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
8    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    92.223.103.63 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f2.moevideo.net
playreplay.me
1    5.188.150.92 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
thesame.tv
6    83.229.25.249 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: fvm2.moevideo.net
cs-0.moevideo.biz
1    92.223.103.214 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f56.moevideo.net
playreplay.net
1    34.117.231.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.231.117.34.bc.googleusercontent.com
ds.frontend.weborama.fr
1    35.190.16.14 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com
redirect.frontend.weborama.fr
3    185.137.232.40 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host40.seedr.ru
statsa.nativeroll.tv
8    195.209.108.35 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
ad.adriver.ru
8    2a00:1450:4001:62::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr5---sn-4g5e6nsk.googlevideo.com
1    195.54.48.25 (France)

ASN12516 (WEBORAMA Weborama provides Internet Services, FR)
PTR: aub-collect-lb-c03-01-vip.weborama.fr
wam-google.solution.weborama.fr
4    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
2    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    35.201.80.102 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com
dx.frontend.weborama.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    54.239.38.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
15    2a00:1450:4001:803::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (TNSMSK-, RU)
www.tns-counter.ru
10    92.223.103.253 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f36.moevideo.net
moe.video
1    5.135.97.203 (France)

ASN16276 (OVH, FR)
dispatcher.adxcore.com
1    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
6    83.229.25.165 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: fvm19.moevideo.net
am-0.moevideo.biz
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
3    87.240.129.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-129-240-87.vk.com
login.vk.com
1    80.64.106.147 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru
moevideo-sync.rutarget.ru
1    37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)
dm-eu.hybrid.ai
1    81.163.17.245 (Russian Federation)

ASN49505 (SELECTEL, RU)
mitdmp.whiteboxdigital.ru
1    168.119.9.59 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de
exchange.buzzoola.com
2    148.251.78.49 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow
sync.upravel.com
1    148.251.129.43 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-23.community.moscow
358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com
2    217.66.147.162 (St Petersburg, Russian Federation)

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-162-147-66-217.spbmts.ru
sm.rtb.mts.ru
1    213.87.44.187 (Moscow, Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
1    148.251.4.142 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.142.4.251.148.clients.your-server.de
sync.dmp.otm-r.com
1    83.222.114.188 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)
rtb.com.ru
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googleadservices.com
6    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    80.64.106.148 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru
clientside-video-bidder.rutarget.ru
2    146.185.194.45 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host45.seedr.ru
stats.seedr.com
2    65.108.1.47 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.47.1.108.65.clients.your-server.de
ssp.bidvol.com
4    188.34.131.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.132.131.34.188.clients.your-server.de
adx.com.ru
Apex Domain
Subdomains		 Transfer
52 yandex.ru
yandex.ru
matchid.adfox.yandex.ru
mc.yandex.ru
an.yandex.ru
ysa-static.passport.yandex.ru
jstracer.yandex.ru
416 KB
31 mail.ru
ad.mail.ru
569 KB
24 moevideo.biz
moevideo.biz
cs-0.moevideo.biz
am-0.moevideo.biz
596 KB
23 youtube.com
www.youtube.com
813 KB
21 yandex.com
mc.yandex.com
5 KB
21 nativeroll.tv
cdn01.nativeroll.tv
cdn02.nativeroll.tv
statsb.nativeroll.tv
statsa.nativeroll.tv
465 KB
21 fan-news.org
fan-news.org
373 KB
17 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
static.doubleclick.net
pubads.g.doubleclick.net
23 KB
15 ytimg.com
i.ytimg.com
635 KB
12 weborama.fr
cstatic.weborama.fr
wf.frontend.weborama.fr
ds.frontend.weborama.fr
redirect.frontend.weborama.fr
wam-google.solution.weborama.fr
idsync.frontend.weborama.fr
12 KB
12 yastatic.net
yastatic.net
643 KB
10 moe.video
moe.video
63 KB
10 betweendigital.com
ads.betweendigital.com
cache.betweendigital.com
7 KB
9 google.com
adservice.google.com
www.google.com
15 KB
8 googlevideo.com
rr5---sn-4g5e6nsk.googlevideo.com
958 KB
8 adriver.ru
ad.adriver.ru
6 KB
8 yandex.net
avatars.mds.yandex.net
favicon.yandex.net
112 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
184 KB
7 google.de
adservice.google.de
www.google.de
2 KB
6 vk.com
vk.com
login.vk.com
70 KB
6 google-analytics.com
www.google-analytics.com
118 KB
6 bumlam.com
sync.bumlam.com
4 KB
6 bidswitch.net
x.bidswitch.net
3 KB
5 com.ru
rtb.com.ru
adx.com.ru
1 KB
5 rutarget.ru
nativeroll-sync.rutarget.ru Failed
moevideo-sync.rutarget.ru
clientside-video-bidder.rutarget.ru
2 KB
5 ferdarius.com
ferdarius.com
39 KB
4 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
11 KB
4 googleadservices.com
partner.googleadservices.com
www.googleadservices.com
16 KB
4 uuidksinc.net
s.uuidksinc.net
uuidksinc.net
3 KB
4 gstatic.com
fonts.gstatic.com
93 KB
3 mts.ru
sm.rtb.mts.ru
tech.rtb.mts.ru
2 KB
3 upravel.com
sync.upravel.com
358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com
2 KB
3 weborama.com
dx.frontend.weborama.com
478 B
3 adhigh.net
px.adhigh.net
1 KB
3 seedr.com
cdn01.seedr.com
stats.seedr.com
3 KB
2 bidvol.com
ssp.bidvol.com
1012 B
2 tns-counter.ru
www.tns-counter.ru
707 B
2 pubmatic.com
image6.pubmatic.com
537 B
2 amazon-adsystem.com
aax-eu.amazon-adsystem.com
2 KB
2 tapad.com
pixel.tapad.com
872 B
2 criteo.com
gum.criteo.com
740 B
2 adnxs.com
secure.adnxs.com
2 KB
2 aidata.io
x01.aidata.io
1 KB
2 adsniper.ru
sync3.adsniper.ru
1 KB
2 lijit.com
ap.lijit.com
1 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 digitaltarget.ru
dmg.digitaltarget.ru
1 KB
2 mgid.com
sync.mgid.com
1 KB
2 yadro.ru
counter.yadro.ru
2 KB
1 otm-r.com
sync.dmp.otm-r.com
69 B
1 buzzoola.com
exchange.buzzoola.com
176 B
1 whiteboxdigital.ru
mitdmp.whiteboxdigital.ru
759 B
1 hybrid.ai
dm-eu.hybrid.ai
239 B
1 opera.com
t.adx.opera.com
410 B
1 onetag-sys.com
onetag-sys.com
814 B
1 adxcore.com
dispatcher.adxcore.com
260 B
1 rlcdn.com
idsync.rlcdn.com
417 B
1 playreplay.net
playreplay.net
332 B
1 thesame.tv
thesame.tv
332 B
1 playreplay.me
playreplay.me
332 B
1 ggpht.com
yt3.ggpht.com
4 KB
1 sniperlog.ru
sync3.sniperlog.ru
516 B
1 splicky.com
bidswitch-eu.splicky.com
221 B
1 go2net.com.ua
ads.go2net.com.ua
480 B
1 googleapis.com
fonts.googleapis.com
1 KB
1 starhit-cdn.ru
i.starhit-cdn.ru
606 KB
363 66
Domain Requested by
31 ad.mail.ru fan-news.org
moevideo.biz
ad.mail.ru
23 www.youtube.com moevideo.biz
www.youtube.com
fan-news.org
21 mc.yandex.com 2 redirects fan-news.org
mc.yandex.ru
21 fan-news.org fan-news.org
17 jstracer.yandex.ru an.yandex.ru
yastatic.net
16 an.yandex.ru yastatic.net
uuidksinc.net
fan-news.org
moevideo.biz
15 i.ytimg.com fan-news.org
13 yandex.ru fan-news.org
yastatic.net
moevideo.biz
12 moevideo.biz fan-news.org
moevideo.biz
12 yastatic.net 2 redirects yastatic.net
an.yandex.ru
fan-news.org
10 moe.video moevideo.biz
10 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
www.youtube.com
www.googleadservices.com
9 ads.betweendigital.com 3 redirects fan-news.org
9 cdn01.nativeroll.tv fan-news.org
cdn01.nativeroll.tv
moevideo.biz
8 rr5---sn-4g5e6nsk.googlevideo.com www.youtube.com
8 ad.adriver.ru 2 redirects fan-news.org
moevideo.biz
8 www.google.com 2 redirects www.youtube.com
tpc.googlesyndication.com
6 www.google.de
6 am-0.moevideo.biz moevideo.biz
6 cs-0.moevideo.biz moevideo.biz
6 cdn02.nativeroll.tv cdn01.nativeroll.tv
6 www.google-analytics.com cdn01.nativeroll.tv
moevideo.biz
6 sync.bumlam.com 5 redirects
6 x.bidswitch.net 6 redirects
6 pagead2.googlesyndication.com fan-news.org
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 ferdarius.com fan-news.org
ferdarius.com
4 adx.com.ru 2 redirects
4 pubads.g.doubleclick.net moevideo.biz
4 clientside-video-bidder.rutarget.ru moevideo.biz
4 idsync.frontend.weborama.fr fan-news.org
4 favicon.yandex.net fan-news.org
4 avatars.mds.yandex.net fan-news.org
4 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
4 mc.yandex.ru 1 redirects fan-news.org
yastatic.net
3 www.googleadservices.com 2 redirects yastatic.net
3 login.vk.com vk.com
3 vk.com ad.mail.ru
3 dx.frontend.weborama.com 1 redirects fan-news.org
3 statsa.nativeroll.tv fan-news.org
cdn01.nativeroll.tv
3 statsb.nativeroll.tv cdn01.nativeroll.tv
3 cstatic.weborama.fr cdn01.nativeroll.tv
cstatic.weborama.fr
3 px.adhigh.net 2 redirects
2 ssp.bidvol.com moevideo.biz
2 stats.seedr.com moevideo.biz
2 sm.rtb.mts.ru 2 redirects
2 sync.upravel.com 2 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.tns-counter.ru 1 redirects fan-news.org
2 eus.rubiconproject.com cache.betweendigital.com
eus.rubiconproject.com
2 image6.pubmatic.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects fan-news.org
2 pixel.tapad.com 1 redirects fan-news.org
2 gum.criteo.com 2 redirects
2 secure.adnxs.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 x01.aidata.io 2 redirects
2 wf.frontend.weborama.fr 1 redirects fan-news.org
2 sync3.adsniper.ru 2 redirects
2 ap.lijit.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 dmg.digitaltarget.ru 1 redirects uuidksinc.net
2 sync.mgid.com 1 redirects uuidksinc.net
2 uuidksinc.net fan-news.org
ferdarius.com
2 s.uuidksinc.net 1 redirects uuidksinc.net
2 counter.yadro.ru 1 redirects fan-news.org
1 rtb.com.ru
1 sync.dmp.otm-r.com
1 tech.rtb.mts.ru 1 redirects
1 358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com 1 redirects
1 exchange.buzzoola.com 1 redirects
1 mitdmp.whiteboxdigital.ru 1 redirects
1 dm-eu.hybrid.ai
1 moevideo-sync.rutarget.ru 1 redirects
1 t.adx.opera.com fan-news.org
1 onetag-sys.com cache.betweendigital.com
1 dispatcher.adxcore.com fan-news.org
1 token.rubiconproject.com eus.rubiconproject.com
1 secure-assets.rubiconproject.com 1 redirects
1 idsync.rlcdn.com fan-news.org
1 wam-google.solution.weborama.fr 1 redirects
1 redirect.frontend.weborama.fr 1 redirects
1 ds.frontend.weborama.fr cstatic.weborama.fr
1 playreplay.net moevideo.biz
1 thesame.tv moevideo.biz
1 playreplay.me moevideo.biz
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 sync3.sniperlog.ru fan-news.org
1 ysa-static.passport.yandex.ru fan-news.org
1 bidswitch-eu.splicky.com 1 redirects
1 cache.betweendigital.com ads.betweendigital.com
1 ads.go2net.com.ua 1 redirects
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn01.seedr.com cdn01.nativeroll.tv
1 matchid.adfox.yandex.ru yastatic.net
1 fonts.googleapis.com fan-news.org
1 i.starhit-cdn.ru fan-news.org
0 nativeroll-sync.rutarget.ru Failed fan-news.org
363 100

This site contains links to these domains. Also see Links.

Domain
pro-match.ru
www.liveinternet.ru
Subject Issuer Validity Valid
mi7.ru
R3		 2021-12-03 -
2022-03-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2021-10-15 -
2022-11-15		 a year crt.sh
i.starhit-cdn.ru
R3		 2021-12-13 -
2022-03-13		 3 months crt.sh
*.moevideo.biz
AlphaSSL CA - SHA256 - G2		 2021-04-27 -
2022-05-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
ferdarius.com
R3		 2021-12-04 -
2022-03-04		 3 months crt.sh
matchid.adfox.yandex.ru
Yandex CA		 2021-08-26 -
2022-02-18		 6 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
cdn01.nativeroll.tv
R3		 2021-12-09 -
2022-03-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
cdn01.seedr.com
R3		 2021-12-09 -
2022-03-09		 3 months crt.sh
uuidksinc.net
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2019-11-08 -
2022-02-05		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-21 -
2022-10-22		 a year crt.sh
cdn02.nativeroll.tv
R3		 2021-12-09 -
2022-03-09		 3 months crt.sh
avatars.mds.yandex.net
Yandex CA		 2021-08-31 -
2022-03-01		 6 months crt.sh
favicon.yandex.net
Yandex CA		 2021-11-23 -
2022-04-24		 5 months crt.sh
statsb.nativeroll.tv
R3		 2021-12-14 -
2022-03-14		 3 months crt.sh
ysa-static.passport.yandex.net
Yandex CA		 2021-08-21 -
2022-02-19		 6 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.playreplay.me
AlphaSSL CA - SHA256 - G2		 2021-02-11 -
2022-03-15		 a year crt.sh
*.thesame.tv
AlphaSSL CA - SHA256 - G2		 2021-06-09 -
2022-07-11		 a year crt.sh
*.playreplay.net
AlphaSSL CA - SHA256 - G2		 2021-10-08 -
2022-11-09		 a year crt.sh
*.frontend.weborama.fr
Go Daddy Secure Certificate Authority - G2		 2021-02-20 -
2022-03-24		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-11-09 -
2022-01-18		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.moe.video
AlphaSSL CA - SHA256 - G2		 2021-01-15 -
2022-02-16		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
jstracer.yandex.ru
Yandex CA		 2021-11-17 -
2022-05-18		 6 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
ltmse.com
R3		 2021-10-12 -
2022-01-10		 3 months crt.sh
*.bumlam.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.adriver.ru
RapidSSL RSA CA 2018		 2020-04-03 -
2022-04-24		 2 years crt.sh
sync.dmp.otm-r.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-18 -
2022-06-18		 a year crt.sh
rtb.com.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-03-01 -
2022-03-07		 a year crt.sh
*.frontend.weborama.com
Go Daddy Secure Certificate Authority - G2		 2021-08-28 -
2022-09-29		 a year crt.sh
yandex.ru
Yandex CA		 2021-08-30 -
2022-02-28		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-08 -
2022-01-31		 3 months crt.sh
*.rutarget.ru
Thawte RSA CA 2018		 2021-05-17 -
2022-06-17		 a year crt.sh
stats.seedr.ru
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
ssp.bidvol.com
R3		 2021-11-29 -
2022-02-27		 3 months crt.sh
statsa.nativeroll.tv
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh

This page contains 35 frames:

Primary Page: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Frame ID: E0D007B762BBA803F55334A4FE3E0F9D
Requests: 89 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: BD73072EFA0914BD3D05F4342A3ED685
Requests: 1 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Frame ID: 94866B5C941C4876B29B6D768C72C2EC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545091&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545091457&bpp=2&bdt=607&idt=129&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8703021771065&frm=20&pv=2&ga_vid=960052110.1639545092&ga_sid=1639545092&ga_hid=143451539&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31063824&oid=2&pvsid=2738548432678028&pem=784&tmod=122&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Frame ID: BE8CC4A2054383F447EF4F148F1C7B82
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 1112A5C6182FCF5EF4C929D0CD1BD7EB
Requests: 17 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a3bbee4d-add9-515d-ab97-c305ca2eba06&CACHEBUSTER=694003
Frame ID: BC0319DD6C6FCE50F5D0A9F10CF0D6E1
Requests: 7 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Ffan-news.org
Frame ID: 4B0E61BB8A21924307E61774AAB9E782
Requests: 1 HTTP requests in this frame

Frame: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091849
Frame ID: 9D55A79590DCF29A14069DDE7E4AA09A
Requests: 11 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BB9B3CDB5A0BD0A000CAFA5B8F09DB45
Requests: 23 HTTP requests in this frame

Frame: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Frame ID: 4BC3C4138D565A7488B6222035178C4A
Requests: 52 HTTP requests in this frame

Frame: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Frame ID: 161E50AD7D1869BF3EC8DC7289DBB967
Requests: 126 HTTP requests in this frame

Frame: https://uuidksinc.net/matchx
Frame ID: A972337C11D14C05F2342E59190E85E4
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 1A47A0A523632216C7B614E89D2C64B8
Requests: 3 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 40D1AE4285F542D8BF873FBC46101489
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: E5880AB19F9834B7F03076C59D06156A
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: C19EBEA038E0F318BFE7A7771EA9EEB7
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: ACA4278C71687BD117969883A3A61759
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 4348F5B286936A5119FEE63DB0C009A7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 817756CDE3FC2AAA7454B740D17A7495
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 562CAEF1F9307234764B96C20BC07EF7
Requests: 2 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 600DC174F6649A3F50A17D470FC9AF44
Requests: 1 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: FC5784643FF35359F558BDA38416880C
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: 31210DE6F956F251E168CD2965D07A7D
Requests: 4 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: 0AFA336C6B139523D74B173FE052AD26
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 89D71C1DE78602F43BA36E644FDB24BA
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 6F2D2DFC6DB560C2ED54D45C5E80DBC4
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 2283198161EA42D8E9EFB8A87FE383D2
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: DBF82D301CA4CC88AC0B996A14EEED95
Requests: 3 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Frame ID: 4250277896A72B370E8480B032E633BF
Requests: 2 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-player.min.js
Frame ID: FBB2D9556A3F2EF6CD9EF6B687DF4A98
Requests: 4 HTTP requests in this frame

Frame: https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: 25ADFD9974B4F1F3B9AFD53D403BBEC5
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 410D209A7BD31AF54743C410C9101FD6
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: D094BA7797A6D776D8460848970AEC45
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 3E94EC65F22ADDDA09100994C708A801
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: 0079660C8B54A007A2FE860F7D871BB7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Chat Asuransi Warisan Vanessa Angel ke Doddy Sudrajat Wow Banget

Page Statistics

363
Requests

88 %
HTTPS

29 %
IPv6

66
Domains

100
Subdomains

71
IPs

12
Countries

6862 kB
Transfer

16045 kB
Size

115
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
  • https://yandex.ru/ads/system/header-bidding.js
Request Chain 8
  • https://yastatic.net/pcode/adfox/loader.js HTTP 302
  • https://yandex.ru/ads/system/context.js
Request Chain 28
  • https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.7861955384492061 HTTP 302
  • https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.7861955384492061
Request Chain 29
  • https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204 HTTP 302
  • https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204&crf=1
Request Chain 30
  • https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Ffan-news.org%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://fan-news.org/setuid?wNEf3rk9TljlPxmTT5Ve
Request Chain 40
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9488.3re3Cw8jvp0cMtqZfSI4l4IAhYL8vC4GsnsoOiXAqEgDx85G2XKox1diCtnLF924.bxIHhtsFpUunsmFu7aYoHQQX7L0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9488.k4uRWoqvGrOZ2Yo3izxwLYpE_eOj9hDeyfUD6Rwl2nplqTATGE3SydhMfJsTUVtohiTegcBvo8g7-M0hM87HZ_V5HPRnLteyX50hb2f8nOw%2C.5lULq6p4bBmr-ILubHbcw_YddWc%2C
Request Chain 58
  • https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1 HTTP 302
  • https://s.uuidksinc.net/match/760/eeb0ffc89dd246b18a7780616458ba5d
Request Chain 59
  • https://sync.mgid.com/m?cdsp=117798&c=wNEf3rk9TljlPxmTT5Ve HTTP 307
  • https://sync.mgid.com/m?c=wNEf3rk9TljlPxmTT5Ve&cdsp=117798&sct=1
Request Chain 60
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966 HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966
Request Chain 62
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=259e5769-954e-43c3-ab9a-4cf47dc96486&ssp=between&expires=30&user_group=5&bsw_param=d822dd89-4f41-4367-9091-00e7081ede64 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Request Chain 63
  • https://px.adhigh.net/p/cm/btw HTTP 302
  • https://px.adhigh.net/p/cm/btw?bounced=1 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=sUO5OVS7D8a.AikABlF9vIC3Cw
Request Chain 64
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=168bd05b7e9cdad96bf115cb
Request Chain 65
  • https://sync.bumlam.com/?src=bw1&uid=a3bbee4d-add9-515d-ab97-c305ca2eba06 HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiD8uWNBlIFvp7KygpiJGEzYmJlZTRkLWFkZDktNTE1ZC1hYjk3LWMzMDVjYTJlYmEwNg** HTTP 302
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiD8uWNBlIFvp7KygpiJGEzYmJlZTRkLWFkZDktNTE1ZC1hYjk3LWMzMDVjYTJlYmEwNqIBEHdyCnRdZRHshuAAJZDAZHw* HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiD8uWNBmIkYTNiYmVlNGQtYWRkOS01MTVkLWFiOTctYzMwNWNhMmViYTA2ogEQd3IKdF1lEeyG4AAlkMBkfA** HTTP 302
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiD8uWNBmIkYTNiYmVlNGQtYWRkOS01MTVkLWFiOTctYzMwNWNhMmViYTA2ogEQd3IKdF1lEeyG4AAlkMBkfA** HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77720a74-5d65-11ec-86e0-002590c0647c
Request Chain 77
  • https://mc.yandex.com/watch/72623899?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A951352560%3Arqn%3A1%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090717%3Ads%3A16%2C43%2C71%2C31%2C0%2C0%2C%2C547%2C5%2C%2C%2C%2C680%3Adsn%3A17%2C43%2C70%2C31%2C0%2C0%2C%2C519%2C4%2C%2C%2C%2C681%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A951352560%3Arqn%3A1%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090717%3Ads%3A16%2C43%2C71%2C31%2C0%2C0%2C%2C547%2C5%2C%2C%2C%2C680%3Adsn%3A17%2C43%2C70%2C31%2C0%2C0%2C%2C519%2C4%2C%2C%2C%2C681%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 80
  • https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091849 HTTP 302
  • https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091849&bounce=1&random=280608328
Request Chain 109
  • https://x.bidswitch.net/sync?ssp=between HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=d822dd89-4f41-4367-9091-00e7081ede64 HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Request Chain 117
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77720a74-5d65-11ec-86e0-002590c0647c HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77720a74-5d65-11ec-86e0-002590c0647c&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=xogXTyhMYY7RKpG%2Bi1FyjQ& HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata HTTP 302
  • https://sync3.sniperlog.ru/?src=ggl&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata&google_gid=CAESEAuTqWKRhiNiRxZLAbQCGvg&google_cver=1
Request Chain 118
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 135
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsa.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D921942 HTTP 302
  • https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=/AovCZACRVTZS1q.qnh/z.&gt=0&rand=921942
Request Chain 137
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=921942 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=921942&tuid=-4373600123 HTTP 302
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=921942&ip=78.47.208.26
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm HTTP 302
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1 HTTP 301
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESENxnIh7552q2IQanvHM4A74&google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1
Request Chain 148
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6269504899612408533
Request Chain 149
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
  • https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=qOfGILtFWMoStL-yeJ0bKfjrTOxoVnlw
Request Chain 151
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP HTTP 302
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP&bounce=1&random=1863087322
Request Chain 152
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=D-BEd0jHScgP HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=D-BEd0jHScgP
Request Chain 153
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg&dcc=t
Request Chain 154
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22B03005-D560-45F8-80E3-40AF7869A030
Request Chain 160
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 165
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003
Request Chain 170
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a3bbee4d-add9-515d-ab97-c305ca2eba06&expires=60 HTTP 302
  • https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=d822dd89-4f41-4367-9091-00e7081ede64
Request Chain 172
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fa3bbee4d-add9-515d-ab97-c305ca2eba06 HTTP 302
  • https://an.yandex.ru/mapuid/betweendigitalis/a3bbee4d-add9-515d-ab97-c305ca2eba06
Request Chain 216
  • https://moevideo-sync.rutarget.ru/sync HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=1&b=_vmTu6YacuIt
Request Chain 220
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=a469f20e149d42966a5f&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Request Chain 222
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=25b4d4df-678d-4712-6a54-d81e49224379
Request Chain 223
  • https://sync.upravel.com/moevideo/sync HTTP 302
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=358a588b-464b-4e7f-a226-d40d6f6a7d36
Request Chain 224
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=a469f20e149d42966a5f HTTP 301
  • https://sm.rtb.mts.ru/match/second?ssp=22&exu=a469f20e149d42966a5f HTTP 301
  • https://tech.rtb.mts.ru/?dsp_uid=5c29537c-d22c-4f64-a3aa-8585350feca6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FXClTfNIsT2SjqoWFNQ_spg%3Fsign%3D2819976877 HTTP 302
  • https://an.yandex.ru/setud/mts_banner/XClTfNIsT2SjqoWFNQ_spg?sign=2819976877
Request Chain 227
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=a3bbee4d-add9-515d-ab97-c305ca2eba06
Request Chain 234
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Bnm5YY-eDYr3gAf-wQY&random=2121359468&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730&ipr=y
Request Chain 235
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Bnm5Yf-dDbGXx_APuumsyAw&random=2137496933&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867&ipr=y
Request Chain 273
  • https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
  • https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
Request Chain 328
  • https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
  • https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false

