presaver.com Open in urlscan Pro
2606:4700:3034::ac43:b14b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://presaver.com/
Effective URL:
https://presaver.com/1
Submission Tags: tranco_l324
Submission: On November 13 via api (November 13th 2021, 9:10:00 am UTC) from DE — Scanned from DE

Summary HTTP 91 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 38 domains to perform 91 HTTP transactions. The main IP is 2606:4700:3034::ac43:b14b, located in United States and belongs to CLOUDFLARENET, US. The main domain is presaver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 4th 2021. Valid for: a year.

This is the only time presaver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 9	2606:4700:303... 2606:4700:3034::ac43:b14b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	92.223.103.7 92.223.103.7	199524 (GCORE) (GCORE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	95.213.129.125 95.213.129.125	49505 (SELECTEL) (SELECTEL)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
7	94.130.71.126 94.130.71.126	24940 (HETZNER-AS) (HETZNER-AS)
2 2	192.0.80.242 192.0.80.242	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	92.38.138.52 92.38.138.52	199524 (GCORE) (GCORE)
1	92.223.103.52 92.223.103.52	199524 (GCORE) (GCORE)
6	92.223.103.115 92.223.103.115	199524 (GCORE) (GCORE)
1	92.38.138.51 92.38.138.51	199524 (GCORE) (GCORE)
4	92.38.138.49 92.38.138.49	199524 (GCORE) (GCORE)
2	92.223.103.59 92.223.103.59	199524 (GCORE) (GCORE)
10	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 1	80.64.106.148 80.64.106.148	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	37.18.103.16 37.18.103.16	205675 (HYBRID-AS) (HYBRID-AS)
1 2	193.232.150.60 193.232.150.60	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 3	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	81.163.17.245 81.163.17.245	49505 (SELECTEL) (SELECTEL)
1 3	195.209.108.51 195.209.108.51	52007 (ADRIVER-AS) (ADRIVER-AS)
1 1	144.76.119.17 144.76.119.17	24940 (HETZNER-AS) (HETZNER-AS)
2 2	148.251.78.49 148.251.78.49	24940 (HETZNER-AS) (HETZNER-AS)
1 1	176.9.8.252 176.9.8.252	24940 (HETZNER-AS) (HETZNER-AS)
2 3	217.66.147.169 217.66.147.169	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	89.108.119.28 89.108.119.28	197695 (AS-REG) (AS-REG)
1	116.202.236.228 116.202.236.228	24940 (HETZNER-AS) (HETZNER-AS)
1	83.222.114.186 83.222.114.186	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
2 3	35.201.80.102 35.201.80.102	15169 (GOOGLE) (GOOGLE)
1 1	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	88.212.233.108 88.212.233.108	7979 (SERVERS-COM) (SERVERS-COM)
1	80.64.106.150 80.64.106.150	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	87.240.139.194 87.240.139.194	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
3	2606:4700:10:... 2606:4700:10::6816:457	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	87.240.129.135 87.240.129.135	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	65.108.1.48 65.108.1.48	() ()
1	159.69.59.100 159.69.59.100	() ()
1 2	188.34.131.132 188.34.131.132	() ()
91	37

9 2606:4700:3034::ac43:b14b (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

presaver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.223.103.7 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f23.moevideo.net

moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.213.129.125 (Russian Federation)

ASN49505 (SELECTEL, RU)

cackle.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 94.130.71.126 (Reutlingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.126.71.130.94.clients.your-server.de

j.cackle.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.80.242 (Richardson, United States) 2 redirects

ASN2635 (AUTOMATTIC, US)

gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.138.52 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f29.moevideo.net

playreplay.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.103.52 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f20.moevideo.net

thesame.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 92.223.103.115 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f3.moevideo.net

cs-0.moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.38.138.51 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f50.moevideo.net

playreplay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 92.38.138.49 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f28.moevideo.net

moe.video	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.223.103.59 (Moscow, Russian Federation)

ASN199524 (GCORE, LU)
PTR: f47.moevideo.net

am-0.moevideo.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.148 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr3.rutarget.ru

moevideo-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.103.16 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.150.60 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp20.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.163.17.245 (Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

mitdmp.whiteboxdigital.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.51 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.119.17 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.17.119.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.78.49 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-8.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.8.252 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-21.community.moscow

90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.169 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-169-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Moscow, Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.28 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.236.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.228.236.202.116.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.114.186 (Russian Federation)

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

rtb.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.46.186.57 (United States) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.80.102 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 102.80.201.35.bc.googleusercontent.com

dx.frontend.weborama.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.16.14 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

rd.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.233.108 (Russian Federation)

ASN7979 (SERVERS-COM, US)

public.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.150 (Russian Federation)

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr5.rutarget.ru

clientside-video-bidder.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.139.194 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv194-139-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:457 (United States)