363 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551
fan-news.org/articles/ 		48 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bc93edd2cb2d5181620a31ef3bd1345630cc00ca7141c525f944a99c50e23df6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:30 GMT
content-type
text/html; charset=utf-8
content-length
48703
x-request-id
91e3ae661ee6423aa564866dbcde5b8c
etag
W/"be3f-OC2YoW5eWsB35dZp/OEjHlDmACE"
showcase.js
fan-news.org/js/ 		186 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/js/showcase.js?v=1639545090821
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
160fcf2a175ed7a3b23f5df798eed25f4e08655f2551de784a85dead75db1dd8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"2e782-17db87a611f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000, public
x-request-id
0de0f7f107ce478aad2a9f4f4997face
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazysizes.min.js
fan-news.org/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/js/lazysizes.min.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"1e5c-17db87a611f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000, public
x-request-id
47b8fd871ccc45adb22d0a9bb7c0b72c
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.js
fan-news.org/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/js/jquery.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"1538f-17db87a611f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000, public
x-request-id
9a05319b3539452d92da9fa801e8c605
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.sticky-kit.js
fan-news.org/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/js/jquery.sticky-kit.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b546bc7cab1df71d3cf4c78db089e44f39d9fba2861a3d680032542b16dc6aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"1a4a-17db87a611f"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000, public
x-request-id
bd161549614a41149cf79934d6e5b85c
expires
Thu, 31 Dec 2037 23:55:55 GMT
pql79m.js
fan-news.org/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/pql79m.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d709510877e0031541be86a73031c01d6b500acb0362d06e0bf1de98ecba6ff0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 14:54:04 GMT
server
nginx
etag
W/"61b8b00c-6a2c"
vary
Accept-Encoding
content-type
application/javascript
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
105d9d6dcbc861321114a772c452d3bea34e11f36438ccf34a4809e1da99fb13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51869
x-xss-protection
0
server
cafe
etag
14423155198114405068
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:11:31 GMT
mi7-desktop.css
fan-news.org/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bb8d7b950db8e1947fbf21a39beba854f76f5b7204252befb4a59ba03869fe49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:30 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"81fb-17db87a60fb"
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
max-age=315360000, public
x-request-id
7170fcad35b144bba503df471af1f898
expires
Thu, 31 Dec 2037 23:55:55 GMT
header-bidding.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/header-bidding.js
  • https://yandex.ru/ads/system/header-bidding.js
167 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
69798929e16c23c3b1bb734aac5e1776261b2e598ba58a9680badbdb93d625b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1639545091148773-2803318892793149537-man1-5087-56a-man-l7-balancer-8080-BAL-1380
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 15 Dec 2021 06:11:31 GMT

Redirect headers

date
Wed, 15 Dec 2021 05:11:30 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/header-bidding.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
context.js
yandex.ru/ads/system/
Redirect Chain
  • https://yastatic.net/pcode/adfox/loader.js
  • https://yandex.ru/ads/system/context.js
309 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
778393862ede6f480167afadf67d9e7c89b00590d6ee5ad87355888173fa904f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1639545091149140-17107722132502411003-man1-5087-56a-man-l7-balancer-8080-BAL-8311
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 15 Dec 2021 06:11:31 GMT

Redirect headers

date
Wed, 15 Dec 2021 05:11:30 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server
nginx/1.17.9
location
https://yandex.ru/ads/system/context.js
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin
*
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
content-length
0
i4284.gif
ad.mail.ru/ 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/i4284.gif
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Type
image/gif
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Cache-Control
max-age=21600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 15 Dec 2021 11:11:31 GMT
61b8b24c3bcc1142ba2bff12.jpg
i.starhit-cdn.ru/steady/61/b8/b2/rect/ 		605 KB
606 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.starhit-cdn.ru/steady/61/b8/b2/rect/61b8b24c3bcc1142ba2bff12.jpg
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2e6558ef1e0629d90b0a67fabce47a690d39c776348c1b71eeb9a6acba7a0076

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Tue, 14 Dec 2021 15:03:50 GMT
server
nginx
etag
"61b8b256-97384"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=86400, public, must-revalidate
accept-ranges
bytes
content-length
619396
expires
Thu, 16 Dec 2021 05:11:31 GMT
mvpt.min.js
moevideo.biz/embed/js/ 		176 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/js/mvpt.min.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
0f8c642ae1197089671162d94712b5faa270cd8a2e20f4ce9d2e6b9d19757fc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
Last-Modified
Sat, 11 Dec 2021 12:52:01 GMT
Server
nginx
X-My-Name
s11
ETag
W/"61b49ef1-2be42"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.094
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Requested by
Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 15 Dec 2021 03:35:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 15 Dec 2021 05:11:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Dec 2021 05:11:31 GMT
59wca.js
ferdarius.com/ 		81 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ferdarius.com/59wca.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
54b7de86913eee22dbd06bea04727646aa8e1c81a8a99165bebe3b7627c25612

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
getcookie
matchid.adfox.yandex.ru/ 		88 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2aa63ef1d1540548945d42fc2148b3fb610b8c5e9b2c99b9a1ad42ae54a897d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://fan-news.org
date
Wed, 15 Dec 2021 05:11:31 GMT
access-control-allow-credentials
true
timing-allow-origin
*
content-length
88
x-content-type-options
nosniff
content-type
application/json
682f592c3abbcba421dd.js
yastatic.net/partner-code-bundles/50852/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50852/682f592c3abbcba421dd.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4460976afd7cf0a53dc9a99dc33f599e6cb7f04978085b7d26a0355fd9184d36
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://fan-news.org/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4454
last-modified
Tue, 14 Dec 2021 15:14:03 GMT
server
nginx/1.17.9
etag
"a7e1089d44faf51162fdacdd50171903"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:04 GMT
168b05a0425a2a96fb17.js
yastatic.net/partner-code-bundles/50852/ 		80 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50852/168b05a0425a2a96fb17.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
79e52445208a3bfe13b1845db82b0c681c77773086587b614267a1069fed09a0
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://fan-news.org/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17077
last-modified
Tue, 14 Dec 2021 15:14:03 GMT
server
nginx/1.17.9
etag
"ec64a1d1f7c612c9b3884ff74002d0b0"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:04 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://fan-news.org/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:47:26 GMT
e70987c1b74ca24060d4.js
yastatic.net/partner-code-bundles/50852/ 		615 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/50852/e70987c1b74ca24060d4.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0a489aa606d06d0abd0937933855334c0514f88cc50c81ad818b8513fcc18f66
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://fan-news.org/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
127758
last-modified
Tue, 14 Dec 2021 15:14:03 GMT
server
nginx/1.17.9
etag
"67369f06d58fad659ab9f1ac3deec285"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:43:17 GMT
watch.js
mc.yandex.ru/metrika/ 		134 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 15:27:53 GMT
etag
"61b88dc9-bcf4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48372
expires
Wed, 15 Dec 2021 06:11:31 GMT
seedr-player.min.js
cdn01.nativeroll.tv/js/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/seedr-player.min.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6d6fa4a725cc51ca8f18b629b25ca81dec5c6176e48d9ed4905adccfdd03f6a8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-5e3a"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:44:00+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:43:32 GMT
3c2bd673e29a0238530c05ff0f19c3f6.svg
fan-news.org/img/sportnews/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fan-news.org/img/sportnews/3c2bd673e29a0238530c05ff0f19c3f6.svg
Requested by
Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
c6c25c93d1a2f470a37ac3376616d2a610ba91d5b8509c1ba09138a6004fb195

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/css/mi7-desktop.css?v=1639545090821
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"44b-17db87a6117"
content-type
image/svg+xml
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
1099
x-request-id
1f566a7230964de489453e4780153ae6
expires
Thu, 31 Dec 2037 23:55:55 GMT
Raleway-Bold.woff
fan-news.org/font/ 		71 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/font/Raleway-Bold.woff
Requested by
Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
f07185032b100366a70c5b4453901e2b299ff2e1d717238004f6e92984c05414

Request headers

Referer
https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"11b10-17db87a610f"
content-type
font/woff
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
72464
x-request-id
242eebfa394d4909809c9cf113cae5d9
expires
Thu, 31 Dec 2037 23:55:55 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v27/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 13:30:03 GMT
x-content-type-options
nosniff
age
402088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24756
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 13:30:03 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 10 Dec 2021 13:52:02 GMT
x-content-type-options
nosniff
age
400769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 10 Dec 2022 13:52:02 GMT
Raleway-Regular.woff
fan-news.org/font/ 		70 KB
71 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/font/Raleway-Regular.woff
Requested by
Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
69d1b4e635f8c320c345bef9e268beb8a82786fd810e8f58b112dbea43e774ed

Request headers

Referer
https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"117d8-17db87a6113"
content-type
font/woff
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
71640
x-request-id
dcec87cce1b34412a73eab322c991712
expires
Thu, 31 Dec 2037 23:55:55 GMT
v2
an.yandex.ru/adfox/392060/getBulk/ 		129 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/adfox/392060/getBulk/v2?dl=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&date=2021-12-15T05%3A11%3A31.375%2B00%3A00&pd=15&pdh=1200&pdw=1600&pr1=1662872595&pr=2672930132&prr=&pv=5&pw=3&extid_loader=&extid_tag_loader=fan-news.org&ylv=0.50852&ybv=0.50852&ytt=371634935695381&is-turbo=0&skip-token=&ad-session-id=9890991639545091346&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22w%22%3A1198%2C%22h%22%3A0%2C%22width%22%3A1198%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22left%22%3A51%2C%22top%22%3A648%2C%22fontFamily%22%3A%22roboto%22%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=50852&availableWidth=1198&availableHeight=0&pp=btko&ps=ffhv&p2=y&partner-stat-id=111194&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&pcode-test-ids=463847%2C0%2C71%3B462893%2C0%2C90%3B464715%2C0%2C6%3B472983%2C0%2C2%3B452125%2C0%2C72%3B466517%2C0%2C46%3B462727%2C0%2C99%3B472749%2C0%2C0%3B471057%2C0%2C39%3B457305%2C0%2C73%3B471829%2C0%2C74%3B464000%2C0%2C91%3B473174%2C0%2C35%3B457999%2C0%2C97%3B437233%2C0%2C-1%3B464934%2C0%2C69&pcode-flags-map=%7B%22ENABLE_CODECS_WHITELIST%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429059%22%7D%5D%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22429073%22%7D%5D%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%220.000001%22%2C%22testId%22%3A%22429074%22%7D%5D%2C%22VOLUME_BUTTON_ANIMATION%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429077%22%7D%5D%2C%22UNIFORMAT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22429079%22%7D%5D%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%5B%7B%22value%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22testId%22%3A%22432722%22%7D%5D%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441341%22%7D%5D%2C%22ENABLE_VP9_CODECS%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22441791%22%7D%5D%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22445424%22%7D%5D%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%5B%7B%22value%22%3A%22ENABLE%22%2C%22testId%22%3A%22462855%22%7D%5D%2C%22VAS_STABLE_VERSION%22%3A%5B%7B%22value%22%3A%22472631%22%2C%22testId%22%3A%22472859%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22473613%22%7D%5D%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%5B%7B%22value%22%3A%221%22%2C%22testId%22%3A%22473626%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_ON_CLICK%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22427330%22%7D%5D%2C%22UNILOADER_FOR_AMP%22%3A%5B%7B%22value%22%3Atrue%2C%22testId%22%3A%22428390%22%7D%5D%2C%22USE_SSR_IN_AMP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22428390%22%7D%5D%2C%22FULL_SSR_PERCENT_LOG_META%22%3A%5B%7B%22value%22%3A0.0001%2C%22testId%22%3A%22462576%22%7D%5D%2C%22DEFAULT_SSR_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22zen%22%2C%22zen2%22%2C%22zen2-gallery%22%2C%22billboard%22%2C%22horizontal%22%2C%22horizontal0318%22%2C%22adaptiveConstructor%22%2C%22modernAdaptive%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22smart_tile%22%5D%2C%22testId%22%3A%22462576%22%7D%5D%2C%22RTB_BANNER_FLAGS%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22462576%22%7D%5D%2C%22HBVER%22%3A%5B%7B%22value%22%3A42153%2C%22testId%22%3A%22462576%22%7D%5D%2C%22ADFOX_MRC_VISIBILITY_BY_OWNER%22%3A%5B%7B%22value%22%3A%5B168627%2C259055%2C258881%2C354188%2C239538%2C235076%2C264443%2C202100%2C354188%2C309667%2C270901%5D%2C%22testId%22%3A%22443574%22%7D%5D%2C%22AD_SEEN_OBSERVER%22%3A%5B%7B%22value%22%3A%22enable%22%2C%22testId%22%3A%22436297%22%7D%5D%2C%22FIXED_FORMAT_RENDER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22436894%22%7D%5D%2C%22FIX_MIN_HEIGHT_NTP%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22445391%22%7D%5D%2C%22FIX_SDK_LAYOUT_CONFIG%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22445453%22%7D%5D%2C%22POSTER_PRICE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22448272%22%7D%5D%2C%22PRICE_DISABLED_FORMATS%22%3A%5B%7B%22value%22%3A%5B%22posterVertical%22%2C%22posterHorizontal%22%2C%22posterCarousel%22%2C%22adaptiveCarousel%22%2C%22adaptiveConstructor%22%2C%22horizontalSD%22%5D%2C%22testId%22%3A%22448272%22%7D%5D%2C%22ZEN2_REDESIGN_21_Q3_STEP_3%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452293%22%7D%5D%2C%22LOAD_NEW_MEDIA%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22461626%22%7D%5D%2C%22DISABLE_ETAG%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22468484%22%7D%5D%2C%22CAROUSEL_LAZY_LOAD_IMAGE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22470857%22%7D%5D%2C%22PREACT_RTB_INLINE%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22472957%22%7D%5D%2C%22REQUEST_VMAP_FROM_YANDEX_RU%22%3A%5B%7B%22value%22%3A%22TRUE%22%2C%22testId%22%3A%22463847%22%7D%5D%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%5B%7B%22value%22%3A%22CONTROL%22%2C%22testId%22%3A%22462893%22%7D%5D%2C%22VAS_USUAL_EVENTS_DEFAULT_SAMPLING_RATIO%22%3A%5B%7B%22value%22%3A%220.01%22%2C%22testId%22%3A%22464715%22%7D%5D%2C%22ADSDKVER%22%3A%5B%7B%22value%22%3A%22472983%22%2C%22testId%22%3A%22472983%22%7D%5D%2C%22MULTIBANNER%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22452125%22%7D%5D%2C%22DISABLE_SMALL_IMAGES%22%3A%5B%7B%22value%22%3A1%2C%22testId%22%3A%22466517%22%7D%5D%2C%22USE_TOP_ANCESTOR%22%3A%5B%7B%22value%22%3Afalse%2C%22testId%22%3A%22462727%22%7D%5D%2C%22CONSTRUCTOR_COMMON_KEBAB%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22472749%22%7D%5D%2C%22COMBO_SSR_ON_POGODA%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471057%22%7D%5D%2C%22SMART_BANNER_LOGO_REDESIGN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22457305%22%7D%5D%2C%22MOTION_NEW_FULLSCREEN%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22471829%22%7D%5D%2C%22LEADERBOARD_HORIZONTAL_SD%22%3A%5B%7B%22value%22%3A%22ctl%22%2C%22testId%22%3A%22464000%22%7D%5D%2C%22ADAPTIVE_ENABLE_DOMAIN%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22473174%22%7D%5D%2C%22ADAPTIVE_SQUARE_CONSTRUCTOR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22473174%22%7D%5D%2C%22ENABLE_SSR_ADFOX_WIDGET%22%3A%5B%7B%22value%22%3A%22ctrl%22%2C%22testId%22%3A%22457999%22%7D%5D%2C%22CONTAIN_IMAGE_SSR%22%3A%5B%7B%22value%22%3A%22exp%22%2C%22testId%22%3A%22437233%22%7D%5D%7D&use-server-side-rendering=1&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90%0AposterVertical%0AposterHorizontal%0AadaptiveConstructor%0AhorizontalSD%0Afullscreen%0Afullscreen_grid%0AposterVertical%0AposterHorizontal%0AposterCarousel%0AadaptiveCarousel%0AadaptiveConstructor%0AhorizontalSD&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=cS2Sm8BKfyLMmkhumfDno8gwO%2Fogqaxw%2BhCUvcR%2BBrlGNiRD7J8ygsNuYA%2Fbtfe5Z5ensgRPGbOl9g%2Bnl8rXH2mi7zo%3D&grab-orig-len=228&grab=dENoYXQgQXN1cmFuc2kgV2FyaXNhbiBWYW5lc3NhIEFuZ2VsIGtlIERvZGR5IFN1ZHJhamF0IFdvdyBCYW5nZXQKMU1pNyAKMk5ld3MgCjPQntCx0YDQsNGC0LjRgtC1INCy0L3QuNC80LDQvdC40LUg0L3QsCDRjdGC0Lgg0YPQtNC40LLQuNGC0LXQu9GM0L3Ri9C1INC80LDRgtC10YDQuNCw0LvRiyAK&tga-with-creatives=1
Requested by
Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6099bf317209d67b060994cfbd3b1e392ee0b5a7a52a886266155dae488dd1fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
ssr
true
x-yandex-req-id
1639545091503199-1696707588152699202800363-production-app-host-man-pcode-115
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type
Direct
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Wed, 15 Dec 2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:11:31 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383...
  • https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f3...
445 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.7861955384492061
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host216.rax.ru
Software
nginx/1.17.9 /
Resource Hash
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
445
Expires
Mon, 14 Dec 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t38.6;r;s1600*1200*24;uhttps%3A//fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D;hChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget;0.7861955384492061
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Mon, 14 Dec 2020 21:00:00 GMT
sspmatch-js
ads.betweendigital.com/
Redirect Chain
  • https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204
  • https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204&crf=1
882 B
980 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204&crf=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
1346c7268c5cbe1e50a12ce3ee6ce4d1a4b7b3075c8f7fba86d572ff11ffd5c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
882
content-type
text/javascript

Redirect headers

location
/sspmatch-js?p=43945&randsalt=5918387204&crf=1
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
fan-news.org/
Redirect Chain
  • https://s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Ffan-news.org%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
  • https://fan-news.org/setuid?wNEf3rk9TljlPxmTT5Ve
74 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fan-news.org/setuid?wNEf3rk9TljlPxmTT5Ve
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
content-length
74
content-type
image/png

Redirect headers

location
https://fan-news.org/setuid?wNEf3rk9TljlPxmTT5Ve
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx/1.19.0
content-length
0
advert.js
cdn01.seedr.com/js/ 		24 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.seedr.com/js/advert.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Mon, 26 Jul 2021 15:37:20 GMT
server
nginx
etag
"60fed6b0-18"
x-cached-since
2021-12-15T03:45:45+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
accept-ranges
bytes
content-length
24
expires
Wed, 24 Nov 2021 19:01:22 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 		276 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
101734
x-xss-protection
0
server
cafe
etag
4507154694380913909
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:11:31 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame BD73 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 14 Dec 2021 18:36:45 GMT
expires
Tue, 28 Dec 2021 18:36:45 GMT
content-type
text/html; charset=UTF-8
etag
17731914101004188133
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4884
x-xss-protection
0
age
38086
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
47xrt
ferdarius.com/ 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ferdarius.com/47xrt
Requested by
Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4bf84780e7b54634bd426db0f12d0d62ca66b9ede8a8bac3b6ef1ca2533b9f7e

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
https://fan-news.org
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
matchx
uuidksinc.net/ Frame 9486 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

server
nginx/1.19.0
date
Wed, 15 Dec 2021 05:11:31 GMT
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip
tag.js
mc.yandex.ru/metrika/ 		194 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 15:27:53 GMT
etag
"61b88dc9-107fa"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
67578
expires
Wed, 15 Dec 2021 06:11:31 GMT
event
ferdarius.com/add/ 		0
683 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ferdarius.com/add/event
Requested by
Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://fan-news.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
event
ferdarius.com/add/ 		0
683 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ferdarius.com/add/event
Requested by
Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://fan-news.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
event
ferdarius.com/add/ 		0
683 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ferdarius.com/add/event
Requested by
Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.208.46.51 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
PROPFIND, PROPPATCH, COPY, MOVE, DELETE, MKCOL, LOCK, UNLOCK, PUT, GETLIB, VERSION-CONTROL, CHECKIN, CHECKOUT, UNCHECKOUT, REPORT, UPDATE, CANCELUPLOAD, HEAD, OPTIONS, GET, POST
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://fan-news.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Overwrite, Destination, Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9488.3re3Cw8jvp0cMtqZfSI4l4IAhYL8vC4GsnsoOiXAqEgDx85G2XKox1diCtnLF924.bxIHhtsFpUunsmFu7aYoHQQX7L0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9488.k4uRWoqvGrOZ2Yo3izxwLYpE_eOj9hDeyfUD6Rwl2nplqTATGE3SydhMfJsTUVtohiTegcBvo8g7-M0hM87HZ_V5HPRnLteyX50hb2f8nOw%2C.5lULq6p4bBmr-ILubHbcw_YddWc%2C
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9488.k4uRWoqvGrOZ2Yo3izxwLYpE_eOj9hDeyfUD6Rwl2nplqTATGE3SydhMfJsTUVtohiTegcBvo8g7-M0hM87HZ_V5HPRnLteyX50hb2f8nOw%2C.5lULq6p4bBmr-ILubHbcw_YddWc%2C
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9488.k4uRWoqvGrOZ2Yo3izxwLYpE_eOj9hDeyfUD6Rwl2nplqTATGE3SydhMfJsTUVtohiTegcBvo8g7-M0hM87HZ_V5HPRnLteyX50hb2f8nOw%2C.5lULq6p4bBmr-ILubHbcw_YddWc%2C
date
Wed, 15 Dec 2021 05:11:31 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ 		216 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=fan-news.org&callback=_gfp_s_&client=ca-pub-5907212464215949
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6e40482f7aea001283f3d3b01bda3e9cbc71954c8ce59059f91652ff6ae3436c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fan-news.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fan-news.org
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BE8C 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545091&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545091457&bpp=2&bdt=607&idt=129&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8703021771065&frm=20&pv=2&ga_vid=960052110.1639545092&ga_sid=1639545092&ga_hid=143451539&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31063824&oid=2&pvsid=2738548432678028&pem=784&tmod=122&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Wed, 15 Dec 2021 05:11:31 GMT
server
cafe
content-length
46
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321120&showTeaserName=0&imgX=100&imgY=100&gdpr=0&gdprConsent=&limit=4&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321121&showTeaserName=0&imgX=325&imgY=325&gdpr=0&gdprConsent=&limit=2&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321122&showTeaserName=0&imgX=216&imgY=180&gdpr=0&gdprConsent=&limit=2&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321124&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321125&showTeaserName=0&imgX=275&imgY=184&gdpr=0&gdprConsent=&limit=4&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321126&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321127&showTeaserName=0&imgX=275&imgY=184&gdpr=0&gdprConsent=&limit=4&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321128&showTeaserName=0&imgX=376&imgY=376&gdpr=0&gdprConsent=&limit=3&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
get_data
fan-news.org/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/get_data?v=default&page=https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D&domain=fan-news.org&blockID=321129&showTeaserName=0&imgX=250&imgY=250&gdpr=0&gdprConsent=&limit=9&sspUid=3c1b50e8-7cc7-4eae-b3d2-b160593d7909&format=json&pageCatID=122&titleMaxLen=110
Requested by
Host: fan-news.org
URL: https://fan-news.org/pql79m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-headers
X-Requested-With, Cache-Control, Content-Type, X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods
GET, POST, OPTIONS, GET, POST, OPTIONS
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Mon, 13 Dec 2021 15:31:55 GMT
etag
"61b73d3b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 15 Dec 2021 06:11:31 GMT
Raleway-SemiBold.woff
fan-news.org/font/ 		71 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fan-news.org/font/Raleway-SemiBold.woff
Requested by
Host: fan-news.org
URL: https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.131.144.3 Bucharest, Romania, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
8fd337ed3ade9e1cddea43b483b2c0ce39916c02e151ca36c78e06a379cf064b