ASN13335 (CLOUDFLARENET, US)

s3.advarkads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.135 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv135-129-240-87.vk.com

login.vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.108.1.48 (None, )

ASN- ()

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.59.100 (None, )

ASN- ()

pub-eu.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.34.131.132 (None, ) 1 redirects

ASN- ()

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	moevideo.biz moevideo.biz cs-0.moevideo.biz am-0.moevideo.biz	795 KB
10	mail.ru ad.mail.ru	189 KB
9	cackle.me cackle.me j.cackle.me	94 KB
9	presaver.com 2 redirects presaver.com	112 KB
8	yandex.com 2 redirects mc.yandex.com	3 KB
4	advarkads.com public.advarkads.com s3.advarkads.com api.advarkads.com Failed	103 KB
4	doubleclick.net pubads.g.doubleclick.net	8 KB
4	mts.ru 3 redirects sm.rtb.mts.ru tech.rtb.mts.ru	2 KB
4	moe.video moe.video	27 KB
3	weborama.com 2 redirects dx.frontend.weborama.com	761 B
3	com.ru 1 redirects rtb.com.ru adx.com.ru Failed	863 B
3	upravel.com 3 redirects sync.upravel.com 90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com	2 KB
3	adriver.ru 1 redirects ad.adriver.ru	2 KB
3	bumlam.com 2 redirects sync.bumlam.com	2 KB
3	google-analytics.com www.google-analytics.com	40 KB
2	vk.com vk.com login.vk.com	23 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	otm-r.com sync.dmp.otm-r.com pub-eu.p.otm-r.com	424 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	adhigh.net 1 redirects px.adhigh.net	729 B
2	rutarget.ru 1 redirects moevideo-sync.rutarget.ru clientside-video-bidder.rutarget.ru	853 B
2	wp.com i1.wp.com	717 B
2	gravatar.com 2 redirects gravatar.com	484 B
2	gstatic.com fonts.gstatic.com	27 KB
2	yandex.ru 1 redirects mc.yandex.ru	65 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
1	bidvol.com ssp.bidvol.com	506 B
1	weborama.fr 1 redirects rd.frontend.weborama.fr	383 B
1	buzzoola.com 1 redirects exchange.buzzoola.com	176 B
1	whiteboxdigital.ru 1 redirects mitdmp.whiteboxdigital.ru	759 B
1	hybrid.ai dm-eu.hybrid.ai	239 B
1	playreplay.net playreplay.net	332 B
1	thesame.tv thesame.tv	332 B
1	playreplay.me playreplay.me	332 B
1	jsdelivr.net cdn.jsdelivr.net	18 KB
1	googleapis.com fonts.googleapis.com	961 B
1	googletagmanager.com www.googletagmanager.com	36 KB
91	38

	Domain	Requested by
10	ad.mail.ru	moevideo.biz ad.mail.ru
9	presaver.com	2 redirects presaver.com
8	mc.yandex.com	2 redirects presaver.com mc.yandex.ru
7	j.cackle.me	cackle.me j.cackle.me presaver.com
6	cs-0.moevideo.biz	moevideo.biz
6	moevideo.biz	presaver.com moevideo.biz
4	pubads.g.doubleclick.net	moevideo.biz
4	moe.video	moevideo.biz
3	s3.advarkads.com	moevideo.biz s3.advarkads.com
3	dx.frontend.weborama.com	2 redirects
3	sm.rtb.mts.ru	2 redirects
3	ad.adriver.ru	1 redirects moevideo.biz
3	sync.bumlam.com	2 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com moevideo.biz
2	adx.com.ru	moevideo.biz
2	ads.betweendigital.com	2 redirects
2	x01.aidata.io	2 redirects
2	sync.upravel.com	2 redirects
2	sync3.adsniper.ru	2 redirects
2	px.adhigh.net	1 redirects
2	am-0.moevideo.biz	moevideo.biz
2	i1.wp.com	presaver.com
2	gravatar.com	2 redirects
2	cackle.me	presaver.com
2	fonts.gstatic.com	fonts.googleapis.com
2	mc.yandex.ru	1 redirects presaver.com
2	counter.yadro.ru	1 redirects presaver.com
1	pub-eu.p.otm-r.com	moevideo.biz
1	ssp.bidvol.com	moevideo.biz
1	login.vk.com	vk.com
1	vk.com	ad.mail.ru
1	clientside-video-bidder.rutarget.ru	moevideo.biz
1	public.advarkads.com	moevideo.biz
1	rd.frontend.weborama.fr	1 redirects
1	rtb.com.ru
1	sync.dmp.otm-r.com
1	tech.rtb.mts.ru	1 redirects
1	90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com	1 redirects
1	exchange.buzzoola.com	1 redirects
1	mitdmp.whiteboxdigital.ru	1 redirects
1	dm-eu.hybrid.ai
1	moevideo-sync.rutarget.ru	1 redirects
1	playreplay.net	moevideo.biz
1	thesame.tv	moevideo.biz
1	playreplay.me	moevideo.biz
1	cdn.jsdelivr.net	presaver.com
1	fonts.googleapis.com	presaver.com
1	www.googletagmanager.com	presaver.com
0	api.advarkads.com Failed	s3.advarkads.com
91	49

This site contains links to these domains. Also see Links.