Request headers

Referer
https://fan-news.org/css/mi7-desktop.css?v=1639545090821
Origin
https://fan-news.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Tue, 14 Dec 2021 10:26:07 GMT
server
nginx
etag
W/"11ba4-17db87a6113"
content-type
font/woff
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
72612
x-request-id
9f1fa6beaa454322a27e71a435a96b44
expires
Thu, 31 Dec 2037 23:55:55 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 1112 		538 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/seedr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-8683f"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:45:16+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:45:00 GMT
wNEf3rk9TljlPxmTT5Ve
an.yandex.ru/mapuid/kadamis/ Frame 9486 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/kadamis/wNEf3rk9TljlPxmTT5Ve
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:31 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:31 GMT
eeb0ffc89dd246b18a7780616458ba5d
s.uuidksinc.net/match/760/ Frame 9486
Redirect Chain
  • https://ads.go2net.com.ua/adxcm.aspx?ssp=cf718592-a39d-4545-9d43-d632e2426981&redir=1
  • https://s.uuidksinc.net/match/760/eeb0ffc89dd246b18a7780616458ba5d
74 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/760/eeb0ffc89dd246b18a7780616458ba5d
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol
H2
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png

Redirect headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx
Access-Control-Allow-Origin
*
P3p
CP="NID DSP ALL COR"
Location
https://s.uuidksinc.net/match/760/eeb0ffc89dd246b18a7780616458ba5d
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
m
sync.mgid.com/ Frame 9486
Redirect Chain
  • https://sync.mgid.com/m?cdsp=117798&c=wNEf3rk9TljlPxmTT5Ve
  • https://sync.mgid.com/m?c=wNEf3rk9TljlPxmTT5Ve&cdsp=117798&sct=1
43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mgid.com/m?c=wNEf3rk9TljlPxmTT5Ve&cdsp=117798&sct=1
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol
H3
Server
104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6bdd2bf82fee4a73-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location
https://sync.mgid.com/m?c=wNEf3rk9TljlPxmTT5Ve&cdsp=117798&sct=1
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6bdd2bf75ce26983-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
i
dmg.digitaltarget.ru/awg/custom/6573/i/ Frame 9486
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6573/i/i?a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966
  • https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966
49 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966
Requested by
Host: uuidksinc.net
URL: https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
185.15.175.144 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://uuidksinc.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
3
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://dmg.digitaltarget.ru/awg/custom/6573/i/i?call_source=awg&a=662&e=wNEf3rk9TljlPxmTT5Ve&i=0.22917612109828966
X-XSS-Protection
1; mode=block
X-Permitted-Cross-Domain-Policies
master-only
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
86400
Connection
keep-alive
Request-Time
1
Content-Length
0
X-Content-Type-Options
nosniff
bidder_18.html
cache.betweendigital.com/code/ Frame BC03 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a3bbee4d-add9-515d-ab97-c305ca2eba06&CACHEBUSTER=694003
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43945&randsalt=5918387204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.71.82 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:32 GMT
content-type
text/html
last-modified
Tue, 08 Jun 2021 15:45:03 GMT
etag
W/"60bf907f-ee9"
content-encoding
gzip
match
ads.betweendigital.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://x.bidswitch.net/ul_cb/sync?ssp=between
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=259e5769-954e-43c3-ab9a-4cf47dc96486&ssp=between&expires=30&user_group=5&bsw_param=d822dd89-4f41-4367-9091-00e7081ede64
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Date
Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
match
ads.betweendigital.com/
Redirect Chain
  • https://px.adhigh.net/p/cm/btw
  • https://px.adhigh.net/p/cm/btw?bounced=1
  • https://ads.betweendigital.com/match?bidder_id=37&external_user_id=sUO5OVS7D8a.AikABlF9vIC3Cw
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=sUO5OVS7D8a.AikABlF9vIC3Cw
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=sUO5OVS7D8a.AikABlF9vIC3Cw
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
ads.betweendigital.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
  • https://ads.betweendigital.com/match?bidder_id=114&external_user_id=168bd05b7e9cdad96bf115cb
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=168bd05b7e9cdad96bf115cb
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=168bd05b7e9cdad96bf115cb
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
match
ads.betweendigital.com/
Redirect Chain
  • https://sync.bumlam.com/?src=bw1&uid=a3bbee4d-add9-515d-ab97-c305ca2eba06
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABiD8uWNBlIFvp7KygpiJGEzYmJlZTRkLWFkZDktNTE1ZC1hYjk3LWMzMDVjYTJlYmEwNg**
  • https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARiD8uWNBlIFvp7KygpiJGEzYmJlZTRkLWFkZDktNTE1ZC1hYjk3LWMzMDVjYTJlYmEwNqIBEHdyCnRdZRHshuAAJZDAZHw*
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQABiD8uWNBmIkYTNiYmVlNGQtYWRkOS01MTVkLWFiOTctYzMwNWNhMmViYTA2ogEQd3IKdF1lEeyG4AAlkMBkfA**
  • https://sync.bumlam.com/?src=bw1&s_data=CAIQARiD8uWNBmIkYTNiYmVlNGQtYWRkOS01MTVkLWFiOTctYzMwNWNhMmViYTA2ogEQd3IKdF1lEeyG4AAlkMBkfA**
  • https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77720a74-5d65-11ec-86e0-002590c0647c
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77720a74-5d65-11ec-86e0-002590c0647c
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
https://ads.betweendigital.com/match?bidder_id=18&external_user_id=77720a74-5d65-11ec-86e0-002590c0647c
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
analytics.js
www.google-analytics.com/ Frame 1112 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5797
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
wamfactory_dpm.wildcard.min.js
cstatic.weborama.fr/js/wam/customers/ Frame 1112 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1639545091735
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F42) /
Resource Hash
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Mon, 22 Nov 2021 10:01:32 GMT
server
ECAcc (frc/8F42)
age
155218
etag
"3372701235"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
5776
expires
Wed, 22 Dec 2021 05:11:31 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 4B0E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Ffan-news.org
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:31 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 10 Dec 2021 16:39:02 GMT
vary
Accept-Encoding
etag
W/"61b382a6-1b7e"
cache
HIT
x-cached-since
2021-12-12T18:26:30+00:00
x-id
fr5-up-gc32
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:31 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://fan-news.org
x-id
fr5-up-gc34
hosts.json
cdn02.nativeroll.tv/player/ Frame 1112 		302 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control
no-cache
Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 22:46:48 GMT
server
nginx
etag
W/"61b91ed8-12e"
x-cached-since
2021-12-14T22:49:59+00:00
content-type
application/json
access-control-allow-origin
https://fan-news.org
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
truncated
/ Frame 1112 		584 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1112 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1112 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1112 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1112 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1112 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
1
mc.yandex.com/watch/72623899/
Redirect Chain
  • https://mc.yandex.com/watch/72623899?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef40...
  • https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef...
331 B
763 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A951352560%3Arqn%3A1%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090717%3Ads%3A16%2C43%2C71%2C31%2C0%2C0%2C%2C547%2C5%2C%2C%2C%2C680%3Adsn%3A17%2C43%2C70%2C31%2C0%2C0%2C%2C519%2C4%2C%2C%2C%2C681%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
efda3dfa0a07a5f3eb267c8c8d7818a71a944a46a177232adf679dd33399eeeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
location
/watch/72623899/1?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A951352560%3Arqn%3A1%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1639545090717%3Ads%3A16%2C43%2C71%2C31%2C0%2C0%2C%2C547%2C5%2C%2C%2C%2C680%3Adsn%3A17%2C43%2C70%2C31%2C0%2C0%2C%2C519%2C4%2C%2C%2C%2C681%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
version
moevideo.biz/embed/core/ 		45 B
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1639545091843_41848
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
6ecfe7f0f6fc1bf873477f0616cc41d9d8c7812f9ee599dbd1ab7a25eeeb7836

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
45
X-My-Reqtime
0.094
Content-Type
application/javascript
sync.html
cstatic.weborama.fr/iframe/ Frame 9D55 		336 B
314 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091849
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/js/wam/customers/wamfactory_dpm.wildcard.min.js?rnd=1639545091735
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8F) /
Resource Hash
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
155964
cache-control
max-age=604800
content-type
text/html
date
Wed, 15 Dec 2021 05:11:31 GMT
etag
"282943589+gzip"
expires
Wed, 22 Dec 2021 05:11:31 GMT
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
server
ECAcc (frc/8F8F)
vary
Accept-Encoding
x-cache
HIT
content-length
207
/
wf.frontend.weborama.fr/stream/ Frame 1112
Redirect Chain
  • https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Fa...
  • https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Fa...
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091849&bounce=1&random=280608328
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Server
35.244.223.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.223.244.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:31 GMT
server
nginx/1.12.0
location
https://wf.frontend.weborama.fr/stream/?wamid=3336&Wvar=%7B%22domain%22%3A%22fan-news.org%22%2C%22wamid%22%3A%223336%22%2C%22typ%22%3A%223%22%2C%22url%22%3A%22https%253A%252F%252Ffan-news.org%252Farticles%252Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%253FrequestId%253Dcnv38d881bfeef401d8063f383d63e0a98c%2526utmkadam%253D%25255BMCPA%25255D%22%2C%22ref%22%3A%22%22%7D&d.r=1639545091849&bounce=1&random=280608328
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
external_libs.v2.js
cstatic.weborama.fr/iframe/ Frame 9D55 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cstatic.weborama.fr/iframe/external_libs.v2.js
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091849
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.221.133 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5E) /
Resource Hash
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/iframe/sync.html?key=ids_sync&wamid=3336&src=wamf.wildcard.js&ref=fan-news.org&d.r=1639545091849
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:31 GMT
content-encoding
gzip
last-modified
Mon, 20 Sep 2021 08:52:49 GMT
server
ECAcc (frc/8F5E)
age
159130
etag
"3142978827"
vary
Accept-Encoding
x-cache
HIT
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-type
text/javascript
content-length
3062
expires
Wed, 22 Dec 2021 05:11:31 GMT
1
mc.yandex.com/watch/72623899/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899/1?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A299438620%3Arqn%3A2%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A307213333%3Arqn%3A3%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A608062381%3Arqn%3A4%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A261763628%3Arqn%3A5%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A700190251%3Arqn%3A6%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A247206669%3Arqn%3A7%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A214624300%3Arqn%3A8%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A1065649336%3Arqn%3A9%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A133858983%3Arqn%3A10%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
72623899
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/72623899?page-url=goal%3A%2F%2Ffan-news.org%2FKADAM_EMPTY_BLOCK&page-ref=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A1%3Als%3A932425007056%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A325506225%3Arqn%3A11%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
1335351
mc.yandex.com/watch/ 		295 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1335351?wmode=7&page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A350599856837%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051131%3Aet%3A1639545092%3Ac%3A1%3Arn%3A857464155%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(11500)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
5aef2dd11d0d62b94293fb0271bb8ed86b59987df315e01ba71f9308194c222c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 15-Dec-2021 05:11:31 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
295
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:31 GMT
x450
avatars.mds.yandex.net/get-direct/223999/8tqUW8DOf_Tk44X37XI32g/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/223999/8tqUW8DOf_Tk44X37XI32g/x450
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
2a0f59d3606f98629a2830e306294fd6bfad2653096555900b7ac0eb6ddfb8c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Thu, 17 Oct 2019 13:59:40 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
63328
x-request-id
93b5363bea62d3e4
xn--80aklgjdc4ahc3h.xn--p1ai
favicon.yandex.net/favicon/ 		447 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/xn--80aklgjdc4ahc3h.xn--p1ai?size=32&stub=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
y300
avatars.mds.yandex.net/get-direct/4119367/pBHiey0kOu1oohtWZqOysg/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/4119367/pBHiey0kOu1oohtWZqOysg/y300
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
6affe9f6759df5783d3c48a8d3a38fcffd9a8bd2173fa453a42f6371b3d63024

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Thu, 09 Dec 2021 11:50:08 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
3282
x-request-id
596ada7e538d4d9e
tebiz.ru
favicon.yandex.net/favicon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/tebiz.ru?size=32&stub=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
a53a4af74507e22880b027bd1d538472c0c0b15deca85b81ac103f862cb03c05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
y300
avatars.mds.yandex.net/get-direct/2864005/5m1IPVlUYOLenuG0I3dsSg/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2864005/5m1IPVlUYOLenuG0I3dsSg/y300
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
398c1f447052c98c9d25268978712673b7d7b3a491d23981e5db9747dcadeee5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Thu, 29 Jul 2021 17:16:15 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
26136
x-request-id
a2f7307cf182368c
yandex.com
favicon.yandex.net/favicon/ 		756 B
969 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/yandex.com?size=32&stub=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
x300
avatars.mds.yandex.net/get-direct/2799451/0sxkLXehGJRh1V2xv6cnpQ/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://avatars.mds.yandex.net/get-direct/2799451/0sxkLXehGJRh1V2xv6cnpQ/x300
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::184 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx /
Resource Hash
7547c18297ea1591b609b335c3e7ae29f188a1747ff232945a6a1bc0a191d992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Tue, 19 May 2020 09:36:42 GMT
server
nginx
nel
{"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000,immutable
access-control-allow-credentials
true
timing-allow-origin
*
content-length
15660
x-request-id
378ed0468f09ac2
rusdate.de
favicon.yandex.net/favicon/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://favicon.yandex.net/favicon/rusdate.de?size=32&stub=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::36 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
Cache-Control
max-age=691200
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Content-Type
image/png
6123b6281b58921eda767ba8
statsb.nativeroll.tv/nr/aserver/group/ Frame 1112 		1 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/6123b6281b58921eda767ba8?event=visit&gid=6123b6281b58921eda767ba8&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&title=Chat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&ref=&block_enabled=0&width=468&height=0&offset_px=0&offset_pct=50&lenght_px=0&cookie_enabled=1&t=2021-12-15T05%3A11%3A31&mode=outstream&data_saver=false&places=0&nr_f=MTYzOTU0NTA5MTg2MQ%3D%3D&ancestor_origins=https%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=dcc54b45-6513-4b45-b930-0cd45def6aca
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
fb46ffddef2a74334917f782b36120593b49803609000a1b552acccaac3d3657

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
https://fan-news.org
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
Content-Type, *
1
mc.yandex.com/watch/1335351/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1335351/1?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afp%3A689%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A350599856837%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051132%3Aet%3A1639545092%3Ac%3A1%3Arn%3A1071496680%3Arqn%3A1%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Ads%3A16%2C43%2C71%2C31%2C0%2C0%2C%2C547%2C5%2C%2C%2C%2C680%3Adsn%3A17%2C43%2C70%2C31%2C0%2C0%2C%2C519%2C4%2C%2C%2C%2C681%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092&t=gdpr(14)aw(1)lt(18400)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fan-news.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Wed, 15-Dec-2021 05:11:32 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:32 GMT
1335351
mc.yandex.com/watch/ 		43 B
76 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/1335351?page-url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A3%3Adp%3A1%3Als%3A350599856837%3Ahid%3A617934136%3Az%3A0%3Ai%3A20211215051132%3Aet%3A1639545092%3Ac%3A1%3Arn%3A676377168%3Arqn%3A2%3Au%3A1639545092426235658%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1639545090717%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545092%3At%3AChat%20Asuransi%20Warisan%20Vanessa%20Angel%20ke%20Doddy%20Sudrajat%20Wow%20Banget&t=gdpr(14)aw(1)lt(18400)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Wed, 15-Dec-2021 05:11:32 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://fan-news.org
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:32 GMT
render.html
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BB9B 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Requested by
Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

server
nginx/1.17.9
date
Wed, 15 Dec 2021 05:11:32 GMT
content-type
text/html
content-length
6262
access-control-allow-origin
*
cache-control
public, max-age=946708560
content-encoding
br
etag
"eb77de48712912aadc9aa8171ac75ede"
expires
Fri, 15 Dec 2051 11:44:00 GMT
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
vary
Accept-Encoding
x-robots-tag
noindex, noarchive, nofollow
accept-ranges
bytes
KY7AShchjxs
www.youtube.com/embed/ Frame 4BC3 		62 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3e94bc08cffaf53cbe3d7847aa9da8b6d2b5be72ea4c800b0039391b5cbf4bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 15 Dec 2021 05:11:32 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iframe_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bb59f8a61f1eee13ad5e74876af09c3803e8f8dfb792fd2cb588d97999c8c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires
Wed, 15 Dec 2021 05:11:32 GMT
native
moevideo.biz/ Frame 161E 		48 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
9945f9093ac648720b13285b14cc7eaa1e6127b16223ee866c68f1fa5936c7d2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.00277280807495
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.01
X-Mv-Embed-Version
1403
X-My-Name
s13
X-My-Reqtime
0.097
Access-Control-Allow-Origin
*
Content-Encoding
gzip
www-widgetapi.js
www.youtube.com/s/player/204bfffb/www-widgetapi.vflset/ 		149 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c8c9bf4d27683e3a521802108e1408830886af69bd6df88cae1d0819c0d5348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 03:28:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
6202
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49316
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 Dec 2022 03:28:10 GMT
match
ads.betweendigital.com/ Frame BC03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=between
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=d822dd89-4f41-4367-9091-00e7081ede64
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=d822dd89-4f41-4367-9091-00e7081ede64
  • https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
68 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

Location
//ads.betweendigital.com/match?bidder_id=22&external_user_id=d822dd89-4f41-4367-9091-00e7081ede64
Date
Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
matchx
uuidksinc.net/ Frame A972 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://uuidksinc.net/matchx
Requested by
Host: ferdarius.com
URL: https://ferdarius.com/59wca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

server
nginx/1.19.0
date
Wed, 15 Dec 2021 05:11:32 GMT
content-type
text/html
vary
Accept-Encoding
content-encoding
gzip
www-player-webp.css
www.youtube.com/s/player/204bfffb/ Frame 4BC3 		337 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
40250
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47300
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:42 GMT
www-embed-player.js
www.youtube.com/s/player/204bfffb/www-embed-player.vflset/ Frame 4BC3 		225 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
40249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74767
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:43 GMT
base.js
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 4BC3 		2 MB
529 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8903986c927e122375ba7e0e972f366ae8c7104bf6f9fd4bccac2ada20949158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
40248
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
541105
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:44 GMT
fetch-polyfill.js
www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/ Frame 4BC3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
40249
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BC3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 17:06:41 GMT
x-content-type-options
nosniff
age
43491
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Dec 2022 17:06:41 GMT
d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame BB9B 		95 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::5:114 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-RT-IH
0.0001
Content-Type
image/png
Cache-Control
private
Connection
close
X-RT-IQ
0.0001
Content-Length
95
Expires
Thu, 16 Dec 2021 05:11:32 GMT
/
sync3.sniperlog.ru/ Frame BC03
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77720a74-5d65-11ec-86e0-002590c0647c
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=77720a74-5d65-11ec-86e0-002590c0647c&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=xogXTyhMYY7RKpG%2Bi1FyjQ&
  • https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata
  • https://sync3.sniperlog.ru/?src=ggl&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata&google_gid=CAESEAuTqWKRhiNiRxZLAbQCGvg&google_cver=1
43 B
516 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync3.sniperlog.ru/?src=ggl&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata&google_gid=CAESEAuTqWKRhiNiRxZLAbQCGvg&google_cver=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Server
31.172.81.160 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync3.sniperlog.ru/?src=ggl&extra1=xogXTyhMYY7RKpG+i1FyjQ&extra2=aidata&google_gid=CAESEAuTqWKRhiNiRxZLAbQCGvg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4BC3
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
061c2af376779f8d4b83ad3097730067598762579c85cd0719d27f17c14d3129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4BC3 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 04:57:15 GMT
x-content-type-options
nosniff
age
857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Dec 2021 05:12:15 GMT
q66GOLyt4hcCK2uKKspmEP5qh9yykAcLV_Vyk9V0d_8.js
www.google.com/js/th/ Frame 4BC3 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/q66GOLyt4hcCK2uKKspmEP5qh9yykAcLV_Vyk9V0d_8.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abae8638bcade217022b6b8a2aca6610fe6a87dcb290070b57f57293d57477ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Sat, 11 Dec 2021 19:57:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
292442
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13640
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Dec 2022 19:57:30 GMT
embed.js
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 4BC3 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
550c9da427a76b05374a263e56f08ea0db57d7fd44f33abea68182afe165233f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
40247
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7354
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:45 GMT
player
www.youtube.com/youtubei/v1/ Frame 4BC3 		106 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
6adcbd04e0808942945f1de62fcd3b6a485ea9176c923f57e100481f125b9604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211210.00.01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id
CgtyR2FnMDNCUzl3RSiE8uWNBg%3D%3D
Content-Type
application/json

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24109
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:11:32 GMT
truncated
/ Frame 4BC3 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQ3kDv2ySN4uMBtZPpPb12fqZXPSts3E4txt8Yj=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 4BC3 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQ3kDv2ySN4uMBtZPpPb12fqZXPSts3E4txt8Yj=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
f021da5ea1f7c2ef8919e5cd1332918740f3b43d791e7f590f6df51c17cc6d3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 01:50:14 GMT
x-content-type-options
nosniff
age
12078
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4172
x-xss-protection
0
server
fife
etag
"v32"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 18 Nov 2021 05:39:39 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4BC3 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 21:29:26 GMT
x-content-type-options
nosniff
age
114126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9832
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 13 Dec 2022 21:29:26 GMT
styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 161E 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:03:30 GMT
Server
nginx
X-My-Name
s17
ETag
W/"61a74872-d99f"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.080
mvplayer.min.js
moevideo.biz/embed/player/1746/ Frame 161E 		585 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:04:32 GMT
Server
nginx
X-My-Name
s17
ETag
W/"61a748b0-922a1"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.094
set
playreplay.me/api/cookie/ Frame 161E 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22a469f20e149d42966a5f%22},{%22key%22:%22mvsid%22,%22value%22:%22a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.63 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f2.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.085
set
thesame.tv/api/cookie/ Frame 161E 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22a469f20e149d42966a5f%22},{%22key%22:%22mvsid%22,%22value%22:%22a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.188.150.92 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.087
set
moevideo.biz/api/cookie/ Frame 161E 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22a469f20e149d42966a5f%22},{%22key%22:%22mvsid%22,%22value%22:%22a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.082
set
cs-0.moevideo.biz/api/cookie/ Frame 161E 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22a469f20e149d42966a5f%22},{%22key%22:%22mvsid%22,%22value%22:%22a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.086
set
playreplay.net/api/cookie/ Frame 161E 		0
332 B 		Script
General
Check archive.org
Download Go to
Full URL
https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22a469f20e149d42966a5f%22},{%22key%22:%22mvsid%22,%22value%22:%22a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d%22}]
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.214 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f56.moevideo.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
X-My-Reqtime
0.081
sync
ds.frontend.weborama.fr/ Frame 9D55 		895 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ds.frontend.weborama.fr/sync?key=ids_sync&src=wamf.wildcard.js&wamid=3336&v=2021091401&callback=Utils.handleDataSync&ref=fan-news.org
Requested by
Host: cstatic.weborama.fr
URL: https://cstatic.weborama.fr/iframe/external_libs.v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.231.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.231.117.34.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
457757ceaf06902bfd8d6575b34fb338295a25f6fc9af4097f1058120a4094b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-type
application/javascript; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
895
expires
Tue, 03 Jul 2001 06:00:00 GMT
generate_204
www.youtube.com/ Frame 4BC3 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?XpFr2g
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sync
statsa.nativeroll.tv/nr/ Frame 1112
Redirect Chain
  • https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fstatsa.nativeroll.tv%2Fnr%2Fsync%3Fdsp_id%3Dwbrm%26external_uid%3D{WEBO_CID}%26gt%3D0%26rand%3D921942
  • https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=/AovCZACRVTZS1q.qnh/z.&gt=0&rand=921942
0
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=/AovCZACRVTZS1q.qnh/z.&gt=0&rand=921942
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
location
https://statsa.nativeroll.tv/nr/sync?dsp_id=wbrm&external_uid=/AovCZACRVTZS1q.qnh/z.&gt=0&rand=921942
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
dcc54b45-6513-4b45-b930-0cd45def6aca
an.yandex.ru/mapuid/adfox/ Frame 1112 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adfox/dcc54b45-6513-4b45-b930-0cd45def6aca?jsredir=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:32 GMT
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 1112
Redirect Chain
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=921942
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6312364&bn=6312364&rnd=921942&tuid=-4373600123
  • https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=921942&ip=78.47.208.26
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=921942&ip=78.47.208.26
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:32 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:32 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&bid=4924110&bn=4924110&rnd=921942&ip=78.47.208.26
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
nativeroll-sync.rutarget.ru/ Frame 1112 		0
0
cm.gif
ad.mail.ru/ Frame 1112 		43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=107&id=dcc54b45-6513-4b45-b930-0cd45def6aca
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Last-Modified
Wed, 15 Dec 2021 05:11:32 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=21600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Wed, 15 Dec 2021 11:11:32 GMT
qoe
www.youtube.com/api/stats/ Frame 4BC3 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=MoF3JS84ZPc7xGQS&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24089463%2C24129402%2C24130420%2C24133268%2C24141079&cl=416163874&seq=1&event=streamingstats&docid=KY7AShchjxs&ei=BHm5YfqJFoTAgQft-aiYAg&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.006:B,0.146:B,0.146:B&cmt=0.006:0.000,0.146:0.000&afs=0.146:251::i&vfs=0.146:396:396::r&bwe=0.146:130000&bat=0.146:1:1&vis=0.146:0&bh=0.146:0.000
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-YouTube-Ad-Signals
dt=1639545092262&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C304%2C0&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		95 KB
96 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=video%2Fmp4&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=35416157&dur=1388.553&lmt=1630054554363456&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOV8VXG9vkW6DnnZxJUAkYnt-3NSBJvY5nuMuY6tSv68AiAtTB4RapX_mE9ItaUAdGHDAc3AaZFf2KrjmB3M4EvNYw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=0-97568&rn=1&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d34213fc823a3679227e89935c5e0993034ec2c79ec77a843e043ab284540fe2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
X-Restrict-Formats-Hint
None
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
97569
Last-Modified
Fri, 27 Aug 2021 08:55:54 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
X-Content-Type-Options
nosniff
Expires
Wed, 15 Dec 2021 05:11:32 GMT
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		67 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=audio%2Fwebm&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgL7VdwjJdEeqOxaozHU742U71vKoTduM3PZb1QP92y5kCICOZeZKMSjlM9GfDURIT0ByUdhNSZQN_Wq8RldAeU9Yw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=0-68181&rn=2&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e9e6975086ca036bae4100a36dc18770ec7ff58051e8b9e956bc4940d145ac2a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
68182
Last-Modified
Sat, 13 Feb 2021 12:59:12 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube.com
Expires
Wed, 15 Dec 2021 05:11:32 GMT
captions.js
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 4BC3 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b3fa74fbed97a5c5d4fd43f7dac33cb7efca29040f7d39e95effec2a9a847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
40239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24493
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:53 GMT
endscreen.js
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 4BC3 		26 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35f312ae2ead5e6c91932929d5716c613529b1b98218763b1825984fbf510958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:00:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
40239
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7227
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:00:53 GMT
annotations_module.js
www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/ Frame 4BC3 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/annotations_module.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ea7b195ecb7187dda4e10ea9f3e223d8bc6882eb5e49876c76b26a2252890fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 14 Dec 2021 18:01:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
40218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19745
x-xss-protection
0
last-modified
Tue, 14 Dec 2021 01:04:25 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 14 Dec 2022 18:01:14 GMT
next
www.youtube.com/youtubei/v1/ Frame 4BC3 		67 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
cde9d37ceee29b0d3493d913d274b026c5784b83048a92db36e4036ad6152b33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20211210.00.01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
X-Goog-Visitor-Id
CgtyR2FnMDNCUzl3RSiE8uWNBg%3D%3D
Content-Type
application/json

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6142
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:11:32 GMT
ids
idsync.frontend.weborama.fr/ Frame 9D55
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=weborama_dmp&google_cm
  • https://wam-google.solution.weborama.fr/pixel?google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1
  • https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESENxnIh7552q2IQanvHM4A74&google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESENxnIh7552q2IQanvHM4A74&google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=ggl&value=CAESENxnIh7552q2IQanvHM4A74&google_gid=CAESENxnIh7552q2IQanvHM4A74&google_cver=1
date
Wed, 15 Dec 2021 05:11:32 GMT
server
Apache
content-length
354
content-type
text/html; charset=iso-8859-1
ids
idsync.frontend.weborama.fr/ Frame 9D55
Redirect Chain
  • https://secure.adnxs.com/getuid?https://idsync.frontend.weborama.fr/ids?key=appnexus&value=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dappnexus%26value%3D%24UID
  • https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6269504899612408533
0
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6269504899612408533
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:32 GMT
X-Proxy-Origin
78.47.208.26; 78.47.208.26; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
527dee61-243d-48a2-a87c-b737197c0ae5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://idsync.frontend.weborama.fr/ids?key=appnexus&value=6269504899612408533
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame 9D55
Redirect Chain
  • https://gum.criteo.com/sync?c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
  • https://gum.criteo.com/sync?s=1&c=13&a=1&r=1&u=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dcriteov2%26value%3D%40USERID%40
  • https://idsync.frontend.weborama.fr/ids?key=criteov2&value=qOfGILtFWMoStL-yeJ0bKfjrTOxoVnlw
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=qOfGILtFWMoStL-yeJ0bKfjrTOxoVnlw
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=criteov2&value=qOfGILtFWMoStL-yeJ0bKfjrTOxoVnlw
date
Wed, 15 Dec 2021 05:11:32 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
3271
content-length
212
strict-transport-security
max-age=86400; preload;
content-type
text/html; charset=utf-8
401736.gif
idsync.rlcdn.com/ Frame 9D55 		42 B
417 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/401736.gif?partner_uid=/AovCZACRVTZS1q.qnh/z.
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
collect
dx.frontend.weborama.com/ Frame 9D55
Redirect Chain
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP
  • https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP&bounce=1&random=1863087322
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP&bounce=1&random=1863087322
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
location
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=D-BEd0jHScgP&bounce=1&random=1863087322
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
check
pixel.tapad.com/idsync/ex/receive/ Frame 9D55
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2964&partner_device_id=D-BEd0jHScgP
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=D-BEd0jHScgP
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=D-BEd0jHScgP
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2964&partner_device_id=D-BEd0jHScgP
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9D55
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg&dcc=t
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
HTTP/1.1
Server
54.239.38.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TM9FVNKZ5GBHEQNVSQR1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:32 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9NEEMXHNVK3EYM0PJRXN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=0485bdfe-f03c-4309-8ba2-59b54b1419fb&id=L0FvdkNaQUNSVlRaUzFxLnFuaC96Lg&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ids
idsync.frontend.weborama.fr/ Frame 9D55
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&rdf=1
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22B03005-D560-45F8-80E3-40AF7869A030
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22B03005-D560-45F8-80E3-40AF7869A030
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Server
35.201.81.244 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
244.81.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cstatic.weborama.fr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:32 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=22B03005-D560-45F8-80E3-40AF7869A030
date
Wed, 15 Dec 2021 05:11:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
default.webp
i.ytimg.com/vi_webp/KY7AShchjxs/ Frame 4BC3 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/KY7AShchjxs/default.webp
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bfe46724e9124e987b776b635406a673650e8d381a15dfd7ddda6687fe77ada
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:03:47 GMT
x-content-type-options
nosniff
age
465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3210
x-xss-protection
0
server
sffe
etag
"1613149129"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:03:47 GMT
maxresdefault.jpg
i.ytimg.com/vi/D90PluQTGLA/ Frame 4BC3 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/D90PluQTGLA/maxresdefault.jpg
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
999347853aeb4af6a251e2fe53066a08e89981484902babf8f79c9cc389c1e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:08:15 GMT
x-content-type-options
nosniff
age
197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
187674
x-xss-protection
0
server
sffe
etag
"1609593611"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:08:15 GMT
maxresdefault.jpg
i.ytimg.com/vi/n5y_QVxXhBw/ Frame 4BC3 		220 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/n5y_QVxXhBw/maxresdefault.jpg
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd78a583ab2c11c98b2e276810da4906d5ed42c7045a890fb8f02d7d569c9127
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:08:06 GMT
x-content-type-options
nosniff
age
206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
225068
x-xss-protection
0
server
sffe
etag
"1610489279"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:08:06 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4066f4e21607b5df4f370f623b6f43d254b047e40e086e0f939797a04d81c86b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		79 KB
79 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=audio%2Fwebm&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgL7VdwjJdEeqOxaozHU742U71vKoTduM3PZb1QP92y5kCICOZeZKMSjlM9GfDURIT0ByUdhNSZQN_Wq8RldAeU9Yw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=68182-149070&rn=3&rbuf=4352
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
7dda59f2c016053c6a2a9b9ab3fb2850754df1b281f842ee494ad9e2b72927b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80889
client-protocol
quic
last-modified
Sat, 13 Feb 2021 12:59:12 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 15 Dec 2021 05:11:32 GMT
usync.html
eus.rubiconproject.com/ Frame 1A47
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a3bbee4d-add9-515d-ab97-c305ca2eba06&CACHEBUSTER=694003
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
about:blank

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Dec 2021 05:11:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date
Wed, 15 Dec 2021 05:11:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		390 KB
390 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=video%2Fmp4&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=35416157&dur=1388.553&lmt=1630054554363456&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAOV8VXG9vkW6DnnZxJUAkYnt-3NSBJvY5nuMuY6tSv68AiAtTB4RapX_mE9ItaUAdGHDAc3AaZFf2KrjmB3M4EvNYw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=97569-496634&rn=4&rbuf=9077
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
9a863770d715fd8ab94b073061378bd6ac8a762dc35dbad50aaae9ee6bf2abf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
399066
client-protocol
quic
last-modified
Fri, 27 Aug 2021 08:55:54 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Wed, 15 Dec 2021 05:11:32 GMT
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		154 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=audio%2Fwebm&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgL7VdwjJdEeqOxaozHU742U71vKoTduM3PZb1QP92y5kCICOZeZKMSjlM9GfDURIT0ByUdhNSZQN_Wq8RldAeU9Yw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=149071-306796&rn=5&rbuf=9723
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
85da445e6055d61d84ea5d00d7c0a9173e3f6b4e0cb4bd4985c75749ff00e3e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157726
client-protocol
quic
last-modified
Sat, 13 Feb 2021 12:59:12 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21300
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 15 Dec 2021 05:11:32 GMT
usync.js
eus.rubiconproject.com/ Frame 1A47 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c4ecbf5478a16d390079b57c07f58af4a89791736144f4fa29b0715a8e6e86bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:32 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 01:00:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71755
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9699
Expires
Thu, 16 Dec 2021 01:07:27 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1A47 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
694003
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame BC03
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003
43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
ms-counter-3.2.15/1.20.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-3.2.15/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
server
ms-counter-3.2.15/1.20.1
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/694003
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
playback
www.youtube.com/api/stats/ Frame 4BC3 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&el=embedded&cpn=MoF3JS84ZPc7xGQS&ver=2&cmt=0.213&fmt=396&fs=0&rt=0.582&euri=https%3A%2F%2Ffan-news.org%2F&lact=604&cl=416163874&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24089463%2C24129402%2C24130420%2C24133268%2C24141079&rtn=2&afmt=251&inview=0&muted=1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=BHm5YfqJFoTAgQft-aiYAg&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdDWFdTa2RxSE85UlBjQXlieVNNdFd5Ty14VTg1YV92Q3JtaFRhTGkyczJFd2JLQVBta0tESzJLc1NTMzJMaUQxSE8xYi1iYjRRUVJGSGFnODRfc1dYNVc4U1R3UkFaNUxTaTZZY0M1LV83T2RMdUNMM2UyNThGSm5F
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ptracking
www.youtube.com/ Frame 4BC3 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/ptracking?html5=1&video_id=KY7AShchjxs&cpn=MoF3JS84ZPc7xGQS&ei=BHm5YfqJFoTAgQft-aiYAg&ptk=youtube_multi&oid=-JboZdfJMv20J-EgYJtBCQ.Bkd4zRq-gbbBbUyWpkumnQ.HsfuJCmYNidf4wUV9F28mw.yfdyTRzMmu3FPmmTBoa5Wg.zKSiGrgFlUYObZ6s7wQjSw&pltype=contentugc
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:32 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storage.html
moe.video/ Frame 40D1 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:56 GMT
ETag
W/"61b49f28-4783"
X-My-Name
s56
X-My-Reqtime
0.090
X-B-Name
f36
Content-Encoding
gzip
truncated
/ Frame 161E 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
sync.gif
dispatcher.adxcore.com/a/ Frame BC03
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a3bbee4d-add9-515d-ab97-c305ca2eba06&expires=60
  • https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=d822dd89-4f41-4367-9091-00e7081ede64
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=d822dd89-4f41-4367-9091-00e7081ede64
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
5.135.97.203 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
cache-control
private
server
Apache

Redirect headers

Location
//dispatcher.adxcore.com/a/sync.gif?dsp=11&uid=d822dd89-4f41-4367-9091-00e7081ede64
Date
Wed, 15 Dec 2021 05:11:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/usync/ Frame E588 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=a3bbee4d-add9-515d-ab97-c305ca2eba06&CACHEBUSTER=694003
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
a3bbee4d-add9-515d-ab97-c305ca2eba06
an.yandex.ru/mapuid/betweendigitalis/ Frame BC03
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2Fa3bbee4d-add9-515d-ab97-c305ca2eba06
  • https://an.yandex.ru/mapuid/betweendigitalis/a3bbee4d-add9-515d-ab97-c305ca2eba06
43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/betweendigitalis/a3bbee4d-add9-515d-ab97-c305ca2eba06
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:33 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:33 GMT

Redirect headers

location
https://an.yandex.ru/mapuid/betweendigitalis/a3bbee4d-add9-515d-ab97-c305ca2eba06
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
t.adx.opera.com/ Frame BC03 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.adx.opera.com/sync?vendor=60079&uid=a3bbee4d-add9-515d-ab97-c305ca2eba06
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
server
Tengine
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:33 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame 161E 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:33 GMT
X-Balancer-Name
fvm19
Last-Modified
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm19
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
truncated
/ Frame 161E 		363 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 161E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5799
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
ads-async.js
ad.mail.ru/static/ Frame 161E 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
189564
Expires
Wed, 15 Dec 2021 05:21:33 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec0eda35ce0c7542c70a5a45e97e0aa2cef32a874451ae8591175b98457b5023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8543
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5907212464215949&plah=fan-news.org
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:11:33 GMT
storage.html
moe.video/ Frame C19E 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:57 GMT
ETag
W/"61b49f29-4783"
X-My-Name
s58
X-My-Reqtime
0.093
X-B-Name
f36
Content-Encoding
gzip
storage.html
moe.video/ Frame ACA4 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:33 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:08 GMT
ETag
W/"61b49ef8-4783"
X-My-Name
s33
X-My-Reqtime
0.080
X-B-Name
f36
Content-Encoding
gzip
adsdk.js
an.yandex.ru/system/video-ads-sdk/ Frame 161E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
24662ce56198880596e73962f369f733dc002cca6216fb10da2865d98856a120
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
3138152009
x-yandex-req-id
1639545093391268-1762642800763022859900366-production-app-host-sas-pcode-210
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 15 Dec 2021 06:11:33 GMT
hqdefault.webp
i.ytimg.com/vi_webp/aC0X2Ui9kpg/ Frame 4BC3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/aC0X2Ui9kpg/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71fe516b0f74aba31366366a4590ee0e41427c93dbe3731396127d68ab089b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:03:31 GMT
x-content-type-options
nosniff
age
482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19924
x-xss-protection
0
server
sffe
etag
"1636981270"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:03:31 GMT
hqdefault.webp
i.ytimg.com/vi_webp/Y2WuvBgiyXE/ Frame 4BC3 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/Y2WuvBgiyXE/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f67581a213dc94a0f5b21aa9245eb83c7fc26619818d51e271b3b758fc15a432
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:10:24 GMT
x-content-type-options
nosniff
age
69
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9514
x-xss-protection
0
server
sffe
etag
"1612711691"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:10:24 GMT
hqdefault.webp
i.ytimg.com/vi_webp/1Y_rec-zmbM/ Frame 4BC3 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/1Y_rec-zmbM/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
291cc4eb61d14fcfb33de3679a86dde54166c8249bf5c9b31861ff33d177a3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 03:25:11 GMT
x-content-type-options
nosniff
age
6382
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15652
x-xss-protection
0
server
sffe
etag
"1548423163"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 05:25:11 GMT
hqdefault.webp
i.ytimg.com/vi_webp/T9ZJHYsl6vE/ Frame 4BC3 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/T9ZJHYsl6vE/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f66cae762e9c78957408809f7e82ac2c6e0e80d88c7fe41424997ded42c3df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 04:57:06 GMT
x-content-type-options
nosniff
age
867
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12114
x-xss-protection
0
server
sffe
etag
"1599727461"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 06:57:06 GMT
hqdefault.webp
i.ytimg.com/vi_webp/S7VcirrE2xc/ Frame 4BC3 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/S7VcirrE2xc/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0317920a165ef6cb6f2970338885abcfbb717119a7ef42ec39996d33aa91a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:07:26 GMT
x-content-type-options
nosniff
age
247
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14416
x-xss-protection
0
server
sffe
etag
"1638284952"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:07:26 GMT
hqdefault.webp
i.ytimg.com/vi_webp/dLjH8preSkA/ Frame 4BC3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/dLjH8preSkA/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7726eef93f0f179f1042632c9b7b1314aba1d04d0631ce6afd41acc1ce64d86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:07:49 GMT
x-content-type-options
nosniff
age
224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18078
x-xss-protection
0
server
sffe
etag
"1608639550"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:07:49 GMT
hqdefault.webp
i.ytimg.com/vi_webp/y-HwXI-NVJ8/ Frame 4BC3 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/y-HwXI-NVJ8/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9a5e1dc7acfff2811a2722d6bb137c56ee096cf8e614f8cbf2a07fcaa93df55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:05:58 GMT
x-content-type-options
nosniff
age
335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17980
x-xss-protection
0
server
sffe
etag
"1638486145"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:05:58 GMT
hqdefault.webp
i.ytimg.com/vi_webp/qGg0WH9rARY/ Frame 4BC3 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/qGg0WH9rARY/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9100d381307ccda0cd3ac9b205d7da809af81c6c00a2c40d9736f1aecb1a5b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:07:03 GMT
x-content-type-options
nosniff
age
270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21154
x-xss-protection
0
server
sffe
etag
"1638885810"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:07:03 GMT
hqdefault.webp
i.ytimg.com/vi_webp/a__4QYz05ls/ Frame 4BC3 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/a__4QYz05ls/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0d1305dabde6025ba2970a3aa737d1036b9292965a1a648bd95db560edbae8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 04:44:37 GMT
x-content-type-options
nosniff
age
1616
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25352
x-xss-protection
0
server
sffe
etag
"1635337385"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 06:44:37 GMT
hqdefault.jpg
i.ytimg.com/vi/BuZFeBkbfUE/ Frame 4BC3 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/BuZFeBkbfUE/hqdefault.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78c9d763e9dc9e7c1cce1036e764404fd1d60172c8136237f9f0aed7e1f78d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:09:16 GMT
x-content-type-options
nosniff
age
137
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29509
x-xss-protection
0
server
sffe
etag
"1626789260"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 07:09:16 GMT
hqdefault.webp
i.ytimg.com/vi_webp/HVBZyD06MIo/ Frame 4BC3 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/HVBZyD06MIo/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d43611186e7bc6e9e1a964730ad120700b1a385f9174390f14fdf25f22bc636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 04:53:46 GMT
x-content-type-options
nosniff
age
1067
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29404
x-xss-protection
0
server
sffe
etag
"1599223985"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 06:53:46 GMT
hqdefault.webp
i.ytimg.com/vi_webp/nUBYqiUew84/ Frame 4BC3 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/nUBYqiUew84/hqdefault.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9253426198d9b23b5392e16ef5f99a8d3e865a6118bdccd131544ae5009c3d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 03:43:58 GMT
x-content-type-options
nosniff
age
5255
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19584
x-xss-protection
0
server
sffe
etag
"1639174249"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 15 Dec 2021 05:43:58 GMT
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=398&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=video%2Fmp4&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=114433066&dur=1388.553&lmt=1630054691063745&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRgIhAJJAdcEXJ1rmyAkJOMZq2nus5-uyVpWDvsLCJ7QA92QjAiEA0pbbzqWgYId7R4knGLEBC4msexoSVR57vvcJZ5h8nA0%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=0-4055&rn=6&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d2baf309d6969f8c2a19d21d0fb37b3ee9f332dc767dc2211c1b30931dfb51f8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4056
client-protocol
quic
last-modified
Fri, 27 Aug 2021 08:58:11 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Wed, 15 Dec 2021 05:11:33 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4BC3 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtyR2FnMDNCUzl3RSiE8uWNBg%3D%3D
X-YouTube-Ad-Signals
dt=1639545092262&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1427%2C890&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:11:33 GMT
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=397&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=video%2Fmp4&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=60783319&dur=1388.553&lmt=1630055136770342&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5532434&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgU6JvMFhq2uhlE3j0-7jeHt7Gl-Kq1oLLAIUcUaD_J8ICIQCM3aYDdQ1Nxw-bzu2HvehguHDImJAPT1kzJbDQSMuW0A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=0-4055&rn=7&rbuf=0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
5ef31bec403a6acd1f57177cef5661e5500cf4ea08f157d439a8c231e4f64785
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
x-restrict-formats-hint
None
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4056
client-protocol
quic
last-modified
Fri, 27 Aug 2021 09:05:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
x-content-type-options
nosniff
expires
Wed, 15 Dec 2021 05:11:33 GMT
vkAuth.html
ad.mail.ru/dist/ Frame 4348 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:33 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Wed, 15 Dec 2021 05:21:33 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame 161E 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1639545093537&q=199847&vk=0&_=947237207
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
d61edc7d3ad51141fd8b7165ea11748ce861b49195d3312565ababe56bdeac5a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
qoe
www.youtube.com/api/stats/ Frame 4BC3 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=MoF3JS84ZPc7xGQS&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24089463%2C24129402%2C24130420%2C24133268%2C24141079&cl=416163874&seq=2&event=streamingstats&docid=KY7AShchjxs&ei=BHm5YfqJFoTAgQft-aiYAg&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.155:0.000,0.331:0.004,1.056:0.689,1.090:0.700,1.353:0.700&vps=0.155:N,0.331:PL,1.056:PA,1.353:PA&ctmp=dompaused:t.156;promise;m.NotAllowedError&user_intent=0.325&vfs=1.353:396:396:396:r&view=1.353:400:225&bwm=1.353:803432:0.358&bwe=1.353:1041667&bat=1.353:1:1&bh=1.353:19.301&df=1.353:0
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-YouTube-Ad-Signals
dt=1639545092262&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8177 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Tue, 14 Dec 2021 22:59:22 GMT
expires
Wed, 14 Dec 2022 22:59:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 562C 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4b38bf7199efaea07cf93b1dbcceb3d70d62ffed7a2325434a2ca7a1a14ad32a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-AQciUjMe7wKsAmEgKBo5dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Wed, 15 Dec 2021 05:11:33 GMT
date
Wed, 15 Dec 2021 05:11:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-AQciUjMe7wKsAmEgKBo5dg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=CreateLoader&bundleName=AdSDKLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
truncated
/ Frame 161E 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.bundle.js
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/ Frame 161E 		563 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7378fca6126cf82166a26a4c0023773f808b76b76408064de804aedf38272b92
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://moevideo.biz/
Origin
https://moevideo.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
143743
x-nginx-request-id
8c83698743e5cc45
last-modified
Tue, 14 Dec 2021 09:25:22 GMT
server
nginx/1.17.9
etag
"2060a14983650a6b8133a8f04fa309be"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:27 GMT
openapi.js
vk.com/js/api/ Frame 4348 		102 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
br
x-frontend
front226204
last-modified
Thu, 07 Oct 2021 11:12:43 GMT
server
kittenx
etag
"615ed62b-5a1f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23071
expires
Sun, 19 Dec 2021 05:11:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 562C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2738548432678028&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers
A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
pagead2.googlesyndication.com/bg/ Frame 8177 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/A3sS0H_86Eu8poIaUPJJxUQpsgwPL9Z0aaC7WTcRMFE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Mon, 13 Dec 2021 19:58:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
119565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13610
x-xss-protection
0
last-modified
Mon, 06 Dec 2021 19:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Dec 2022 19:58:48 GMT
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=ModuleLoaded&bundleName=AdLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
1378267
an.yandex.ru/vmap/ Frame 161E 		2 KB
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=9627601639545093823&pcode-icookie=ktvuVU9A30fVCMm6JyQVdfboxOyhqWgxAu8QDvKgxzuEFXad87OTaufzK0Coo4xDwQ2wnKEZeUJPq6SopyjP33uDCTQ%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=c7bd0c4b57fbdf2eff8d4351bb04e65ae1ccf510a010bd7885619d4027e5e5bc&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545093828&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
3ca5d64cd9f7d36642b04ac6a29e4da8ae0a6142334ee05623b74f85e2748a2a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:33 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:33 GMT
1378267
an.yandex.ru/meta/ Frame 161E 		66 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456500969821760541&video-category-id=0&client-timezone-offset=0&video-content-id=0&ad-session-id=9627601639545093823&pcode-icookie=ktvuVU9A30fVCMm6JyQVdfboxOyhqWgxAu8QDvKgxzuEFXad87OTaufzK0Coo4xDwQ2wnKEZeUJPq6SopyjP33uDCTQ%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456500968556391453&enable-page-options=65536&rnd=0.5189483395883432&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=c7bd0c4b57fbdf2eff8d4351bb04e65ae1ccf510a010bd7885619d4027e5e5bc&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545093894&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639545093921966-1204161422847217551500395-production-app-host-vla-pcode-35
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
/
login.vk.com/ Frame 4348 		27 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.109628
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.109628
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2738548432678028&bg=!GBulG1_NAAZKWFskSlg7ACkAdvg8WjdPemEVze53PXO9HFr8riNaAxsiF83tqEIBQnycvO4NrYjRCAIAAAB8UgAAAA5oAQcKANDSXO7qNmELXMkQL-77K2L83fO0jgklHT0WmmpOwH0EVXTe-SrFNiUhTy9C33zkL8R_w1FA4fBz_d_eMwp7apWeSU80TCiUCLJmQuSJLBMG0y10BTgre6O0XujuvmqccpVFxlyOKAKiPdx5TA-Zd8OPYmaqfsZDJTG4VGhdr2isGl9cvZ5-2V62z5g0jakluZfMnsMv_l4TvHu6rSifZ1z7FpWwSA0Vy8E-Obag93BqZjynka7HTJrV_Q2jYzR2ex8FgnVTQ2miL2qLNmkUWtzsmQKc_Qb389bDLLPY14IBYkxci2yodUdE_hdKA7pX1VrnUVEsCx6uNgSSr10WVQypl9ghjdzus_gL1pC_qRmdd4msKWYoDsk3Can-dSEHb0-TXhmgeF51Ikgw2Nej9aREqzBKJ7xiUUXok2EsFAW9Y_BHhtv3CZqsPWH-J5Z91YUZ2uHbuyPrDLNhSUF0ty3CjA24q9y_Iq0isvsp9nwnp1PGNQLqdCMSl93oCqM1EphrPqVhQk4jcxtj_N82m7cO4-4Jp8D5u4V3Rd29BEOAJQx9pfbwa6m7SXxOze07vMETZ1UXy3EzTFq7gbSxiTO7jG8xgW3uzh0Hg0sMD8jqCJFS-IIwordCglQa1rWfC7y0Vrgv8o987EiKeNA-Y69UVFFQhA8d39-EeM-j-lnCDlYhcnTMHx-7mMizIhGta2y1B7HkV991Yl3IYJHaRWYA_llQQIobWtl5txspTIuLvLfUiqn0Uz9wv6MDMh7Yv9evX6no5bDFJ6EfEWoS4E35Me6tPri3Eb5c2EYZU7Fx6-wIABYv_swBDuoyy979JRmcUZS3rlPa_i-o-95wJPJmxOhItBbCt2Qyxx-FTBeqiZ7uowK7l6jA4wJ5BYTffxpEGpVvjN8LE1oYjxF2mZz_UEVnM-7uV--4GWxT0WoHu9asaRIMQ2N9UkYRteIHnCGtFZjTly-vPY6eqmm0bTDsLqyQyFgbQBosjoD5OkMi7V1P7tuzIapjJy26kDceK2h0p7RblOWjOe8sgpta9PgBtrgqM2Yp-XpK-tqKquGEYYGWIPoLPbfjidVoFuh5BaFb6a7ujG_4vpkPS7fTggyI6hStDw7VlaADvcjNPG78g01czdeGj__TwNAMB_MD3fiTvlk5VdBOG_mxA4muRYo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storage.html
moe.video/ Frame 600D 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:09 GMT
ETag
W/"61b49ef9-4783"
X-My-Name
s35
X-My-Reqtime
0.087
X-B-Name
f36
Content-Encoding
gzip
cs
cs-0.moevideo.biz/ssp/ Frame 161E
Redirect Chain
  • https://moevideo-sync.rutarget.ru/sync
  • https://cs-0.moevideo.biz/ssp/cs?d=1&b=_vmTu6YacuIt
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=1&b=_vmTu6YacuIt
Protocol
HTTP/1.1
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Location
https://cs-0.moevideo.biz/ssp/cs?d=1&b=_vmTu6YacuIt
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
match
dm-eu.hybrid.ai/ Frame 161E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm-eu.hybrid.ai/match?id=117
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
505
x-xss-protection
1; mode=block
expires
-1
moevideo
px.adhigh.net/p/cm/ Frame 161E 		49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/moevideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.190.76.38 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp10.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
server
nginx
x-backend-id
f10-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
sync.bumlam.com/ Frame 161E 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bumlam.com/?src=moe2&uid=a469f20e149d42966a5f
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
31.172.81.159 Muehlheim am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:33 GMT
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cs
cs-0.moevideo.biz/ssp/ Frame 161E
Redirect Chain
  • https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=a469f20e149d42966a5f&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Protocol
HTTP/1.1
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx/1.21.0
Location
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Access-Control-Max-Age
3628800
Access-Control-Allow-Methods
GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers
Content-Length,Content-Range
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length
0
rle.cgi
ad.adriver.ru/cgi-bin/ Frame 161E 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:33 GMT
Transfer-Encoding
chunked
P3P
policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection
keep-alive
Content-Type
image/gif
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cs
cs-0.moevideo.biz/ssp/ Frame 161E
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=81&b=25b4d4df-678d-4712-6a54-d81e49224379
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=81&b=25b4d4df-678d-4712-6a54-d81e49224379
Protocol
HTTP/1.1
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=81&b=25b4d4df-678d-4712-6a54-d81e49224379
date
Wed, 15 Dec 2021 05:11:33 GMT
server
nginx
content-length
115
serverid
TODO
content-type
text/html; charset=utf-8
cs
cs-0.moevideo.biz/ssp/ Frame 161E
Redirect Chain
  • https://sync.upravel.com/moevideo/sync
  • https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
  • https://cs-0.moevideo.biz/ssp/cs?d=91&b=358a588b-464b-4e7f-a226-d40d6f6a7d36
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=91&b=358a588b-464b-4e7f-a226-d40d6f6a7d36
Protocol
HTTP/1.1
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