Domain
cackle.me
gravatar.com
220vk.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-04` - `2022-09-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.moevideo.biz AlphaSSL CA - SHA256 - G2	`2021-04-27` - `2022-05-29`	a year	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.cackle.me Sectigo RSA Domain Validation Secure Server CA	`2021-10-20` - `2022-10-20`	a year	crt.sh
*.playreplay.me AlphaSSL CA - SHA256 - G2	`2021-02-11` - `2022-03-15`	a year	crt.sh
*.thesame.tv AlphaSSL CA - SHA256 - G2	`2021-06-09` - `2022-07-11`	a year	crt.sh
*.playreplay.net AlphaSSL CA - SHA256 - G2	`2021-10-08` - `2022-11-09`	a year	crt.sh
*.moe.video AlphaSSL CA - SHA256 - G2	`2021-01-15` - `2022-02-16`	a year	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2021-10-15` - `2022-11-15`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-18` - `2022-06-18`	a year	crt.sh
rtb.com.ru Sectigo RSA Domain Validation Secure Server CA	`2021-03-01` - `2022-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.advarkads.com GlobalSign GCC R3 DV TLS CA 2020	`2020-12-03` - `2022-01-04`	a year	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
advarkads.com Cloudflare Inc ECC CA-3	`2021-06-08` - `2022-06-07`	a year	crt.sh
ssp.bidvol.com R3	`2021-09-30` - `2021-12-29`	3 months	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://presaver.com/1
Frame ID: 29BBB4341C0A3D297C40CFF3BC056588
Requests: 32 HTTP requests in this frame

Frame: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
Frame ID: 5FEB85030202C042AE78E92BC9BA5507
Requests: 3 HTTP requests in this frame

Frame: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Frame ID: 932DA18055115C1D03AD52FEF05EC4C5
Requests: 46 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 195E0525DB8A63FA8706DDC6137A3FCD
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 5577112254B8F2C85F9ACF8707E043EA
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: FA86D1EDC8AC2E0B9E486071C1C2F49C
Requests: 1 HTTP requests in this frame

Frame: https://moe.video/storage.html?v=08
Frame ID: 911B188701BFA92F5194B35F37038AE4
Requests: 1 HTTP requests in this frame

Frame: https://ad.mail.ru/dist/vkAuth.html
Frame ID: B8020205FB4AF7999ABA65C42348233F
Requests: 3 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/vpaid.js
Frame ID: 568AB9B8626AF365F272B1CAB2A036B0
Requests: 1 HTTP requests in this frame

Frame: https://s3.advarkads.com/modules/advarkmanager.html?origin=https%3A%2F%2Fmoevideo.biz
Frame ID: AF006DB36780B641A8919D323CBAB69D
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

220YouTube - Скачать видео с YouTube бесплатно на высокой скорости, без программ и регистрации

Page URL History Show full URLs

http://presaver.com/ HTTP 301
https://presaver.com/ HTTP 302
https://presaver.com/1 Page URL

Page Statistics

91
Requests

79 %
HTTPS

19 %
IPv6

38
Domains

49
Subdomains

37
IPs

4
Countries

1545 kB
Transfer

2778 kB
Size

54
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://cackle.me/account/signup?demo=[{%22type%22:%22comment%22,%22ver%22:2,%22period%22:1}]&lang=ru
Title: Создать свой виджет

Search URL Search Domain Scan URL

URL: http://cackle.me/comments
Title: О сервисе

Search URL Search Domain Scan URL

URL: https://gravatar.com/

Search URL Search Domain Scan URL

URL: http://cackle.me/
Title: Комментарии для сайта Cackle

Search URL Search Domain Scan URL

URL: https://220vk.com/
Title: 220vk

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://presaver.com/ HTTP 301
https://presaver.com/ HTTP 302
https://presaver.com/1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.1388942173248835 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.1388942173248835

Request Chain 17

https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9456.DA00JrI-KYcNDVEXgOGd37H3RjYj77VPzMFanqMYex8yPcI-gz1LlKtBpz9JgEso.YOU9ufCKs5N7ReCCbFbc-IaE-vw%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9456.U-URHNGtRDXTZy9Gy9oipd4PHq4mLYdm5uvsDSeIx6_zRG-C5tXufQ1Yg98vAmQhj1O18eGcEUKPkUpWIJ7EHw%2C%2C.JM6fVYJitl_TK--V6cCfTVE9Tqc%2C

Request Chain 22

https://mc.yandex.com/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1110444869192%3Ahid%3A490261810%3Az%3A0%3Ai%3A20211113090955%3Aet%3A1636794595%3Ac%3A1%3Arn%3A614150693%3Arqn%3A1%3Au%3A1636794595803193261%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1636794594750%3Ads%3A0%2C0%2C86%2C1%2C263%2C0%2C%2C120%2C0%2C%2C%2C%2C474%3Adsn%3A0%2C0%2C86%2C1%2C262%2C0%2C%2C121%2C0%2C%2C%2C%2C473%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636794595%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr(14)ti(2) HTTP 302
https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1110444869192%3Ahid%3A490261810%3Az%3A0%3Ai%3A20211113090955%3Aet%3A1636794595%3Ac%3A1%3Arn%3A614150693%3Arqn%3A1%3Au%3A1636794595803193261%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1636794594750%3Ads%3A0%2C0%2C86%2C1%2C263%2C0%2C%2C120%2C0%2C%2C%2C%2C474%3Adsn%3A0%2C0%2C86%2C1%2C262%2C0%2C%2C121%2C0%2C%2C%2C%2C473%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636794595%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29ti%282%29

Request Chain 26

https://gravatar.com/avatar/24f282c51675b273c3be9007b426cda1?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48 HTTP 302
https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

Request Chain 27

https://gravatar.com/avatar/f93e49e78b9eed71aa686026accbf3ef?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48 HTTP 302
https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

Request Chain 52

https://moevideo-sync.rutarget.ru/sync HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=1&b=AEX7O3khqazn

Request Chain 54

https://px.adhigh.net/p/cm/moevideo HTTP 302
https://px.adhigh.net/p/cm/moevideo?bounced=1

Request Chain 55

https://sync.bumlam.com/?src=moe2&uid=de3d2055a0e0e17edc4c HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjmgb6MBlIFst3qqQtiFGRlM2QyMDU1YTBlMGUxN2VkYzRj HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjmgb6MBlIFst3qqQtiFGRlM2QyMDU1YTBlMGUxN2VkYzRjogEQeZilRkRhEeyG4AAlkMBkfA** HTTP 302
https://sync.bumlam.com/?src=moe2&s_data=CAIQABjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8 HTTP 302
https://sync.bumlam.com/?src=moe2&s_data=CAIQARjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8

Request Chain 56

https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=de3d2055a0e0e17edc4c&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}

Request Chain 57

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5813903570

Request Chain 58

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D HTTP 301
https://cs-0.moevideo.biz/ssp/cs?d=81&b=e11d4939-e12f-4333-42c0-d4cd7f3b3fee

Request Chain 59

https://sync.upravel.com/moevideo/sync HTTP 302
https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
https://90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=91&b=90c0c700-9453-4cf1-a9d9-b1a8f967dfc1

Request Chain 60

https://sm.rtb.mts.ru/p?ssp=moevideo&id=de3d2055a0e0e17edc4c HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=22&exu=de3d2055a0e0e17edc4c HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=ff32e059-b7f0-45ca-a122-e592ec7988d2&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D22%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1 HTTP 302
https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=oN6VT71Muw3ss5WkeEeFGg

Request Chain 63

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://cs-0.moevideo.biz/ssp/cs?d=161&b=31e0105b-f125-533d-8a84-1705eb0b97e3

Request Chain 64

https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com HTTP 302
https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com&bounce=1&random=3818780584 HTTP 302
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D HTTP 302
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=t1Z4WyWokoO3

Request Chain 89

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fpresaver.com%2F&uid=&vpaid=false&rolltype=outstream HTTP 302
https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Fpresaver.com%2F&rolltype=outstream&uid=618f80e8d41e064d424be09e&vpaid=false

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
presaver.com/
Redirect Chain

http://presaver.com/
https://presaver.com/
https://presaver.com/1

8 KB
4 KB

88ms
86ms

Document
text/html

2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presaver.com/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.20
Resource Hash: c61dbecbc22df05d357d54eafbe04163af59b163a69e1e71c49a3d1ab7e37bb9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.20
cache-control: no-cache, private
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5iLxuC6zsjjEFxzavmCFt%2Bps0V8BoBoSH5J1lbdWmPJv8i9yKk62RepnFehSpKF1tFnWvd%2F%2F9%2BDqf4M2Yx5nCTFo%2Fregbq5iZ2lSClg3HA9hHXlSJKL74PygirMncBeNTV48u7XKpy979U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ad6dd2d6cb45364-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.20
cache-control: no-cache, private
location: https://presaver.com/1
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LBDpcyB9af4Mzk4TKRRaki%2B%2BkM53lZR%2BhVQMwYnicZDHJVu6PytZcJjhXpNuVxUjMRkWoiXY187p3ektfimMuIV1QCgKC2ZL%2FmHpS9ATkmMb5VGX2zBqQtu1sE7JkROLae9ppQEljqAl%2FCo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ad6dd2c2a895364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 42ms
18ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139618482-1