date
Wed, 15 Dec 2021 05:11:34 GMT
server
nginx
location
https://cs-0.moevideo.biz/ssp/cs?d=91&b=358a588b-464b-4e7f-a226-d40d6f6a7d36
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
false
content-type
image/png
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
XClTfNIsT2SjqoWFNQ_spg
an.yandex.ru/setud/mts_banner/ Frame 161E
Redirect Chain
  • https://sm.rtb.mts.ru/p?ssp=moevideo&id=a469f20e149d42966a5f
  • https://sm.rtb.mts.ru/match/second?ssp=22&exu=a469f20e149d42966a5f
  • https://tech.rtb.mts.ru/?dsp_uid=5c29537c-d22c-4f64-a3aa-8585350feca6&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2FXClTfNIsT2SjqoWFNQ_spg%3Fsign%3D2819976877
  • https://an.yandex.ru/setud/mts_banner/XClTfNIsT2SjqoWFNQ_spg?sign=2819976877
43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/setud/mts_banner/XClTfNIsT2SjqoWFNQ_spg?sign=2819976877
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=windows-1251
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT

Redirect headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx/1.13.12
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
Location
https://an.yandex.ru/setud/mts_banner/XClTfNIsT2SjqoWFNQ_spg?sign=2819976877
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
moevideo
sync.dmp.otm-r.com/match/ Frame 161E 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/moevideo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
148.251.4.142 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.142.4.251.148.clients.your-server.de
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 15 Dec 2021 05:11:33 GMT
server
nginx/1.17.6
myvideo-sync
rtb.com.ru/ Frame 161E 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.com.ru/myvideo-sync?uid=a469f20e149d42966a5f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
83.222.114.188 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server
nginx/1.18.0
Connection
keep-alive
P3p
CP="rtb.com.ru does not have a P3P policy"
cs
cs-0.moevideo.biz/ssp/ Frame 161E
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
  • https://cs-0.moevideo.biz/ssp/cs?d=161&b=a3bbee4d-add9-515d-ab97-c305ca2eba06
36 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-0.moevideo.biz/ssp/cs?d=161&b=a3bbee4d-add9-515d-ab97-c305ca2eba06
Protocol
HTTP/1.1
Server
83.229.25.249 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm2.moevideo.net
Software
nginx /
Resource Hash
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Connection
keep-alive
Content-Length
36
Content-Type
image/gif