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

021ffecd12a95bd32ac68c836378aacde160419ba034afac25effd8ff32af4b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 36130
x-xss-protection: 0
expires: Sat, 13 Nov 2021 09:09:55 GMT

GET
H2 200 app.css
presaver.com/css/ 19 KB
5 KB 13ms
13ms Stylesheet
text/css 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2c61b7f8b8289579ca4a0dde7cfb784f98fcfe083d137d3a9e8d93cd5879df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Nov 2021 14:01:49 GMT
server: cloudflare
age: 5996
etag: W/"4d03-5cfcebc130d35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WzUFbNvI7Zj04Pktap%2Fa9lO9AlG8s4TTOYSUo%2BhZk9WjKabtAHBC%2BikQyFO%2BrQwt1IMKYfd6pFWjbaxJTKPauV1BRRAKoTxXouu1vVLsgwTEc4wPEJjTM8gbz%2Bm%2FK0BTNSB26UJAHSIOGY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e1dc55364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 3 KB
961 B 38ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sat, 13 Nov 2021 08:04:33 GMT
server: ESF
date: Sat, 13 Nov 2021 09:09:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 13 Nov 2021 09:09:55 GMT

GET
H/1.1 200
OK mvpt.min.js Show response
moevideo.biz/embed/js/ 175 KB
176 KB 665ms
566ms Script
application/javascript 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/js/mvpt.min.js
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx /
Resource Hash: 299875a7185e097ca07e3e512d4902e89c627adc9fa1f09aa56933217ed60d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:56 GMT
Last-Modified: Tue, 09 Nov 2021 11:55:11 GMT
Server: nginx
X-My-Name: s11
ETag: "618a619f-2bd02"
Content-Type: application/javascript
Content-Length: 179458
Connection: keep-alive
Accept-Ranges: bytes
X-My-Reqtime: 0.425

GET
H2 200 email-decode.min.js Show response
presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
8ms Script
application/javascript 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://presaver.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Nov 2021 11:48:50 GMT
server: cloudflare
etag: W/"618d0322-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcKbB8VFeWZOBi0lwqnym95sREZoa%2BtBeNxFzJIyQq%2B9rWfmTpToSAcNDSEYfWOYoseRthUewkLCFgExFvPjYKJyMlnP5RoXZVUtmB4BjX19ZsDxpfkaT1%2FK89TMThvI9wVcmhEQk2vUqWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e1dc95364-FRA
vary: Accept-Encoding
expires: Mon, 15 Nov 2021 09:09:55 GMT

GET
H2 200 sweetalert2@9 Show response
cdn.jsdelivr.net/npm/ 65 KB
18 KB 40ms
22ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@9

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1330
x-jsd-version: 9.17.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"105f5-IoZ47xa2VqsB8s6EqlY9hdo2pRY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ad6dd2e38e6178a-FRA

GET
H2 200 vendor.js Show response
presaver.com/js/ 274 KB
85 KB 20ms
20ms Script
application/javascript 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presaver.com/js/vendor.js?id=7dcf5502d17063ffae48
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 08:46:25 GMT
server: cloudflare
age: 5996
etag: W/"44965-5cc918ca5a643"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkAFCW8qI12j66w3%2BrB0wqx%2B87mhbUDY8CtEWE4m0EzgiP7FIG2KMIhchoGLnzV4AdThFh4Pfmp%2BuIOEl0dzJLwg%2BMCRWDYTHnCm9FlofpUGe6bVJSDZsduj2U64JFx8QgeJSLV8knQCEDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e1dca5364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 app.js Show response
presaver.com/js/ 47 KB
13 KB 15ms
14ms Script
application/javascript 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://presaver.com/js/app.js?id=e77455dfdddf00c9c67e
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fadbc684d39c89871c5e955e22d4a7322e661cbc03e875441f6ea1ec3884733

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 08:46:25 GMT
server: cloudflare
age: 5996
etag: W/"bce4-5cc918ca5993e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItAVXxI2Ma%2FFT6I1Rrogp9hbcKmt3CuQyEg9%2BlobLa%2Ftfr2rV73PNer0ZAhqNyx%2FTvS3UCsd0jChPQT%2FQwPNpPX0pUMueXXLR%2FcqdCiXrEaMefv6tFfO23CtPtnqVyEOqE9sx2i5vaoec2w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e1dcc5364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u043...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0...

43 B
528 B

42ms
42ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.1388942173248835

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:10:07 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 12 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:10:06 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//presaver.com/1;h220YouTube%20-%20%u0421%u043A%u0430%u0447%u0430%u0442%u044C%20%u0432%u0438%u0434%u0435%u043E%20%u0441%20YouTube%20%u0431%u0435%u0441%u043F%u043B%u0430%u0442%u043D%u043E%20%u043D%u0430%20%u0432%u044B%u0441%u043E%u043A%u043E%u0439%20%u0441%u043A%u043E%u0440%u043E%u0441%u0442%u0438%2C%20%u0431%u0435%u0437%20%u043F%u0440%u043E%u0433%u0440%u0430%u043C%u043C%20%u0438%20%u0440%u0435%u0433%u0438%u0441%u0442%u0440%u0430%u0446%u0438%u0438;0.1388942173248835
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 12 Nov 2020 21:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 189 KB
65 KB 122ms
58ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-101bc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 65980
expires: Sat, 13 Nov 2021 10:09:55 GMT

GET
H2 200 logo.svg
presaver.com/images/ 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presaver.com/images/logo.svg?v2
Requested by: Host: presaver.com
URL: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 08:46:25 GMT
server: cloudflare
age: 5995
etag: W/"742-5cc918ca5240e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0y%2Bun47imWmbfVD4wu60UpkwpPpPLRNfjvKnLGXFfjb1EcPJ%2F7vBK1GL59h2idc%2BwYjv3p689XFfLOq1UP%2FxmTVdPHJ9s0JgZWctQlddN9W5zAp7AUs%2BsjyaR9hzs41ydBY5V87uJ1rCUo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e6e7d5364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 button_search.svg
presaver.com/images/ 269 B
516 B 13ms
12ms Image
image/svg+xml 2606:4700:3034::ac43:b14b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://presaver.com/images/button_search.svg
Requested by: Host: presaver.com
URL: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b14b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/css/app.css?id=80dfc01a97d87e1061aa
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Sep 2021 08:46:25 GMT
server: cloudflare
age: 5995
etag: W/"10d-5cc918ca51708"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Snup25RZTVD0ojmh5do69MJFvghBy71%2Fjsfq1lklGYFU1Llgoh2MGhnS6vpJfEOP%2Bla3SJaAmg8CVf%2B35Q2CSz98j4mEvVehyaAyvyGe%2BdZgenIwOV0YfYCnKBLutpvGXrrs2rJXMbZwonc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad6dd2e6e805364-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v27/ 10 KB
10 KB 35ms
12ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3794e9a7f229210e1dbaf831a62918c9edfc09a90a6684dcc0468f461c20e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presaver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 16:29:06 GMT
x-content-type-options: nosniff
age: 146449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 10092
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:38 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 16:29:06 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
17 KB 28ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://presaver.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 06:37:09 GMT
x-content-type-options: nosniff
age: 95566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 06:37:09 GMT

GET
H/1.1 200
OK widget.js Show response
cackle.me/ 9 KB
3 KB 155ms
36ms Script
application/javascript 95.213.129.125
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://cackle.me/widget.js
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.129.125 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5d3f094734e47a48f932c0f482abe3e8a14791ae07583a8726e7df34a429b83e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 09:59:24 GMT
Server: nginx
ETag: W/"6140727c-2437"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 14 Nov 2021 09:09:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139618482-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4129
date: Sat, 13 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sat, 13 Nov 2021 10:01:06 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
204 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1363067905&t=pageview&_s=1&dl=https%3A%2F%2Fpresaver.com%2F1&ul=en-us&de=UTF-8&dt=220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1318113837&gjid=628883829&cid=1466784802.1636794595&tid=UA-139618482-1&_gid=122977771.1636794595&_r=1&gtm=2ouba1&z=1437664416

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://presaver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://presaver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9456.DA00JrI-KYcNDVEXgOGd37H3RjYj77VPzMFanqMYex8yPcI-gz1LlKtBpz9JgEso.YOU9ufCKs5N7ReCCbFbc-IaE-vw%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9456.U-URHNGtRDXTZy9Gy9oipd4PHq4mLYdm5uvsDSeIx6_zRG-C5tXufQ1Yg98vAmQhj1O18eGcEUKPkUpWIJ7EHw%2C%2C.JM6fVYJitl_TK--V6cCfTVE9Tqc%2C

75 B
75 B

31ms
31ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9456.U-URHNGtRDXTZy9Gy9oipd4PHq4mLYdm5uvsDSeIx6_zRG-C5tXufQ1Yg98vAmQhj1O18eGcEUKPkUpWIJ7EHw%2C%2C.JM6fVYJitl_TK--V6cCfTVE9Tqc%2C

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9456.U-URHNGtRDXTZy9Gy9oipd4PHq4mLYdm5uvsDSeIx6_zRG-C5tXufQ1Yg98vAmQhj1O18eGcEUKPkUpWIJ7EHw%2C%2C.JM6fVYJitl_TK--V6cCfTVE9Tqc%2C
date: Sat, 13 Nov 2021 09:09:55 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 31ms
31ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif?t=ti(4)

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:55 GMT
last-modified: Thu, 11 Nov 2021 17:20:26 GMT
etag: "618d26aa-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 13 Nov 2021 10:09:55 GMT

GET
H/1.1 200
OK bootstrap Show response
j.cackle.me/widget/66129/ 4 KB
2 KB 55ms
13ms Script
application/json 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/widget/66129/bootstrap?chan=index&url=https%3A%2F%2Fpresaver.com%2F1&callback=cackle_Comment66129
Requested by: Host: cackle.me
URL: https://cackle.me/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: a46175458f028de2d3304964d119d36dd9c3bdad03f68ca3cf1e75ad08de2887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:55 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Language: en
Cache-Control: no-cache, no-store, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK comment2ru.js Show response
j.cackle.me/widget/js/ 179 KB
63 KB 18ms
18ms Script
application/javascript 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/widget/js/comment2ru.js?v=14092021095920
Requested by: Host: cackle.me
URL: https://cackle.me/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 3a248e3dc8f3d63cc8242b7ca0c04bca44058e0732bb9343f4e138ce24e79b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 01 Aug 2021 18:05:04 GMT
Server: nginx
ETag: W/"6106e250-2cad2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 13 Dec 2021 09:09:55 GMT

GET
H/1.1 200
OK comment2.css
j.cackle.me/widget/css/ 46 KB
10 KB 40ms
17ms Stylesheet
text/css 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/widget/css/comment2.css?v=14092021095920
Requested by: Host: cackle.me
URL: https://cackle.me/widget.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 01 Aug 2021 18:05:04 GMT
Server: nginx
ETag: W/"6106e250-b9df"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 13 Dec 2021 09:09:55 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/49162435/
Redirect Chain

https://mc.yandex.com/watch/49162435?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%...

350 B
459 B

33ms
32ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1110444869192%3Ahid%3A490261810%3Az%3A0%3Ai%3A20211113090955%3Aet%3A1636794595%3Ac%3A1%3Arn%3A614150693%3Arqn%3A1%3Au%3A1636794595803193261%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1636794594750%3Ads%3A0%2C0%2C86%2C1%2C263%2C0%2C%2C120%2C0%2C%2C%2C%2C474%3Adsn%3A0%2C0%2C86%2C1%2C262%2C0%2C%2C121%2C0%2C%2C%2C%2C473%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636794595%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29ti%282%29

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4ff9af7c7f4c81c67cf206fb527c352456e46e1a23ede23e89ac532c66afe1f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:55 GMT
x-content-type-options: nosniff
last-modified: Sat, 13-Nov-2021 09:09:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 13-Nov-2021 09:09:55 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:55 GMT
last-modified: Sat, 13-Nov-2021 09:09:55 GMT
location: /watch/49162435/1?wmode=7&page-url=https%3A%2F%2Fpresaver.com%2F1&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4bjmbg3ayomqwinwev%3Afp%3A443%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A700%3Acn%3A1%3Adp%3A0%3Als%3A1110444869192%3Ahid%3A490261810%3Az%3A0%3Ai%3A20211113090955%3Aet%3A1636794595%3Ac%3A1%3Arn%3A614150693%3Arqn%3A1%3Au%3A1636794595803193261%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1636794594750%3Ads%3A0%2C0%2C86%2C1%2C263%2C0%2C%2C120%2C0%2C%2C%2C%2C474%3Adsn%3A0%2C0%2C86%2C1%2C262%2C0%2C%2C121%2C0%2C%2C%2C%2C473%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1636794595%3At%3A220YouTube%20-%20%D0%A1%D0%BA%D0%B0%D1%87%D0%B0%D1%82%D1%8C%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%20%D1%81%20YouTube%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20%D0%BD%D0%B0%20%D0%B2%D1%8B%D1%81%D0%BE%D0%BA%D0%BE%D0%B9%20%D1%81%D0%BA%D0%BE%D1%80%D0%BE%D1%81%D1%82%D0%B8%2C%20%D0%B1%D0%B5%D0%B7%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%20%D0%B8%20%D1%80%D0%B5%D0%B3%D0%B8%D1%81%D1%82%D1%80%D0%B0%D1%86%D0%B8%D0%B8&t=gdpr%2814%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 13-Nov-2021 09:09:55 GMT

GET
H/1.1 200
OK index.html Show response
j.cackle.me/xdm/ Frame 5FEB 10 KB
3 KB 12ms
11ms Document
text/html 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
Requested by: Host: j.cackle.me
URL: https://j.cackle.me/widget/js/comment2ru.js?v=14092021095920
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: ef7cc45592eb8af039c62ec23fea875d265ce8b20bef061daaadef88bfaddaed

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:55 GMT
Content-Type: text/html; charset=utf-8
Last-Modified: Wed, 28 Jul 2021 21:52:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6101d196-2677"
Expires: Mon, 13 Dec 2021 09:09:55 GMT
Cache-Control: max-age=2592000
Content-Encoding: gzip