Redirect headers

location
https://cs-0.moevideo.biz/ssp/cs?d=161&b=a3bbee4d-add9-515d-ab97-c305ca2eba06
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
collect
dx.frontend.weborama.com/ Frame 161E 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
102.80.201.35.bc.googleusercontent.com
Software
nginx/1.12.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:33 GMT
via
1.1 google
last-modified
Wed, 15 Dec 2021 05:11:33 GMT
server
nginx/1.12.0
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT
bundle.js
yastatic.net/q/set/s/rsya-tag-users/ Frame BB9B 		105 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Requested by
Host: fan-news.org
URL: https://fan-news.org/articles/chat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551?requestId=cnv38d881bfeef401d8063f383d63e0a98c&utmkadam=%5BMCPA%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:33 GMT
content-encoding
br
last-modified
Fri, 29 Oct 2021 11:19:01 GMT
server
nginx/1.17.9
etag
W/"82bdc8db563d3e71c35534315f8a9fd5"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Fri, 17 Dec 2021 17:10:59 GMT
cache-control
public, max-age=31556952
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
strict-transport-security
max-age=43200000; includeSubDomains;
timing-allow-origin
*
x-nginx-request-id
a8ef2c7e48d044b3
watch.js
mc.yandex.ru/metrika/ Frame BB9B 		134 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
br
last-modified
Tue, 14 Dec 2021 15:27:53 GMT
etag
"61b88dc9-bcf4"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48372
expires
Wed, 15 Dec 2021 06:11:34 GMT
data
yandex.ru/set/s/rsya-tag-users/ Frame BB9B 		403 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/set/s/rsya-tag-users/data?referrer=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
404f066bdb9a997815fbbad8204db8c94fa5afadaa2a2d19b714262a8d7e79fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
public,max-age=300
access-control-allow-credentials
true
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&fatal=NO_AD_SECTION
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
conversion_async.js
www.googleadservices.com/pagead/ Frame BB9B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 15 Dec 2021 05:11:34 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame BB9B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Bnm5YY-eDYr3gAf-wQY&ra...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730&ipr=y
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730&ipr=y
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=uXlUCLqxpmMQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2121359468&crd=&is_vtc=1&random=352274730&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1014923426/ Frame BB9B
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Bnm5Yf-dDbGXx_APuumsyA...
  • https://www.google.com/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867
  • https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867&ipr=y
42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867&ipr=y
Protocol
H2
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1014923426/?label=ZLOgCM6elGEQooH64wM&value=0&script=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=2137496933&crd=&is_vtc=1&random=3265680867&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
3
mc.yandex.com/watch/ Frame BB9B 		167 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/3?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A647140785322%3Ahid%3A425650785%3Az%3A0%3Ai%3A20211215051134%3Aet%3A1639545094%3Ac%3A1%3Arn%3A1056069757%3Arqn%3A1%3Au%3A1639545094531596528%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639545092035%3Ads%3A0%2C57%2C29%2C7%2C0%2C0%2C%2C47%2C0%2C138%2C138%2C0%2C138%3Adsn%3A0%2C56%2C29%2C6%2C0%2C0%2C%2C45%2C0%2C138%2C138%2C0%2C138%3Aco%3A0%3Ast%3A1639545094&t=gdpr()aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
58672f6d256afa949099f0a065f4068dbf40577e7bada15caaf03b32d7b90609
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 15-Dec-2021 05:11:34 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:34 GMT
advert.gif
mc.yandex.com/metrika/ Frame BB9B 		43 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
last-modified
Mon, 13 Dec 2021 15:31:55 GMT
etag
"61b73d3b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 15 Dec 2021 06:11:34 GMT
37412095
mc.yandex.com/watch/ Frame BB9B 		350 B
385 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/37412095?wmode=7&page-url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=utf-8&site-info=%7B%22extensions%22%3A%22%22%2C%22fromGoogle%22%3A%22false%22%2C%22fromCancel%22%3A%22false%22%2C%22loyal%22%3A%220%22%2C%22sbscrb%22%3A%22%22%2C%22p%22%3A%22%22%2C%22b%22%3A%22%22%2C%22fresh%22%3A%220%22%2C%22infected%22%3A%22%22%2C%22slow%22%3A%22%22%2C%22os%22%3A%22windows%22%2C%22browser%22%3A%22chrome%22%2C%22winxp%22%3A%22false%22%2C%22old%22%3A%22actual%22%2C%22yabroAge%22%3Anull%7D&browser-info=pv%3A1%3Agdpr%3A6%3Avf%3A23bzrp1wl07v29tjtr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A1%3Als%3A1431627710939%3Ahid%3A425650785%3Az%3A0%3Ai%3A20211215051134%3Aet%3A1639545094%3Ac%3A1%3Arn%3A470394469%3Arqn%3A1%3Au%3A1639545094531596528%3Aw%3A1x1%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1639545092035%3Ads%3A0%2C57%2C29%2C7%2C0%2C0%2C%2C47%2C0%2C138%2C138%2C0%2C138%3Adsn%3A0%2C56%2C29%2C6%2C0%2C0%2C%2C45%2C0%2C138%2C138%2C0%2C138%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1639545094%3At%3A&t=gdpr(6)aw(1)lt(20800)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e4a7ea4969d1b73b00ffa4b4a231da576a23643bd0a4a11888b9fc35a43a9157
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 15-Dec-2021 05:11:34 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://yastatic.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
350
x-xss-protection
1; mode=block
expires
Wed, 15-Dec-2021 05:11:34 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BB9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639545094239&cv=9&fst=1639545094239&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e36b8d067631d0ffc9f89fc12012b1797e13f5f507958fca549c15ce81715a73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1110
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BB9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639545094244&cv=9&fst=1639545094244&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49c3acea374095fdf8078933d4ef6344b48e362ef49a3c3afce71c2e4796445a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1114
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/ Frame BB9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/947884341/?random=1639545094247&cv=9&fst=1639545094247&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
566f2776d1f9d0c7ad78fe4e1a56435070914e393dec32a76b1d06fbd22c768b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1114
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/ Frame BB9B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/693627671/?random=1639545094248&cv=9&fst=1639545094248&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d97e7687add87e263c78e52238477cc3f25c3cd8028ce0af51806a59b13ddc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1114
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1Kj6RwgK0Si100000000U9nJPFPKF-_z_a2NeUoRYhB9vwlIBPahToOo084dJ2JqwgoAp5Zp1166L4QWUARicpq58F5I9Y2lTYEGQ6LC099JWR8A33CPwwSmWC52ncC54DPAHXbT26ilur857eQZOFvLHf1nTnaPP1WO_ZBE0fesbmaaifJf53C3mrgcNq3sMQR_G...
an.yandex.ru/rtbcount/ 		43 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/rtbcount/1Kj6RwgK0Si100000000U9nJPFPKF-_z_a2NeUoRYhB9vwlIBPahToOo084dJ2JqwgoAp5Zp1166L4QWUARicpq58F5I9Y2lTYEGQ6LC099JWR8A33CPwwSmWC52ncC54DPAHXbT26ilur857eQZOFvLHf1nTnaPP1WO_ZBE0fesbmaaifJf53C3mrgcNq3sMQR_G72LAMeJ8yDJfXT0yLTC0eAF1NLatp0mY5SV2zEupChmbua5v0XcLY3Powm8SWepoA2vp20NhWII2c3BDp8BJIqyNtl7kVCgMFukcFp9xE343vQVnQBWQ92TLsLGLbRkcU-IcfIJOH9MvciQ5PRf5vnXwU6NORQGnT9YDLZn2fR_AvXsi30VO66yoGBnt0VxXoopPeB0JVktB20lJc2TEk52KyE1a0Mid2TPKzJOmUfkiZ9hJfBAxTSK-yeAyju4jkP9St_kURdxGHVZ0hRTcnw-wNhnwSzwnfLiCDCUiV6MMZXR1NivvXQPHOMPlsI3sVYJJOdxiZzRzmTx088RZ180?confirmTime=2108000&confirmRatio=1000000&test-tag=371686469795842&format-type=95&actual-format=3&rnd=3056279334590&pcode-active-testids=466517%2C0%2C46%3B462727%2C0%2C99&banner-sizes=eyI3MjA1NzYwNTM3Nzg2NjAwNyI6IjI5NHgyODgiLCI3MjA1NzYwNTUwMjE4MjE2NyI6IjI5NHgyODgiLCI3MjA1NzYwNTAwNDEwMzgwNSI6IjI5NHgyODgiLCI3MjA1NzYwNDM5ODQ0MjYxMSI6IjI5NHgyODgifQ%3D%3D&width=1198&height=290
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame BB9B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1639545094244&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=2591112601&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame BB9B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1639545094244&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=2591112601&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/693627671/ Frame BB9B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/693627671/?random=1639545094248&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=3719991425&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/693627671/ Frame BB9B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/693627671/?random=1639545094248&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=3719991425&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame BB9B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1639545094247&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=2171036049&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame BB9B 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1639545094247&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=2171036049&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
watchtime
www.youtube.com/api/stats/ Frame 4BC3 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/watchtime?ns=yt&el=embedded&cpn=MoF3JS84ZPc7xGQS&ver=2&cmt=1.335&fmt=396&fs=0&rt=2.004&euri=https%3A%2F%2Ffan-news.org%2F&lact=638&cl=416163874&state=playing&volume=100%2C100%2C100%2C100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&rtn=12&afmt=251&idpj=-9&ldpj=-22&rti=2&size=400%3A225&inview=0&st=0%2C0.316%2C0.616%2C0.7&et=0.213%2C0.616%2C0.7%2C1.335&muted=1%2C1%2C1%2C1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=BHm5YfqJFoTAgQft-aiYAg&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdDWFdTa2RxSE85UlBjQXlieVNNdFd5Ty14VTg1YV92Q3JtaFRhTGkyczJFd2JLQVBta0tESzJLc1NTMzJMaUQxSE8xYi1iYjRRUVJGSGFnODRfc1dYNVc4U1R3UkFaNUxTaTZZY0M1LV83T2RMdUNMM2UyNThGSm5F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/947884341/ Frame BB9B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/947884341/?random=1639545094239&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=210513448&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/947884341/ Frame BB9B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/947884341/?random=1639545094239&cv=9&fst=1639544400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&data=extensions%3D%3BfromGoogle%3Dfalse%3BfromCancel%3Dfalse%3Bloyal%3D0%3Bsbscrb%3D%3Bp%3D%3Bb%3D%3Bfresh%3D0%3Binfected%3D%3Bslow%3D%3Bos%3Dwindows%3Bbrowser%3Dchrome%3Bwinxp%3Dfalse%3Bold%3Dactual&frm=2&url=https%3A%2F%2Fyastatic.net%2Fsafeframe-bundles%2F0.83%2F1-1-0%2Frender.html&ref=https%3A%2F%2Ffan-news.org%2F&async=1&fmt=3&is_vtc=1&random=210513448&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://yastatic.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4BC3 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtyR2FnMDNCUzl3RSiE8uWNBg%3D%3D
X-YouTube-Ad-Signals
dt=1639545092194&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 15 Dec 2021 05:11:34 GMT
WL0ejI_zO9i0DGe0P15fU9hLDjKbAGK0cm4GW8200J43URbX000003ZkWAC1Y082kGBt7_lZWgeXl_02pS6WXmBm1G6W1k82k0R00Sa60qadpqllm8gf1ntil72JptfdW0e1Y0gD0QWAw0U82mIO2xJ93QeB417Z4ImTx0005tl6LYZJy0i6g0-TsEEpj_AplMUG4...
an.yandex.ru/count/ 		43 B
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/count/WL0ejI_zO9i0DGe0P15fU9hLDjKbAGK0cm4GW8200J43URbX000003ZkWAC1Y082kGBt7_lZWgeXl_02pS6WXmBm1G6W1k82k0R00Sa60qadpqllm8gf1ntil72JptfdW0e1Y0gD0QWAw0U82mIO2xJ93QeB417Z4ImTx0005tl6LYZJy0i6g0-TsEEpj_AplMUG4DsskA-_lF_4M_38kTyny187Y1C2u1G1s1N1YlRieu-y_6FmW1QLaD22WC1KoHRmFu4Ng1S9cHZG627u680Pi1c3aftvlEcxu8e1k1d_0S0PWzB8rD7juvGMqXaIUM5YSrzpPN9sPN8lSZKvEIqow1ck2V0PWC83WXmDTJX3EbDAGMroDbfMD-aS0F0_W1t_Vmy087M31k5U1TsCK1vCybf89YM6vxBLSPpreHurMp0YD1T4vC6HrSuXKWT_6r40~1=WbeejI_zOEm1XH80z1wORCTfx0BUnCRGnhtGdeW1W06fZz38ix-VtAe1Y07qwxcbWG6G0QxapRxKW8200fW1hkJDlbIW0SJYg074uis-LBW1_Ecsf2FO0PoKevy1u07IezOPw06u0lW1tg3UlW6W0lZyoXUO0y24FR03cpA81UxG1f05y9a7i0MmwW6u1R3g0TzTu0Ltg0RY0hW7W0Nn1m00mho-to_90ZTT0K39-0g0jHZP2ntil72Jptfdw0lkq0Q83CpBthu1w0oR1fWDyU4-Fw0Em8GzW12EYFeVW8CGq12waQzVu16vyAm5w17MlU-Ld_McoOxWZ-90-vV_qWDyip-O4mBW4x3g0OWKZUdKjyNwuUqyo1G1q1I4pEzMs1JXlhkC1kWKZ0BG5U6-kum6s1N1YlRieu-y_6EW5i2nvuq6i1Qo0yaM0F0_q1RCozw-0O4Nc1VsZxqTk1S1m1Ur4j0Nq8O3s1U-bZpe5nEP6A0O1h0OsT7bZGQu61tu6D2AbelH-EASH80PYHba9f0P0Q0Pm06u6V___m7W6HJe6Qu9y1c0mWE16l__ErTVEK6CY1h0X3se6ixvBhWQ0_KQ0G0009WRyU4-wHlOmjAx5enYGV0RXBsU4lWRhkck1EaSW1t_VvaTg1u1q1x5oPNycuNpghy1s1xwsXuU03Y4R9XHYJnozicGapkoS2Y3eqYcIPF0tNzyYniJ6vAyjPojNBDtN0XP0Az2y4L01O8nWb381otIn6AvWIn8pmNJ4GCtyRh9qdCCGi8dq-RuWxS9bj8PKiqCWssY2000~1=WfmejI_zO2O2bHG0X2CZFaXH9WFQcEkEhRUFY9i1W066hVMU1uW1ZQQDbuC1a06kZ9MrrO20W0AO0QwCbRLLe06UYwW1dekLjLMu0VAQvhqZs072dhMW0U01sFJX0kW1q07u0TwAthu1e0AgcES8e0C4i0C2bmM81PtuEf05lB0_i0M_ZX2u1R-E4C05qlSko0MlzmlG1V-u1k05bQW6uWAu1xG6q0S2s0SGu0U62l4700000CALpBC4vcDO92ZrFydu2e2r6DaB7UoyS9FFUcVe2vtuEeWCtehUlW7e39i6c0tnuJwmFg0Em8Gz-0wrmPMe2O0GeOt389eG6mb0014UXUjHk1xrFnd84C2Y4E0HkV2i1UWHrhtlbP_rficEu8_YG1t0guJzXyy_c1C2u1E_ZX2858tfrBV5-k7jFA0KluuGg1Iyi3yDs1JiZisD1kWKZ0B85SpVhkm3q1NiZisD1jWLmOhsxAEFlFnZe1R0iUUD1h0MiWF95j0MtehUlW615vWNrkTWk1S1m1Ur4j0Nq8O3s1VccZxe5m6P6A0O1h0OsT7bZGQu607u6D2AbelH-EASH80PYHba9f0P0Q0Pm06u6Vy1u1a1w1ck2V0PWC83-1d7cCeRWHh__oTFQlqDyuWQm8Gze1hjXUUDjjkHph81k1e3zHe10000c1lnuJxO6o3f6uLUoof-NJD1y1lurh02-1ltcHRf703mFu0T_t-P7G3mF-0TeAMt2AWU0T0UoBlSjgVyolews1xwsXw87_y17W02Sk0Ia7g1Tl3NNnSJtr36HX5CGwHa7jcblzI6L1kItBUSBMMprpK9Ic1rPC6h6v0Hcq33V22yrq7rCLDr3CXNz5m422lfEGO1PK6Aa0IM_PfP1zi47000~1=WdqejI_zOFS1dHC0T26kxiWxzmAdkVhvai7Yy0600R_B_gy1Y06Rg9ErUv01-i6Ksj60W802c07wmPJQKQ01vC2e0UJ0bDfHk068vwh98jW1alMsd07W0PQLhva1w05S-07OZzw-0Q02Zlg50PW3m8Gze0C6i0Fj38W5__mKa0N0iHYm1SsP1hW5pPa6m0NjnXl81TI01z05kBq2u0Kmg0RY0hW7W0Nn1m00Y8VzGe0A0S4A9LRXPFb5x3_9-0g0jHZP2ntil72Jptfdw0l__1I838Bxthu1w0oR1fWDyU4-S3sW3i24FO0GoVZ37i2ma8BW4Rdmh0Ne4TQzxvMVzQR9Zk2Fua0DWagq8qdBFvWJ0k0JpPa6Y1IDwTItnVhXxJoW5CsP1gWKmB4Oi1JhWJ2u583J3WBG5D_TrXxO58h0gOe6w1IC0j0LYi2fYWRO5S6AzkoZZxpyOw0MmB7dZGQm5h83oHRG5eBxthu1WHS0y3-O5vUrj2ou5m705xKIq1VGXWFO5uEIFUWN0PaOe1W7i1ZPqUMD1hWO1lWOq8gMYz7uufn4W1c96MGc1m000000a1a1e1d00RWP____0U0P4UWPhWdm6O320u4Q___72uCcPQM86i24FRWQ1FKQ0G0009WRyU4-wHj4iWgEEHf7GV0RlFhM1VWRblMW0kaSW1t_VvaTu1s-oIwe7W7G7g3YslMf-9U0NzWU-jeUY1____y1700wDGOEoHPcB1YFdFjaME5Gi4THXjiZPmZywNoKCcj8SivoNhvw2h92oEft5G8k0ceWC1q8vEMWPTsHzBwYvu7bY86NUDqawJa6WGYVNCnNIkVTcba7CmGS~1=WdmejI_zO0a2bHC0n22uUmsN2GEqYxcspTcxmB81W07AvRwc1OW1l82TesYG0UQXnvZDW8200fW1vg77c4sW0OoVg06CdyUOJRW1Wf34j27O0QQpefW1u07OlEG9w07q0Q02mggj5803YvRlx0w80-MufUS9e0C8i0EI6eW5bP48a0MgYGgm1PM-0xW5bRu3m0MimYV81RJM3T05ZuC1u0K-g0RY0hW7W0Nn1m00mg7Lbh8yc3imsz8_oTaB7UoyS9FFUcVe2vMH29i6c0tnuJwW3i24FO0GqzUv7C2m4E0HkV2i1UWHrhtlbP_rficEu8_YG4r9dbOQnxS_c1C2u1ELlWE858tfrBV5-k7jFA0KbRu3g1IgYGgm5FQiY62u582xi270582naMJ850JG59dmYHtO5Fw1Xue6w1IC0j0L_e67YWRO5S6AzkoZZxpyOw0MmB7dZGQm5h83oHRG5kB6thu1WHUO5wUfYGMu5m705xKIq1VGXWFO5-FLEkWN1PaOe1W8i1ZIt-MD1hWOAVWOq8gMYz7uufn4W1c96MGca1a1e1d00RWP____0U0P2UWPhWdm6O320u4Q__-RlmTUXxk86i24FP0QW820W820Y43r6W40002O6_7XFkaRWakkDHxRGa7m6-primFu6vYmg07f780T_t-P7U0TiSe5g1u1q1xMuihgneYVwNhO7llQ7eWV____0Hy0EZK63iaTPcGcZno3CgJcZYmSok0eacc8L4EFn5v3GfgMioLhzaOB8UlVLGYy2AW3TDe52C9dA9FITOGMIHwnuK0MgEU2yOY1-IGZ4wdd60GhV7BfM4fdlDUVd5qpws2RW0C0~1?stat-id=2&test-tag=371686788595265&banner-sizes=eyI3MjA1NzYwNTM3Nzg2NjAwNyI6IjI5NHgyODgiLCI3MjA1NzYwNTUwMjE4MjE2NyI6IjI5NHgyODgiLCI3MjA1NzYwNTAwNDEwMzgwNSI6IjI5NHgyODgiLCI3MjA1NzYwNDM5ODQ0MjYxMSI6IjI5NHgyODgifQ%3D%3D&format-type=95&actual-format=3&pcodever=50852&banner-test-tags=eyI3MjA1NzYwNTM3Nzg2NjAwNyI6IjU3MzYxIiwiNzIwNTc2MDU1MDIxODIxNjciOiI1NzM2MiIsIjcyMDU3NjA1MDA0MTAzODA1IjoiNTczNjMiLCI3MjA1NzYwNDM5ODQ0MjYxMSI6IjU3MzY0In0%3D&pcode-active-testids=466517%2C0%2C46%3B462727%2C0%2C99&width=1198&height=290&confirmTime=2100000&confirmRatio=1000000&wmode=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545094606886-11181395923139084920-man1-4838-man-l7-balancer-8080-BAL-1889
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
389706
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=5098991&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545094608417-18002984217326263004-man1-4838-man-l7-balancer-8080-BAL-8622
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
201579
ad.mail.ru/vast/ Frame 161E 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid
clientside-video-bidder.rutarget.ru/ Frame 161E 		27 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ffan-news.org%2F&request_id=2339745573&placement_id=1507&mimes=video%2Fmp4&placement=3&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr3.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
197143
ad.mail.ru/vast/ Frame 161E 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=5597908&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:34 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cqqef&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:34 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1206093, "code_type":"regular"}
x-yandex-req-id
1639545094788260-14585910919294165465-man1-4838-man-l7-balancer-8080-BAL-4658
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:34 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:34 GMT
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=8124482&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=5704082&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
ads
pubads.g.doubleclick.net/gampad/ Frame 161E 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_2&description_url=https%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545095
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
3878bd78faf35f186a49560a28e8a716856f4061ab92d54829c73d7b8efebc33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2295
x-xss-protection
0
google-lineitem-id
5787806370
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364017550
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
942495
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=3911162&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=6952277&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid
clientside-video-bidder.rutarget.ru/ Frame 161E 		27 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=59812106&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr3.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
vast
stats.seedr.com/ Frame 161E 		837 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Ffan-news.org%2F&sc=2453713131&pr=3462576
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
ba046bdda2c222647a071ae5b28b6fe6348f5324de53b5b58a4b3516008dee0f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
pl15526
ssp.bidvol.com/vast/ Frame 161E 		49 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.1.47 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.1.108.65.clients.your-server.de
Software
nginx/1.14.0 /
Resource Hash
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:35 GMT
server
nginx/1.14.0
surrogate-control
no-store
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
49
x-request-id
788f3259-15d2-4d9e-b0f1-3bd50cc00608
expires
0
ads
pubads.g.doubleclick.net/gampad/ Frame 161E 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_1&description_url=http%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545095
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c05becbf91c70742fec3bfc51920648fee1e98269f9e7ed635bf53f3a7af8043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3254
x-xss-protection
0
google-lineitem-id
5848710468,5831389590
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373900739,138370852748
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=2347996&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:35 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
myvideo-confirm-vast
adx.com.ru/ Frame 161E
Redirect Chain
  • https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream
  • https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
Protocol
H2
Server
188.34.131.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.132.131.34.188.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://moevideo.biz
date
Wed, 15 Dec 2021 05:11:35 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Wed, 15 Dec 2021 05:11:35 GMT
server
nginx/1.20.1
access-control-allow-origin
https://moevideo.biz
p3p
CP="adx.com.ru does not have a P3P policy"
location
/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
168
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame FC57 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:35 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-3549"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:45:03+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:43:40 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 161E 		142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=3&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=981112547&tail256=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:35 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 161E 		142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=1179152569&tail256=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:35 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame 3121 		538 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:35 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-8683f"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:45:16+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:45:00 GMT
analytics.js
www.google-analytics.com/ Frame 3121 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5802
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 0AFA 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:36 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 10 Dec 2021 16:39:02 GMT
vary
Accept-Encoding
etag
W/"61b382a6-1b7e"
cache
HIT
x-cached-since
2021-12-12T18:26:30+00:00
x-id
fr5-up-gc32
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:36 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
fr5-up-gc34
hosts.json
cdn02.nativeroll.tv/player/ Frame 3121 		302 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:36 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 22:46:48 GMT
server
nginx
etag
W/"61b91ed8-12e"
x-cached-since
2021-12-14T22:49:59+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
6194d28b365f7e44bb060303
statsa.nativeroll.tv/nr/aserver/group/ Frame 3121 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsa.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303?event=visit&gid=6194d28b365f7e44bb060303&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2F&title=&ref=moevideo.biz&block_enabled=0&width=400&height=225&offset_px=0&offset_pct=0&lenght_px=225&cookie_enabled=1&t=2021-12-15T05%3A11%3A36&mode=vpaid&data_saver=false&sc=2453713131&nr_f=MTYzOTU0NTA5NjIxNg%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&referrer=https%3A%2F%2Ffan-news.org%2F&audiableVideoSlot=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=dcc54b45-6513-4b45-b930-0cd45def6aca
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:36 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
6194d28b365f7e44bb060303.jsonp
statsa.nativeroll.tv/nr/aserver/group/ Frame FC57 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statsa.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303.jsonp?event=impression&v=1.19.15&gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&title=&cookie_enabled=1&block_enabled=0&ref=moevideo.biz&width=400&offset_px=0&offset_pct=0&lenght_px=225&nr_f=MTYzOTU0NTA5NjI2OQ%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.137.232.40 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host40.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:36 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
native
moevideo.biz/ Frame 161E 		47 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
1933a193177aca37c8fb938d63728c2816a936542e525f64631f6afc2b27285c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:36 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.00227499008179
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 15 Dec 2021 05:11:36 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.014
X-Mv-Embed-Version
1403
X-My-Name
s45
X-My-Reqtime
0.102
Access-Control-Allow-Origin
*
Content-Encoding
gzip
styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 161E 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:03:30 GMT
Server
nginx
X-My-Name
s8
ETag
W/"61a74872-d99f"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.082
mvplayer.min.js
moevideo.biz/embed/player/1746/ Frame 161E 		585 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:04:32 GMT
Server
nginx
X-My-Name
s8
ETag
W/"61a748b0-922a1"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.081
storage.html
moe.video/ Frame 89D7 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:04 GMT
ETag
W/"61b49ef4-4783"
X-My-Name
s24
X-My-Reqtime
0.091
X-B-Name
f36
Content-Encoding
gzip
truncated
/ Frame 161E 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
atr
www.youtube.com/api/stats/ Frame 4BC3 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/atr?ns=yt&el=embedded&cpn=MoF3JS84ZPc7xGQS&ver=2&cmt=4.425&fmt=396&fs=0&rt=5.094&euri=https%3A%2F%2Ffan-news.org%2F&lact=3728&cl=416163874&mos=1&volume=100&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&splay=1&hl=de_DE&cr=DE&len=1390&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24089463%2C24129402%2C24130420%2C24133268%2C24141079&afmt=251&muted=1&docid=KY7AShchjxs&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FKY7AShchjxs%3Fautoplay%3D1%26controls%3D0%26disablekb%3D1%26enablejsapi%3D1%26fs%3D0%26loop%3D1%26modestbranding%3D1%26color%3Dwhite%26iv_load_policy%3D3&ei=BHm5YfqJFoTAgQft-aiYAg&of=ln4t8OQzVsUgcDU7j1oh9Q&vm=CAEQABgEOjJBS1JhaHdDWFdTa2RxSE85UlBjQXlieVNNdFd5Ty14VTg1YV92Q3JtaFRhTGkyczJFd2JLQVBta0tESzJLc1NTMzJMaUQxSE8xYi1iYjRRUVJGSGFnODRfc1dYNVc4U1R3UkFaNUxTaTZZY0M1LV83T2RMdUNMM2UyNThGSm5F
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-YouTube-Ad-Signals
dt=1639545092262&flash=0&frm=2&u_tz&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:37 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:37 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame 161E 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:37 GMT
X-Balancer-Name
fvm19
Last-Modified
Wed, 15 Dec 2021 05:11:37 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm19
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
truncated
/ Frame 161E 		363 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 161E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5803
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
ads-async.js
ad.mail.ru/static/ Frame 161E 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:37 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
189564
Expires
Wed, 15 Dec 2021 05:21:37 GMT
storage.html
moe.video/ Frame 6F2D 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:05 GMT
ETag
W/"61b49ef5-4783"
X-My-Name
s27
X-My-Reqtime
0.092
X-B-Name
f36
Content-Encoding
gzip
storage.html
moe.video/ Frame 2283 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:05 GMT
ETag
W/"61b49ef5-4783"
X-My-Name
s26
X-My-Reqtime
0.087
X-B-Name
f36
Content-Encoding
gzip
adsdk.js
an.yandex.ru/system/video-ads-sdk/ Frame 161E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
35b6834ebbd06b9eb5e9fab6c79a981bed24dcfbaf100f239780f7faec68e6ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
3138152009
x-yandex-req-id
1639545097696921-705193225703568637600364-production-app-host-man-pcode-124
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 15 Dec 2021 06:11:37 GMT
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=CreateLoader&bundleName=AdSDKLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
truncated
/ Frame 161E 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.bundle.js
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/ Frame 161E 		563 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7378fca6126cf82166a26a4c0023773f808b76b76408064de804aedf38272b92
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://moevideo.biz/
Origin
https://moevideo.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:37 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
143743
x-nginx-request-id
8c83698743e5cc45
last-modified
Tue, 14 Dec 2021 09:25:22 GMT
server
nginx/1.17.9
etag
"2060a14983650a6b8133a8f04fa309be"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:27 GMT
vkAuth.html
ad.mail.ru/dist/ Frame DBF8 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Wed, 15 Dec 2021 05:21:37 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame 161E 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1639545097852&q=199847&vk=0&_=978587537
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
dfabc3167cb634fd85bb0c774f376ae104ae1ea3e1fce2c872dc5c575a13915b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:37 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=ModuleLoaded&bundleName=AdLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
1378267
an.yandex.ru/vmap/ Frame 161E 		2 KB
850 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=3940411639545097887&pcode-icookie=o4zpB2jLcqOYWLU%2BwVNmPpW8E7bc6zMes%2BJ3fqtEPkL9NMo0BcoawUHwPFCshsUYsIXp3GVQengMXqlAB6TbizSOxJ4%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=8823e9ca917a2c221471d40a31861bd2db611aa62a828287a484862df92b3d82&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545097891&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
6ab65086e82d38be8da8c132b63633a408e6d9d0fa8a5747cb2d7effe05d08b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:37 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:37 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:37 GMT
openapi.js
vk.com/js/api/ Frame DBF8 		102 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:38 GMT
content-encoding
br
x-frontend
front225204
last-modified
Thu, 07 Oct 2021 11:12:43 GMT
server
kittenx
etag
"615ed62b-5a1f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23071
expires
Sun, 19 Dec 2021 05:11:38 GMT
1378267
an.yandex.ru/meta/ Frame 161E 		66 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456502034586987549&video-category-id=0&client-timezone-offset=0&video-content-id=0&ad-session-id=3940411639545097887&pcode-icookie=o4zpB2jLcqOYWLU%2BwVNmPpW8E7bc6zMes%2BJ3fqtEPkL9NMo0BcoawUHwPFCshsUYsIXp3GVQengMXqlAB6TbizSOxJ4%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456502033107446813&enable-page-options=65536&rnd=0.05043428398469452&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=8823e9ca917a2c221471d40a31861bd2db611aa62a828287a484862df92b3d82&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545097953&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:38 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:38 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639545097980589-725374340535140440500364-production-app-host-vla-pcode-172
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:38 GMT
/
login.vk.com/ Frame DBF8 		27 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.109628
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:38 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.109628
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&fatal=NO_AD_SECTION
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		163 KB
163 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=audio%2Fwebm&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgL7VdwjJdEeqOxaozHU742U71vKoTduM3PZb1QP92y5kCICOZeZKMSjlM9GfDURIT0ByUdhNSZQN_Wq8RldAeU9Yw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=306797-473667&rn=8&rbuf=14551
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:62::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
10bcdfd96dff099d9a2919585d8eea69a35e1c5c02c614870e175b7b731625c9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:38 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
166871
client-protocol
quic
last-modified
Sat, 13 Feb 2021 12:59:12 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21294
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Wed, 15 Dec 2021 05:11:38 GMT
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:38 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545098684099-8727412661760797560-man1-4838-man-l7-balancer-8080-BAL-7147
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:38 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:38 GMT
389706
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=8745395&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:38 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545098685893-14016746955024601145-man1-4838-man-l7-balancer-8080-BAL-4009
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:38 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:38 GMT
201579
ad.mail.ru/vast/ Frame 161E 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid
clientside-video-bidder.rutarget.ru/ Frame 161E 		27 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=https%3A%2F%2Ffan-news.org%2F&request_id=2332148808&placement_id=1507&mimes=video%2Fmp4&placement=3&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr3.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:38 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
197143
ad.mail.ru/vast/ Frame 161E 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/197143?pr=1969848&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:38 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cqqef&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:38 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1206093, "code_type":"regular"}
x-yandex-req-id
1639545098892092-16520585239223995320-man1-4838-man-l7-balancer-8080-BAL-4568
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:38 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:38 GMT
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=4892989&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=962943&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
726513
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/726513?dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
ads
pubads.g.doubleclick.net/gampad/ Frame 161E 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_2&description_url=https%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545099
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
58f913ef213a3a40a9da5345d5e595471f6bc918ff431f96ae787f73f5be7650
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2298
x-xss-protection
0
google-lineitem-id
5787806370
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364017550
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
942495
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=6213411&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
942495
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/942495?rand=8697833&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
bid
clientside-video-bidder.rutarget.ru/ Frame 161E 		27 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=992484926&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
80.64.106.148 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS
s-fr3.rutarget.ru
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Server
nginx
Access-Control-Allow-Methods
OPTIONS
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length
27
vast
stats.seedr.com/ Frame 161E 		837 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.seedr.com/vast?gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Ffan-news.org%2F&sc=2453713131&pr=4629134
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.185.194.45 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host45.seedr.ru
Software
nginx /
Resource Hash
a50278dee55cee7140e3383d714cb4b5eb5fbf9999569bf0b92efcd14e7a0650

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
pl15526
ssp.bidvol.com/vast/ Frame 161E 		49 B
506 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.108.1.47 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.47.1.108.65.clients.your-server.de
Software
nginx/1.14.0 /
Resource Hash
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:39 GMT
server
nginx/1.14.0
surrogate-control
no-store
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-length
49
x-request-id
4d3479cf-b4b9-4d2b-9aeb-f664a7124f53
expires
0
ads
pubads.g.doubleclick.net/gampad/ Frame 161E 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_1&description_url=http%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1639545100
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
c850359c80b5cf7357a54cb1b53c5971513bfe476913d46bb7887377e1f4b7b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3238
x-xss-protection
0
google-lineitem-id
5848710468,5831389590
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373900739,138370852748
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://moevideo.biz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
362146
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/362146?rand=2575348&sc=2453713131&dl=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:39 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
myvideo-confirm-vast
adx.com.ru/ Frame 161E
Redirect Chain
  • https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Ffan-news.org%2F&uid=&vpaid=false&rolltype=outstream
  • https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.com.ru/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
Protocol
H2
Server
188.34.131.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.132.131.34.188.clients.your-server.de
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin
https://moevideo.biz
date
Wed, 15 Dec 2021 05:11:39 GMT
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
server
nginx/1.20.1
p3p
CP="adx.com.ru does not have a P3P policy"

Redirect headers

date
Wed, 15 Dec 2021 05:11:39 GMT
server
nginx/1.20.1
access-control-allow-origin
https://moevideo.biz
p3p
CP="adx.com.ru does not have a P3P policy"
location
/myvideo-confirm-vast?confirm=2&referer=https%3A%2F%2Ffan-news.org%2F&rolltype=outstream&uid=61b97907d41e06b6d90df1d4&vpaid=false
cache-control
max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
content-length
168
nr-vpaid.min.js
cdn01.nativeroll.tv/js/ Frame 4250 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:39 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-3549"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:45:03+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:43:40 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 161E 		142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=3&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=435023799&tail256=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:39 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
nr-player.min.js
cdn01.nativeroll.tv/js/ Frame FBB2 		538 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-player.min.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:39 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 15:42:32 GMT
server
nginx
etag
W/"61b8bb68-8683f"
vary
Accept-Encoding
x-cached-since
2021-12-15T03:45:16+00:00
content-type
application/javascript; charset=utf-8
cache-control
max-age=7200
cache
HIT
expires
Tue, 14 Dec 2021 17:45:00 GMT
erle.cgi
ad.adriver.ru/cgi-bin/ Frame 161E 		142 B
863 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=1410672211&tail256=moevideo.biz
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.108.35 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:39 GMT
Transfer-Encoding
chunked
P3P
policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin
https://moevideo.biz
Cache-control
no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/xml
Expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics.js
www.google-analytics.com/ Frame FBB2 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5806
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
nr-box.html
cdn01.nativeroll.tv/js/ Frame 25AD 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn01.nativeroll.tv/js/nr-box.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:40 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 10 Dec 2021 16:39:02 GMT
vary
Accept-Encoding
etag
W/"61b382a6-1b7e"
cache
HIT
x-cached-since
2021-12-12T18:26:30+00:00
x-id
fr5-up-gc32
content-encoding
gzip
hosts.json
cdn02.nativeroll.tv/player/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Wed, 15 Dec 2021 05:11:40 GMT
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-max-age
1728000
access-control-allow-origin
https://moevideo.biz
x-id
fr5-up-gc34
hosts.json
cdn02.nativeroll.tv/player/ Frame FBB2 		302 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn02.nativeroll.tv/player/hosts.json
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987

Request headers

cache-control
no-cache
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-id
fr5-up-gc32
date
Wed, 15 Dec 2021 05:11:40 GMT
content-encoding
gzip
last-modified
Tue, 14 Dec 2021 22:46:48 GMT
server
nginx
etag
W/"61b91ed8-12e"
x-cached-since
2021-12-14T22:49:59+00:00
content-type
application/json
access-control-allow-origin
https://moevideo.biz
access-control-expose-headers
Content-Encoding,Content-Range,Content-Length
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Content-Encoding,Content-Range,Content-Length
cache
HIT
6194d28b365f7e44bb060303
statsb.nativeroll.tv/nr/aserver/group/ Frame FBB2 		67 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303?event=visit&gid=6194d28b365f7e44bb060303&v=1.19.15&url=https%3A%2F%2Ffan-news.org%2F&title=&ref=moevideo.biz&block_enabled=0&width=400&height=225&offset_px=0&offset_pct=0&lenght_px=225&cookie_enabled=1&t=2021-12-15T05%3A11%3A40&mode=vpaid&data_saver=false&sc=2453713131&nr_f=MTYzOTU0NTEwMDI4MQ%3D%3D&ancestor_origins=https%3A%2F%2Fmoevideo.biz%2Chttps%3A%2F%2Ffan-news.org&hwConcurrency=4&deviceMemory=8&platform=Linux%20x86_64&touchPoints=0&referrer=https%3A%2F%2Ffan-news.org%2F&audiableVideoSlot=0&plays360=true&plays_inline=true&power_saver=false&li=&cid=dcc54b45-6513-4b45-b930-0cd45def6aca
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-player.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:40 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://moevideo.biz
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, *
Content-Length
67
6194d28b365f7e44bb060303.jsonp
statsb.nativeroll.tv/nr/aserver/group/ Frame 4250 		0
454 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statsb.nativeroll.tv/nr/aserver/group/6194d28b365f7e44bb060303.jsonp?event=impression&v=1.19.15&gid=6194d28b365f7e44bb060303&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&title=&cookie_enabled=1&block_enabled=0&ref=moevideo.biz&width=400&offset_px=0&offset_pct=0&lenght_px=225&nr_f=MTYzOTU0NTEwMDM1NA%3D%3D&plays360=true&plays_inline=true&rsn=255
Requested by
Host: cdn01.nativeroll.tv
URL: https://cdn01.nativeroll.tv/js/nr-vpaid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.43.83 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
host83.seedr.ru
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:40 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Headers
Content-Type, *
native
moevideo.biz/ Frame 161E 		47 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx / PHP/5.5.38
Resource Hash
267b0852df9d7f45403724cb7be7b9e39de06865e36f15a0b656f33e7779f597

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://fan-news.org/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/5.5.38
X-My-Adv-Time
0.00248408317566
Expires
Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified
Wed, 15 Dec 2021 05:11:40 GMT
Cache-Control
max-age=0
Pragma
no-cache
X-Mv-TryCache
0
X-My-App-Time
0.014
X-Mv-Embed-Version
1403
X-My-Name
s19
X-My-Reqtime
0.108
Access-Control-Allow-Origin
*
Content-Encoding
gzip
styles.css
moevideo.biz/embed/player/1746/skins/gray/ Frame 161E 		54 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/skins/gray/styles.css
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:03:30 GMT
Server
nginx
X-My-Name
s38
ETag
W/"61a74872-d99f"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.082
mvplayer.min.js
moevideo.biz/embed/player/1746/ Frame 161E 		585 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://moevideo.biz/embed/player/1746/mvplayer.min.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.116 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f54.moevideo.net
Software
nginx /
Resource Hash
f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 01 Dec 2021 10:04:32 GMT
Server
nginx
X-My-Name
s19
ETag
W/"61a748b0-922a1"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
keep-alive
X-My-Reqtime
0.094
storage.html
moe.video/ Frame 410D 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:24 GMT
ETag
W/"61b49f08-4783"
X-My-Name
s48
X-My-Reqtime
0.090
X-B-Name
f36
Content-Encoding
gzip
truncated
/ Frame 161E 		313 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
auction_multi
am-0.moevideo.biz/ssp/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://moevideo.biz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:41 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
auction_multi
am-0.moevideo.biz/ssp/ Frame 161E 		2 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am-0.moevideo.biz/ssp/auction_multi
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
83.229.25.165 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
fvm19.moevideo.net
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Wed, 15 Dec 2021 05:11:41 GMT
X-Balancer-Name
fvm19
Last-Modified
Wed, 15 Dec 2021 05:11:41 GMT
Server
nginx
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://moevideo.biz
X-B-Name
fvm19
Cache-Control
no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
2
Expires
Thu, 19 Feb 1998 13:24:18 GMT
truncated
/ Frame 161E 		363 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
analytics.js
www.google-analytics.com/ Frame 161E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5807
date
Wed, 15 Dec 2021 03:34:54 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 15 Dec 2021 05:34:54 GMT
ads-async.js
ad.mail.ru/static/ Frame 161E 		185 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/static/ads-async.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:41 GMT
Server
nginx
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
189564
Expires
Wed, 15 Dec 2021 05:21:41 GMT
storage.html
moe.video/ Frame D094 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:36 GMT
ETag
W/"61b49f14-4783"
X-My-Name
s50
X-My-Reqtime
0.087
X-B-Name
f36
Content-Encoding
gzip
storage.html
moe.video/ Frame 3E94 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://moe.video/storage.html?v=08
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.223.103.253 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS
f36.moevideo.net
Software
nginx /
Resource Hash
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Sat, 11 Dec 2021 12:52:00 GMT
ETag
W/"61b49ef0-4783"
X-My-Name
s9
X-My-Reqtime
0.099
X-B-Name
f36
Content-Encoding
gzip
adsdk.js
an.yandex.ru/system/video-ads-sdk/ Frame 161E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
38518895bc1771f02b8e1ed50d4f41cad4bccbfeb5aa6f5acce529d7ea306f7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
3138152009
x-yandex-req-id
1639545101792593-1154568022398136799800358-production-app-host-sas-pcode-137
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Wed, 15 Dec 2021 06:11:41 GMT
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=CreateLoader&bundleName=AdSDKLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
rum.bundle.js
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/ Frame 161E 		61 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/rum.bundle.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d53bfcc7bb21294ced689b10baa682dce74ec24257cea95e16e45c318c77ba96
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://moevideo.biz/
Origin
https://moevideo.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
19095
x-nginx-request-id
01ff170849d92ce3
last-modified
Tue, 14 Dec 2021 09:25:22 GMT
server
nginx/1.17.9
etag
"bdf82f738c24d14a2aded41433df1443"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:50 GMT
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&event=UnsupportedAdsdkLoaderScriptSrc
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
truncated
/ Frame 161E 		246 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/svg+xml
loader.bundle.js
yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/ Frame 161E 		563 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7378fca6126cf82166a26a4c0023773f808b76b76408064de804aedf38272b92
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://moevideo.biz/
Origin
https://moevideo.biz
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:41 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
143743
x-nginx-request-id
8c83698743e5cc45
last-modified
Tue, 14 Dec 2021 09:25:22 GMT
server
nginx/1.17.9
etag
"2060a14983650a6b8133a8f04fa309be"
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2051 11:44:27 GMT
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=ModuleLoaded&bundleName=Rum
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
vkAuth.html
ad.mail.ru/dist/ Frame 0079 		523 B
802 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/dist/vkAuth.html
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/

Response headers

Server
nginx
Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Type
text/html;charset=UTF-8
Content-Length
523
Connection
keep-alive
Expires
Wed, 15 Dec 2021 05:21:41 GMT
Cache-Control
max-age=600
Access-Control-Allow-Origin
*
Timing-Allow-Origin
*
/
ad.mail.ru/adq/ Frame 161E 		83 B
450 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/adq/?callback=mailru_ad1639545101959&q=199847&vk=0&_=778467256
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
008966e3cb034e06f59a2c4e29241fd3de02118c7199ea814d3dc6c253e43bc6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/native?id=mv-content-roll-2766&slot=content&api=2.0&ref=fan-news.org
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:41 GMT
Content-Encoding
gzip
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
click
yandex.ru/clck/ Frame 161E 		43 B
197 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/rum.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=ModuleLoaded&bundleName=AdLoader
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/video-ads-sdk/adsdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&event=VmapLoadStart
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
1378267
an.yandex.ru/vmap/ Frame 161E 		2 KB
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/vmap/1378267?video-content-id=0&ad-session-id=3533761639545101988&pcode-icookie=10H5vYdqy43LCLNhip1knw9imzpEzZC18u2bef0tGqix3pyiWuicx%2B4t0godjVRnzhyQGOLpCPZ8eHdpWqeA3Qy9o0M%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&video-category-id=0&wtime-since-ad=0&client_type=html&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=a4fc4bbc6c2c4a3991852ab01687981437cd40c2ac12bc297aefc3bb103ca216&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545101994&client-timezone-offset=0&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
28ade5d1772a684a390354f136f33eb785dab2e140eddd9e62af32b95514878b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:42 GMT
click
yandex.ru/clck/ Frame 161E 		43 B
168 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/clck/click
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/rum.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

cache-control
no-cache
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
content-length
43
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/gif
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=VmapLoadSuccess
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&event=CreateAdLoader
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&event=VastLoadStart
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
1378267
an.yandex.ru/meta/ Frame 161E 		66 B
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/1378267?imp-id=1&vmap-request-id=7456503111505210397&video-category-id=0&client-timezone-offset=0&video-content-id=0&ad-session-id=3533761639545101988&pcode-icookie=10H5vYdqy43LCLNhip1knw9imzpEzZC18u2bef0tGqix3pyiWuicx%2B4t0godjVRnzhyQGOLpCPZ8eHdpWqeA3Qy9o0M%3D&pcode-test-ids=466940%2C0%2C18%3B462893%2C0%2C34%3B473610%2C0%2C80&pcode-flags=%7B%22ENABLE_CODECS_WHITELIST%22%3A%22TRUE%22%2C%22DISABLE_DEFAULT_THEME_EMPTY_DURATION%22%3A%22TRUE%22%2C%22MEDIA_FILE_BITRATE_PRIORITY_FACTOR%22%3A%220.000001%22%2C%22VOLUME_BUTTON_ANIMATION%22%3A%22ENABLE%22%2C%22UNIFORMAT%22%3A%22ENABLE%22%2C%22CHANGE_CLICK_THROUGH_LOGIC%22%3A%22ACTION_BUTTON_PRIORITY%22%2C%22ENABLE_SKIN_THEME_EMPTY%22%3A%22TRUE%22%2C%22ENABLE_VP9_CODECS%22%3A%22TRUE%22%2C%22ENABLE_MEDIA_FILES_WITH_MSE_FILTER_UNDER_ABD_ONLY%22%3A%22TRUE%22%2C%22TRACK_COMPLETE_BEFORE_PACKSHOT%22%3A%22ENABLE%22%2C%22VAS_STABLE_VERSION%22%3A%22472631%22%2C%22VAS_LONG_EXP_FLAG_ENABLE_MEDIA_FILE_TYPE_PRIORITY_FACTOR_FOR_DESIRED_BITRATE%22%3A%22TRUE%22%2C%22VAS_LONG_EXP_FLAG_MEDIA_FILE_TYPE_PRIORITY_FACTOR%22%3A%221%22%2C%22VAS_ENABLE_HONEYPOT_ON_SMALL_PERCENT%22%3A%22TRUE%22%2C%22VAS_JUST_FOR_FIX_ERROR%22%3A%22CONTROL%22%2C%22ADSDKVER%22%3A%22473610%22%7D&uniformat=true&target-ref=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2766%26slot%3Dcontent%26api%3D2.0%26ref%3Dfan-news.org&page-ref=https%3A%2F%2Ffan-news.org%2F&charset=UTF-8&video-session-id=7456503109409631261&enable-page-options=65536&rnd=0.018721636313956846&adsdk-bundle-version=473610&adsdk-bundle-name=AdLoader&adsdk-container-visibility=0&adsdk-container-width=0&adsdk-container-height=0&video-avatar-width=0&video-avatar-height=0&adsdk-test-tag=11786&sid=a4fc4bbc6c2c4a3991852ab01687981437cd40c2ac12bc297aefc3bb103ca216&top-ancestor=https%3A%2F%2Ffan-news.org&top-ancestor-undetermined=0&client-ts=1639545102124&viewability-undetermined=0&video-volume=0&video-muted=1&pcode-active-testids=473610%2C0%2C80&document-has-focus=false&is-fullscreen=unknown&ad-pod-id=unknown
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://moevideo.biz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:42 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 05:11:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1639545102144710-277637404924807172800364-production-app-host-man-pcode-90
strict-transport-security
max-age=31536000
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:42 GMT
openapi.js
vk.com/js/api/ Frame 0079 		102 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:42 GMT
content-encoding
br
x-frontend
front225204
last-modified
Thu, 07 Oct 2021 11:12:43 GMT
server
kittenx
etag
"615ed62b-5a1f"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
23071
expires
Sun, 19 Dec 2021 05:11:42 GMT
/
login.vk.com/ Frame 0079 		27 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1
Requested by
Host: vk.com
URL: https://vk.com/js/api/openapi.js?169
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv135-129-240-87.vk.com
Software
kittenx / KPHP/7.4.109628
Resource Hash
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 15 Dec 2021 05:11:42 GMT
content-encoding
gzip
server
kittenx
x-powered-by
KPHP/7.4.109628
strict-transport-security
max-age=15768000
access-control-allow-methods
GET
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://ad.mail.ru
cache-control
no-store
access-control-allow-credentials
true
content-type
text/html; charset=windows-1251
content-length
41
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=CreateVastFromXMLString
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&values=VastLoadSuccess
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
jstracer
jstracer.yandex.ru/ Frame 161E 		2 B
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://jstracer.yandex.ru/jstracer?AdSDKJS=473610&fatal=NO_AD_SECTION
Requested by
Host: yastatic.net
URL: https://yastatic.net/awaps-ad-sdk-js-bundles/1.0-473610/bundles-es2017/loader.bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=31536000
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
timing-allow-origin
*
access-control-allow-headers
Content-Type
content-length
2
x-xss-protection
1; mode=block
qoe
www.youtube.com/api/stats/ Frame 4BC3 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=MoF3JS84ZPc7xGQS&el=embedded&ns=yt&fexp=23858057%2C23983296%2C24001373%2C24002022%2C24002025%2C24002923%2C24004644%2C24007246%2C24080738%2C24082662%2C24089463%2C24129402%2C24130420%2C24133268%2C24141079&cl=416163874&seq=3&event=streamingstats&docid=KY7AShchjxs&ei=BHm5YfqJFoTAgQft-aiYAg&cbr=Chrome&cbrver=96.0.4664.93&c=WEB_EMBEDDED_PLAYER&cver=1.20211210.00.01&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=1.371:0.742,2.121:1.452,10.009:9.341&vps=1.371:PL,10.009:PL&bwm=10.009:174983:0.507&bwe=10.009:1003191&bat=10.009:1:1&bh=10.009:20.801&df=10.009:9
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/204bfffb/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/KY7AShchjxs?autoplay=1&controls=0&disablekb=1&enablejsapi=1&fs=0&loop=1&modestbranding=1&color=white&iv_load_policy=3
X-YouTube-Client-Version
1.20211210.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-YouTube-Ad-Signals
dt=1639545092262&flash=0&frm=2&u_tz&u_his=6&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C400%2C225&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:42 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:42 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545102848638-1605427762129363362-man1-4838-man-l7-balancer-8080-BAL-6733
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:42 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:42 GMT
389706
ad.mail.ru/vast/ Frame 161E 		60 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/389706?pr=842653&sc=2453713131&dl=https%3A%2F%2Ffan-news.org%2F
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
getCode
yandex.ru/ads/adfox/357578/ Frame 161E 		0
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/357578/getCode?p1=cnaur&p2=gxkz&puid1=
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Dec 2021 05:11:42 GMT
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 86400, "success_fraction": 0.001, "failure_fraction": 0.1}
x-adfox
{"default":true, "place_id":1142977, "code_type":"regular"}
x-yandex-req-id
1639545102849748-11532662019671178985-man1-4838-man-l7-balancer-8080-BAL-7307
report-to
{ "group": "network-errors", "max_age": 86400, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin
https://moevideo.biz
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
last-modified
Wed, 15 Dec 2021 05:11:42 GMT
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Wed, 15 Dec 2021 05:11:42 GMT
201579
ad.mail.ru/vast/ Frame 161E 		61 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mail.ru/vast/201579?dl=fan-news.org
Requested by
Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1746/mvplayer.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept
*/*
Referer
https://moevideo.biz/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 15 Dec 2021 05:11:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/xml
Access-Control-Allow-Origin
https://moevideo.biz
Cache-Control
private, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
videoplayback
rr5---sn-4g5e6nsk.googlevideo.com/ Frame 4BC3 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
nativeroll-sync.rutarget.ru
URL
https://nativeroll-sync.rutarget.ru/sync
Domain
rr5---sn-4g5e6nsk.googlevideo.com
URL
https://rr5---sn-4g5e6nsk.googlevideo.com/videoplayback?expire=1639566692&ei=BHm5YfqJFoTAgQft-aiYAg&ip=2a01%3A4f8%3A150%3A2008%3A35%3A%3A1&id=o-AI7zcMlgz3768Gw8ZSJl-ZUe_3alpUf48d_jSSmtKVwo&itag=251&source=youtube&requiressl=yes&mh=bi&mm=31%2C29&mn=sn-4g5e6nsk%2Csn-4g5ednld&ms=au%2Crdu&mv=m&mvi=5&pl=49&gcr=de&initcwndbps=867500&vprv=1&mime=audio%2Fwebm&ns=1fi8Qw4MA90-iiH1KcFRG3QG&gir=yes&clen=20988836&dur=1389.061&lmt=1613221152515705&mt=1639544697&fvip=5&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=5511222&n=PupGmbzp5dbdNg&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cgcr%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgL7VdwjJdEeqOxaozHU742U71vKoTduM3PZb1QP92y5kCICOZeZKMSjlM9GfDURIT0ByUdhNSZQN_Wq8RldAeU9Yw&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgJ2r71TZE6YLMGJJImJFxsAyQRgoTK8JzplxKfmh8cTECIQCU7yoF4GDW4MBs-_KgQJ3RSjXtiOTla4e3lufblfwkPw%3D%3D&alr=yes&cpn=MoF3JS84ZPc7xGQS&cver=1.20211210.00.01&range=473668-816777&rn=9&rbuf=20017

Verdicts & Comments Add Verdict or Comment

116 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| lazySizes object| regeneratorRuntime object| setKdm object| showcase function| $ function| jQuery function| docReady string| kdmDomain object| kdParams function| adFoxAdUnit object| YaHeaderBiddingSettings object| Ya object| pcodeJsonp50852YIRKP5IUss number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __activeTestIds object| __pcodeAllActiveTestIds object| ya object| moevideoQueue object| seedrInit function| SeedrPlayer object| ___adfoxPagerIds string| r object| s object| logKdm boolean| yandex_context_perf_logging object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint boolean| boqoezT5LAFXBl7k object| $sf object| yaSafeFrameAsyncCallbacks function| ym function| getKdm object| yaCounter72623899 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| seedrAdBlock object| yaCounter79316371 function| nrReport object| core function| MVPT object| yaCounter1335351 object| moevideo function| onYouTubeIframeAPIReady object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| GoogleGcLKhOms object| google_image_requests function| on function| once function| off