GET
H/1.1 200
OK cackle.png
j.cackle.me/widget/img/ 1 KB
2 KB 12ms
11ms Image
image/png 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.cackle.me/widget/img/cackle.png
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: 496d7ce31af38b0a6aa9178c0714598621613fa62420dbad92a8f3649bb1c2c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:55 GMT
Last-Modified: Wed, 28 Jul 2021 21:52:22 GMT
Server: nginx
ETag: "6101d196-509"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1289
Expires: Mon, 13 Dec 2021 09:09:55 GMT

GET
H/1.1 200
OK anonym2.png
cackle.me/widget/img/ 2 KB
2 KB 35ms
35ms Image
image/png 95.213.129.125
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cackle.me/widget/img/anonym2.png
Requested by: Host: presaver.com
URL: https://presaver.com/1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.213.129.125 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx /
Resource Hash: 96ece815756726d4acfc51349a5b26cf5cd05d6ade637be117dbe998837a939d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:55 GMT
Last-Modified: Wed, 28 Jul 2021 20:52:22 GMT
Server: nginx
ETag: "6101c386-679"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1657
Expires: Mon, 13 Dec 2021 09:09:55 GMT

GET
H2

200

anonym2.png
i1.wp.com/cackle.me/widget/img/
Redirect Chain

https://gravatar.com/avatar/24f282c51675b273c3be9007b426cda1?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48
https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

186 B
496 B

22ms
6ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5979465499d10f2886f567b9395f6d58ffd757ab3f2cf998e3667b6c2499a985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:56 GMT
x-content-type-options: nosniff
x-bytes-saved: 1546
content-length: 186
x-nc: HIT hhn 2
last-modified: Sat, 08 Jun 2019 18:25:44 GMT
server: nginx
etag: "ca3e807ae0786c65"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cackle.me/widget/img/anonym2.png>; rel="canonical"
expires: Tue, 08 Jun 2021 06:25:44 GMT

Redirect headers

date: Sat, 13 Nov 2021 09:09:56 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
source-age: 808
x-varnish: 937625637 926812901
location: https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1
cache-control: max-age=300
content-type: text/html; charset=utf-8
link: <https://www.gravatar.com/avatar/24f282c51675b273c3be9007b426cda1?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48>; rel="canonical"
content-length: 0
expires: Sat, 13 Nov 2021 09:14:56 GMT

GET
H2

200

anonym2.png
i1.wp.com/cackle.me/widget/img/
Redirect Chain

https://gravatar.com/avatar/f93e49e78b9eed71aa686026accbf3ef?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48
https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

186 B
221 B

22ms
7ms

Image
image/webp

192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1

Requested by

Host: presaver.com
URL: https://presaver.com/1

Protocol

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

5979465499d10f2886f567b9395f6d58ffd757ab3f2cf998e3667b6c2499a985

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:56 GMT
x-content-type-options: nosniff
x-bytes-saved: 1546
content-length: 186
x-nc: HIT hhn 2
last-modified: Sat, 08 Jun 2019 18:25:44 GMT
server: nginx
etag: "ca3e807ae0786c65"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://cackle.me/widget/img/anonym2.png>; rel="canonical"
expires: Tue, 08 Jun 2021 06:25:44 GMT

Redirect headers

date: Sat, 13 Nov 2021 09:09:56 GMT
via: 1.1 varnish (Varnish/6.0)
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
source-age: 2590
x-varnish: 779552178 740890118
location: https://i1.wp.com/cackle.me/widget/img/anonym2.png?ssl=1
cache-control: max-age=300
content-type: text/html; charset=utf-8
link: <https://www.gravatar.com/avatar/f93e49e78b9eed71aa686026accbf3ef?d=https://cackle.me/widget/img/anonym2.png&r=PG&s=48>; rel="canonical"
content-length: 0
expires: Sat, 13 Nov 2021 09:14:56 GMT

GET
H/1.1 200
OK easyXDM.min.js Show response
j.cackle.me/xdm/ Frame 5FEB 20 KB
9 KB 14ms
14ms Script
application/javascript 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/xdm/easyXDM.min.js
Requested by: Host: j.cackle.me
URL: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: cab290f4c3e08a3d377b57d5a497f4089cda26bb2df4256f03032dc2d1d2821d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:56 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 21:52:22 GMT
Server: nginx
ETag: W/"6101d196-50ec"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 13 Dec 2021 09:09:56 GMT

GET
H/1.1 200
OK authorize.json Show response
j.cackle.me/login/66129/ Frame 5FEB 106 B
524 B 14ms
12ms XHR
application/json 94.130.71.126
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://j.cackle.me/login/66129/authorize.json
Requested by: Host: j.cackle.me
URL: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 94.130.71.126 Reutlingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.126.71.130.94.clients.your-server.de
Software: nginx /
Resource Hash: fb428