115 Cookies

Domain/Path Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: afpix
Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0 Name: pcs3
Value: 1
fan-news.org/articles Name: seedr_cid
Value: dcc54b45-6513-4b45-b930-0cd45def6aca
.adxcore.com/a Name: advst_uid_11
Value: d822dd89-4f41-4367-9091-00e7081ede64
fan-news.org/ Name: __utm
Value: %7B%7D
fan-news.org/ Name: __uid
Value: cnv38d881bfeef401d8063f383d63e0a98c
fan-news.org/ Name: __gender
Value: -1
fan-news.org/ Name: __age
Value: j%3A%7B%22min%22%3A0%2C%22max%22%3A0%7D
fan-news.org/ Name: connect.sid
Value: s%3AcdPPl-q6oFbsGj5wRz--m3uCABp9G8Vd.04SIMdsjDOAPEiLMIwbOmpWVAuESl%2BVmnQDAQz7dkCc
fan-news.org/ Name: blocked
Value: yes
.fan-news.org/ Name: kdSspUid
Value: 3c1b50e8-7cc7-4eae-b3d2-b160593d7909
.uuidksinc.net/ Name: jcsuuid
Value: wNEf3rk9TljlPxmTT5Ve
.mail.ru/ Name: i
Value: AQADeblhAQC8EAUCAQA=
.mail.ru/ Name: p
Value: QDoAAD7rJwAA
ferdarius.com/ Name: userid
Value: 56c2bf71-c4c7-43ba-aea9-3c5fae3e70c4
.yadro.ru/ Name: FTID
Value: 1XkNa30O5kOD1XkNa3000EEi
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: a3bbee4d-add9-515d-ab97-c305ca2eba06
.betweendigital.com/ Name: ss
Value: 1
.fan-news.org/ Name: _ym_uid
Value: 1639545092426235658
.fan-news.org/ Name: _ym_d
Value: 1639545092
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1112889339fake
.fan-news.org/ Name: __gads
Value: ID=511a38a2ed2db4f2-2248cc3307cd002c:T=1639545091:RT=1639545091:S=ALNI_MZ7gO9JD-EgphFRe-CmYoPucaB5rA
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1988666008fake
.yadro.ru/ Name: VID
Value: 2PNfsT0h5xOD1XkNa3000IgT
.fan-news.org/ Name: _ym_isad
Value: 2
.yandex.com/ Name: yandexuid
Value: 6763649091639545091
.yandex.com/ Name: yuidss
Value: 6763649091639545091
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.ads.go2net.com.ua/ Name: am-uid
Value: eeb0ffc89dd246b18a7780616458ba5d
.bidswitch.net/ Name: tuuid
Value: d822dd89-4f41-4367-9091-00e7081ede64
.bidswitch.net/ Name: c
Value: 1639545091
.bidswitch.net/ Name: tuuid_lu
Value: 1639545091
.lijit.com/ Name: ljt_reader
Value: 168bd05b7e9cdad96bf115cb
.fan-news.org/ Name: _ga
Value: GA1.2.1964818272.1639545092
.fan-news.org/ Name: _gid
Value: GA1.2.2003926544.1639545092
mc.yandex.com/ Name: yabs-sid
Value: 321053091639545091
.yandex.com/ Name: i
Value: mqxpzwdcOzMQxtu4ISbk3AalNcO6LmdMHxHilUniTVvRk2LVYxb7jGv9tpOx+f/6RPpGZQzARuuQOXN9ugC/X96qwpc=
.mgid.com/ Name: muidn
Value: lbevx82z_Abl
.mgid.com/ Name: __cf_bm
Value: ycelgjgEEJIvMYGacpsX5CO0zeCjgzK5a4Dma4kRC00-1639545091-0-ATceqI7xYGkDGgcijx3zyzt/EgcyPpK9rhhB+7ReGjok/fgeYzthiTa36a0bvmRZWQuPAv2rFe0x/trdJiYDJyI=
.dmg.digitaltarget.ru/ Name: viuserid
Value: yDIWqmHnvwk0mKx7pnYo
.adhigh.net/ Name: gi_u
Value: sUO5OVS7D8a.AikABlF9vIC3Cw
.adsniper.ru/ Name: uuid3
Value: IiQ3NzcyMGE3NC01ZDY1LTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.bumlam.com/ Name: suuid3
Value: IiQ3NzcyMGE3NC01ZDY1LTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.yandex.com/ Name: ymex
Value: 1671081091.yrts.1639545091#1671081091.yrtsi.1639545091
.yandex.ru/ Name: yandexuid
Value: 9998254281639545091
.weborama.fr/ Name: AFFICHE_W
Value: D-BEd0jHScgP66
.fan-news.org/ Name: _ym_visorc
Value: w
.adhigh.net/ Name: btw_sync
Value: I9N
.creative-serving.com/ Name: tuuid
Value: 259e5769-954e-43c3-ab9a-4cf47dc96486
.creative-serving.com/ Name: c
Value: 1639545091
.creative-serving.com/ Name: tuuid_lu
Value: 1639545091
sync.mgid.com/ Name: mg_sync
Value: {"117798":1639545091}
.youtube.com/ Name: YSC
Value: UhuaL-G9YW4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: rGag03BS9wE
.aidata.io/ Name: __upin
Value: xogXTyhMYY7RKpG+i1FyjQ
.aidata.io/ Name: __upints
Value: 1639545092
.nativeroll.tv/ Name: cid
Value: dcc54b45-6513-4b45-b930-0cd45def6aca
.nativeroll.tv/ Name: wdata[social_class]
Value: 0
.nativeroll.tv/ Name: wdata[age]
Value: 0
.nativeroll.tv/ Name: wdata[gender]
Value: 0
.nativeroll.tv/ Name: wdata[expire]
Value: 1639552292
.nativeroll.tv/ Name: nr[expire]
Value: 1639717892
cstatic.weborama.fr/ Name: _xttrk2_ids_sync
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_ids
Value: 1
cstatic.weborama.fr/ Name: _xttrk2
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_mpub
Value: 1
cstatic.weborama.fr/ Name: _xttrk2_uk
Value: 1
.yandex.ru/ Name: yuidss
Value: 9998254281639545091
.mail.ru/ Name: VID
Value: 3DlTQx1wIC2600000Y14H4I6:::0-0-0-6d3d1c4:CAASEOCnHazl8U6kgNnNaXmXXOQaYNRMKVOr5lIYYtW7o8yHrDn8ux09S0zOV6rlz44aldSfsDkMC38HZlW8T8RVqIYT9FiNeSzpGWN9X1B6H12Rk-AUGZjwfRGxxRsSrmzxH-uVqWmmRwIEgax4J3vWmpw9wA
.adnxs.com/ Name: uuid2
Value: 6269504899612408533
.tapad.com/ Name: TapAd_TS
Value: 1639545092503
.tapad.com/ Name: TapAd_DID
Value: 425ab2ca-90f8-4bd7-bc90-2c72601d054d
.rlcdn.com/ Name: rlas3
Value: Gye3zyKA+IBmdcU8bqCU8veFJ5CGJwVucygs3FlK2NA=
.rlcdn.com/ Name: pxrc
Value: CAA=
.doubleclick.net/ Name: IDE
Value: AHWqTUlWt0quZb8QCQPmI1IILSuqLIOCsRyeio_d226jVkYI-g4ZV_1pA95YfHu6Xfs
.weborama.com/ Name: wui
Value: 514DF368-7E4D-405A-8F5C-D39F69C18522
.criteo.com/ Name: uid
Value: 81004ba1-13ce-4325-a685-043bde8e1cdc
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.weborama.com/ Name: wam-sync
Value: ok
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 22B03005-D560-45F8-80E3-40AF7869A030
.sniperlog.ru/ Name: guid
Value: D687E54C86D9A032
.adriver.ru/ Name: cid
Value: AICr_kJ5xEY8MIp2I5ECfTQ
.amazon-adsystem.com/ Name: ad-id
Value: A2Xsa9sXrkDilILvOP6-ZI4
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
playreplay.me/ Name: mvuid
Value: a469f20e149d42966a5f
playreplay.me/ Name: mvsid
Value: a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d
.tns-counter.ru/ Name: guid
Value: BD77693E61B97904X1639545092
moevideo.biz/ Name: mvuid
Value: a469f20e149d42966a5f
moevideo.biz/ Name: mvsid
Value: a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d
dispatcher.adxcore.com/ Name: DISPATCHER
Value: DIS6
thesame.tv/ Name: mvuid
Value: a469f20e149d42966a5f
thesame.tv/ Name: mvsid
Value: a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d
playreplay.net/ Name: mvuid
Value: a469f20e149d42966a5f
playreplay.net/ Name: mvsid
Value: a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d
cs-0.moevideo.biz/ Name: mvuid
Value: a469f20e149d42966a5f
cs-0.moevideo.biz/ Name: mvsid
Value: a54880f8-a1a5-410f-9d5c-8ff3a8e1dd6d
.adx.opera.com/ Name: UID
Value: 6f38736506364b549689d27ce6b39bc2
.betweendigital.com/ Name: ut
Value: Ybl5BQAPC5D2OEl6LVi4KZOpeVF1zMQFPsWk5Q==
.upravel.com/ Name: session_tptc
Value: 1639545094015
.upravel.com/ Name: user_id
Value: 358a588b-464b-4e7f-a226-d40d6f6a7d36
.an.yandex.ru/ Name: yabs-vdrf
Value: A0
.mts.ru/ Name: dspid
Value: 5c29537c-d22c-4f64-a3aa-8585350feca6
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixlns
Value: 9d6a7ab16fb8d69db1
.whiteboxdigital.ru/ Name: MiId
Value: 83e83e9a-27b1-4a00-9103-b61f35bf78f9
.yandex.ru/ Name: is_gdpr
Value: 1
.yandex.ru/ Name: is_gdpr_b
Value: COXsVhDYVhgB
.yandex.ru/ Name: i
Value: k1Z6uWqQq+4mWPiYyzTCGgYWgQaKzXMINBHcqf7H1XJVutJK7rMgRAdMi7yEljKGz6W7ykYm//K3f5p6LfbL1tdHZgE=
.rutarget.ru/ Name: userId
Value: _vmTu6YacuIt
.mts.ru/ Name: mts_id
Value: a7b5bda4-12d6-4cf9-af64-c3e3b3aea72a
.mts.ru/ Name: mts_id_last_sync
Value: 1639545094
adx.com.ru/ Name: yabbi-user
Value: 61b97907d41e06b6d90df1d4
ssp.bidvol.com/ Name: bvuid
Value: obyu2v5cmr

3 Console Messages

Source Level URL
Text
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5907212464215949&output=html&adk=2715440961&adf=2658918300&lmt=1639545091&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffan-news.org%2Farticles%2Fchat-asuransi-warisan-vanessa-angel-ke-doddy-sudrajat-wow-banget-2418551%3FrequestId%3Dcnv38d881bfeef401d8063f383d63e0a98c%26utmkadam%3D%255BMCPA%255D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1639545091457&bpp=2&bdt=607&idt=129&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8703021771065&frm=20&pv=2&ga_vid=960052110.1639545092&ga_sid=1639545092&ga_hid=143451539&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750774%2C31063824&oid=2&pvsid=2738548432678028&pem=784&tmod=122&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=171
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://nativeroll-sync.rutarget.ru/sync
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://an.yandex.ru/setud/mts_banner/XClTfNIsT2SjqoWFNQ_spg?sign=2819976877
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

358a588b-464b-4e7f-a226-d40d6f6a7d36.sync.upravel.com
aax-eu.amazon-adsystem.com
ad.adriver.ru
ad.mail.ru
ads.betweendigital.com
ads.creative-serving.com
ads.go2net.com.ua
adservice.google.com
adservice.google.de
adx.com.ru
am-0.moevideo.biz
an.yandex.ru
ap.lijit.com
avatars.mds.yandex.net
bidswitch-eu.splicky.com
cache.betweendigital.com
cdn01.nativeroll.tv
cdn01.seedr.com
cdn02.nativeroll.tv
clientside-video-bidder.rutarget.ru
cm.g.doubleclick.net
counter.yadro.ru
cs-0.moevideo.biz
cstatic.weborama.fr
dispatcher.adxcore.com
dm-eu.hybrid.ai
dmg.digitaltarget.ru
ds.frontend.weborama.fr
dx.frontend.weborama.com
eus.rubiconproject.com
exchange.buzzoola.com
fan-news.org
favicon.yandex.net
ferdarius.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
i.starhit-cdn.ru
i.ytimg.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
image6.pubmatic.com
jstracer.yandex.ru
login.vk.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
nativeroll-sync.rutarget.ru
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.tapad.com
playreplay.me
playreplay.net
pubads.g.doubleclick.net
px.adhigh.net
redirect.frontend.weborama.fr
rr5---sn-4g5e6nsk.googlevideo.com
rtb.com.ru
s.uuidksinc.net
secure-assets.rubiconproject.com
secure.adnxs.com
sm.rtb.mts.ru
ssp.bidvol.com
static.doubleclick.net
stats.seedr.com
statsa.nativeroll.tv
statsb.nativeroll.tv
sync.bumlam.com
sync.dmp.otm-r.com
sync.mgid.com
sync.upravel.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
tech.rtb.mts.ru
thesame.tv
token.rubiconproject.com
tpc.googlesyndication.com
uuidksinc.net
vk.com
wam-google.solution.weborama.fr
wf.frontend.weborama.fr
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
yt3.ggpht.com
nativeroll-sync.rutarget.ru
rr5---sn-4g5e6nsk.googlevideo.com
104.109.78.125
104.19.133.78
142.250.184.194
142.250.185.66
146.0.227.107
146.185.194.45
148.251.129.43
148.251.4.142
148.251.78.49
151.236.71.82
157.90.157.235
168.119.9.59
185.137.232.40
185.15.175.144
185.180.43.83
188.34.131.132
194.190.76.38
195.209.108.35
195.54.48.25
198.47.127.19
2001:6d0:4001::226
213.87.44.187
216.52.2.48
216.58.212.130
217.66.147.162
23.79.143.124
2a00:1148:db00::17
2a00:1450:4001:62::a
2a00:1450:4001:801::2001
2a00:1450:4001:803::2016
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2004
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a02:2638:1::13
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::5:114
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:41:2801::254
3.120.83.159
3.127.120.47
31.172.81.159
31.172.81.160
31.220.27.134
34.117.231.160
35.190.16.14
35.201.80.102
35.201.81.244
35.227.248.159
35.244.174.68
35.244.223.69
37.18.103.16
37.252.172.250
45.131.144.3
5.135.97.203
5.188.150.92
51.38.120.206
54.239.38.253
65.108.1.47
69.173.144.165
80.64.106.147
80.64.106.148
81.163.17.245
82.145.213.8
83.222.114.188
83.229.25.165
83.229.25.249
87.240.129.135
87.240.190.78
88.208.46.51
88.212.201.216
88.212.252.22
89.108.120.68
92.223.103.116
92.223.103.214
92.223.103.253
92.223.103.63
93.184.221.133
000f368e166bff7134f2c0ff890f75cd706b90c0de1a9a0be5d0c6f464d8c13e
008966e3cb034e06f59a2c4e29241fd3de02118c7199ea814d3dc6c253e43bc6
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00db1163ca6054f2a8496a8613addd64991e27eedc8a136ca3e1f9dc04e894f8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
037b12d07ffce84bbca6821a50f249c54429b20c0f2fd67469a0bb5937113051
061c2af376779f8d4b83ad3097730067598762579c85cd0719d27f17c14d3129
0980c84f480a7ce75347815b0e8d7d523158ffa820a75f9aef79c4ead3a1868d
0a489aa606d06d0abd0937933855334c0514f88cc50c81ad818b8513fcc18f66
0b6cc2293aed13859bd06a4b20b671fcc33542ca66d0be2366b16f2c2a27f6a5
0c8c9bf4d27683e3a521802108e1408830886af69bd6df88cae1d0819c0d5348
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f8c642ae1197089671162d94712b5faa270cd8a2e20f4ce9d2e6b9d19757fc6
105d9d6dcbc861321114a772c452d3bea34e11f36438ccf34a4809e1da99fb13
10bcdfd96dff099d9a2919585d8eea69a35e1c5c02c614870e175b7b731625c9
1346c7268c5cbe1e50a12ce3ee6ce4d1a4b7b3075c8f7fba86d572ff11ffd5c0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
160fcf2a175ed7a3b23f5df798eed25f4e08655f2551de784a85dead75db1dd8
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1933a193177aca37c8fb938d63728c2816a936542e525f64631f6afc2b27285c
1ea7b195ecb7187dda4e10ea9f3e223d8bc6882eb5e49876c76b26a2252890fb
24662ce56198880596e73962f369f733dc002cca6216fb10da2865d98856a120
267b0852df9d7f45403724cb7be7b9e39de06865e36f15a0b656f33e7779f597
28ade5d1772a684a390354f136f33eb785dab2e140eddd9e62af32b95514878b
291cc4eb61d14fcfb33de3679a86dde54166c8249bf5c9b31861ff33d177a3fc
2a0f59d3606f98629a2830e306294fd6bfad2653096555900b7ac0eb6ddfb8c5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2aa63ef1d1540548945d42fc2148b3fb610b8c5e9b2c99b9a1ad42ae54a897d1
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2d43611186e7bc6e9e1a964730ad120700b1a385f9174390f14fdf25f22bc636
2e10c0e18c24731d8d59443ff07b2615797d3e7e6728f56af3484b84d7a363d2
2e3e80ad8c654d0bd2f81345400ff44866cf029b2726de5add67e25667f5c657
2e6558ef1e0629d90b0a67fabce47a690d39c776348c1b71eeb9a6acba7a0076
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5
35b6834ebbd06b9eb5e9fab6c79a981bed24dcfbaf100f239780f7faec68e6ae
35f312ae2ead5e6c91932929d5716c613529b1b98218763b1825984fbf510958
360c6ce9cde0594ceacc3fb178293b41a9df002b66e4532f62fce02ab924df3b
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38518895bc1771f02b8e1ed50d4f41cad4bccbfeb5aa6f5acce529d7ea306f7b
3878bd78faf35f186a49560a28e8a716856f4061ab92d54829c73d7b8efebc33
398c1f447052c98c9d25268978712673b7d7b3a491d23981e5db9747dcadeee5
3b80334011e2b10cdb61cb145661e37e99f2b73402e99570e353ee5301c29fc5
3ca5d64cd9f7d36642b04ac6a29e4da8ae0a6142334ee05623b74f85e2748a2a
3e13369e5c528a4598007330a7d572dadd181e268d0cf87ba7b62fd7668597f8
3e1dac2792ab6c6adeef95c5e0d28ad832c837d58922fa4ceafa0ed3bd0f96a7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e94bc08cffaf53cbe3d7847aa9da8b6d2b5be72ea4c800b0039391b5cbf4bb3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eea41773d38704eb61b0aee6907e52808417e1f34d878a100ffebf71dd72a89
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404f066bdb9a997815fbbad8204db8c94fa5afadaa2a2d19b714262a8d7e79fb
4066f4e21607b5df4f370f623b6f43d254b047e40e086e0f939797a04d81c86b
409d439f9cc305f5cb66ceaecaf2a9e50c2fb936e1c34157d48766e32c6f5ebc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4460976afd7cf0a53dc9a99dc33f599e6cb7f04978085b7d26a0355fd9184d36
457757ceaf06902bfd8d6575b34fb338295a25f6fc9af4097f1058120a4094b0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49c3acea374095fdf8078933d4ef6344b48e362ef49a3c3afce71c2e4796445a
4a9cf9fe55d2740f89e2bbbd96b47d2793948cb9480aae05f7db428b41e9d8dd
4b38bf7199efaea07cf93b1dbcceb3d70d62ffed7a2325434a2ca7a1a14ad32a
4bf84780e7b54634bd426db0f12d0d62ca66b9ede8a8bac3b6ef1ca2533b9f7e
4d97e7687add87e263c78e52238477cc3f25c3cd8028ce0af51806a59b13ddc2
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b7de86913eee22dbd06bea04727646aa8e1c81a8a99165bebe3b7627c25612
550c9da427a76b05374a263e56f08ea0db57d7fd44f33abea68182afe165233f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
566f2776d1f9d0c7ad78fe4e1a56435070914e393dec32a76b1d06fbd22c768b
58672f6d256afa949099f0a065f4068dbf40577e7bada15caaf03b32d7b90609
58f913ef213a3a40a9da5345d5e595471f6bc918ff431f96ae787f73f5be7650
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5aef2dd11d0d62b94293fb0271bb8ed86b59987df315e01ba71f9308194c222c
5ef31bec403a6acd1f57177cef5661e5500cf4ea08f157d439a8c231e4f64785
6099bf317209d67b060994cfbd3b1e392ee0b5a7a52a886266155dae488dd1fc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626f55aa3d45585445a10938c940f3ddb7a68ad1013380d8bcc70ece4b08a04d
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69798929e16c23c3b1bb734aac5e1776261b2e598ba58a9680badbdb93d625b5
69d1b4e635f8c320c345bef9e268beb8a82786fd810e8f58b112dbea43e774ed
6ab65086e82d38be8da8c132b63633a408e6d9d0fa8a5747cb2d7effe05d08b1
6adcbd04e0808942945f1de62fcd3b6a485ea9176c923f57e100481f125b9604
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6affe9f6759df5783d3c48a8d3a38fcffd9a8bd2173fa453a42f6371b3d63024
6d6fa4a725cc51ca8f18b629b25ca81dec5c6176e48d9ed4905adccfdd03f6a8
6e40482f7aea001283f3d3b01bda3e9cbc71954c8ce59059f91652ff6ae3436c
6ecfe7f0f6fc1bf873477f0616cc41d9d8c7812f9ee599dbd1ab7a25eeeb7836
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71fe516b0f74aba31366366a4590ee0e41427c93dbe3731396127d68ab089b5d
7378fca6126cf82166a26a4c0023773f808b76b76408064de804aedf38272b92
7547c18297ea1591b609b335c3e7ae29f188a1747ff232945a6a1bc0a191d992
778393862ede6f480167afadf67d9e7c89b00590d6ee5ad87355888173fa904f
78c9d763e9dc9e7c1cce1036e764404fd1d60172c8136237f9f0aed7e1f78d08
79e52445208a3bfe13b1845db82b0c681c77773086587b614267a1069fed09a0
7b3fa74fbed97a5c5d4fd43f7dac33cb7efca29040f7d39e95effec2a9a847fb
7bfe46724e9124e987b776b635406a673650e8d381a15dfd7ddda6687fe77ada
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7dda59f2c016053c6a2a9b9ab3fb2850754df1b281f842ee494ad9e2b72927b7
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
85da445e6055d61d84ea5d00d7c0a9173e3f6b4e0cb4bd4985c75749ff00e3e7
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88a9ae6f4226f2a69171713a1a08bf670297ae4b2517d8df0d707a206b0bb5b2
8903986c927e122375ba7e0e972f366ae8c7104bf6f9fd4bccac2ada20949158
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
8e086517a0a5c2845e5ecc67b49549dbeb439fe7fbea90af89ca6b74a790a987
8f66cae762e9c78957408809f7e82ac2c6e0e80d88c7fe41424997ded42c3df1
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8fd337ed3ade9e1cddea43b483b2c0ce39916c02e151ca36c78e06a379cf064b
9945f9093ac648720b13285b14cc7eaa1e6127b16223ee866c68f1fa5936c7d2
999347853aeb4af6a251e2fe53066a08e89981484902babf8f79c9cc389c1e1b
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a863770d715fd8ab94b073061378bd6ac8a762dc35dbad50aaae9ee6bf2abf1
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50278dee55cee7140e3383d714cb4b5eb5fbf9999569bf0b92efcd14e7a0650
a53a4af74507e22880b027bd1d538472c0c0b15deca85b81ac103f862cb03c05
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abae8638bcade217022b6b8a2aca6610fe6a87dcb290070b57f57293d57477ff
b2d4e453efced9e72f5484764da9235a2dc78212ead06f6c9f8412091307b99e
b546bc7cab1df71d3cf4c78db089e44f39d9fba2861a3d680032542b16dc6aa3
b7726eef93f0f179f1042632c9b7b1314aba1d04d0631ce6afd41acc1ce64d86
ba046bdda2c222647a071ae5b28b6fe6348f5324de53b5b58a4b3516008dee0f
bb59f8a61f1eee13ad5e74876af09c3803e8f8dfb792fd2cb588d97999c8c87c
bb8d7b950db8e1947fbf21a39beba854f76f5b7204252befb4a59ba03869fe49
bc93edd2cb2d5181620a31ef3bd1345630cc00ca7141c525f944a99c50e23df6
c05becbf91c70742fec3bfc51920648fee1e98269f9e7ed635bf53f3a7af8043
c0d1305dabde6025ba2970a3aa737d1036b9292965a1a648bd95db560edbae8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4ecbf5478a16d390079b57c07f58af4a89791736144f4fa29b0715a8e6e86bf
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375
c6c25c93d1a2f470a37ac3376616d2a610ba91d5b8509c1ba09138a6004fb195
c850359c80b5cf7357a54cb1b53c5971513bfe476913d46bb7887377e1f4b7b4
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
cac4cff1067d546eee4b0907276ecbb1e57c02d2ac6002ddc1718c9ed422a621
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cde9d37ceee29b0d3493d913d274b026c5784b83048a92db36e4036ad6152b33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d2baf309d6969f8c2a19d21d0fb37b3ee9f332dc767dc2211c1b30931dfb51f8
d34213fc823a3679227e89935c5e0993034ec2c79ec77a843e043ab284540fe2
d53bfcc7bb21294ced689b10baa682dce74ec24257cea95e16e45c318c77ba96
d61edc7d3ad51141fd8b7165ea11748ce861b49195d3312565ababe56bdeac5a
d709510877e0031541be86a73031c01d6b500acb0362d06e0bf1de98ecba6ff0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9253426198d9b23b5392e16ef5f99a8d3e865a6118bdccd131544ae5009c3d0
d9a5e1dc7acfff2811a2722d6bb137c56ee096cf8e614f8cbf2a07fcaa93df55
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
dd321da9fbfb2751ef37064414b32f455ae4e64bfdcfc7c89f9681b163dca0fb
dd78a583ab2c11c98b2e276810da4906d5ed42c7045a890fb8f02d7d569c9127
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
debb229daffbe34e17c32f8d56a72dfa9ba4debfcfcb330e733bf56d88da117c
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956
dfabc3167cb634fd85bb0c774f376ae104ae1ea3e1fce2c872dc5c575a13915b
e0317920a165ef6cb6f2970338885abcfbb717119a7ef42ec39996d33aa91a59
e1cff21864c46e1da263fa83c14ed6d190bc5afbdd35188de15f10eb8bedd264
e36b8d067631d0ffc9f89fc12012b1797e13f5f507958fca549c15ce81715a73
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7ea4969d1b73b00ffa4b4a231da576a23643bd0a4a11888b9fc35a43a9157
e9e6975086ca036bae4100a36dc18770ec7ff58051e8b9e956bc4940d145ac2a
eaece72a7fee3c7ca65305b9d8c14e19c81ffe68c00251b0e2c1d1f14509453f
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec0eda35ce0c7542c70a5a45e97e0aa2cef32a874451ae8591175b98457b5023
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efda3dfa0a07a5f3eb267c8c8d7818a71a944a46a177232adf679dd33399eeeb
f021da5ea1f7c2ef8919e5cd1332918740f3b43d791e7f590f6df51c17cc6d3b
f07185032b100366a70c5b4453901e2b299ff2e1d717238004f6e92984c05414
f116b3f716b35000be63c8696a5944572939d85bb21f97672a7eaa1405b543f7
f25917b1aabbcb3596ff6fb033675b3adfc10c023c85039d463551052d32380a
f31b1618051673bcac359adc10993b99eeb631ecbf20c8fa1720234c49d4400c
f67581a213dc94a0f5b21aa9245eb83c7fc26619818d51e271b3b758fc15a432
f88a4b926e2eba7397ecda8294298771e24ce831c8382e4aeef0ac00a07866cd
f9100d381307ccda0cd3ac9b205d7da809af81c6c00a2c40d9736f1aecb1a5b9
fa811d7c53521b299cb88db96f253cd24595f042a14213c34c9ed60d76754f58
fb46ffddef2a74334917f782b36120593b49803609000a1b552acccaac3d3657
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf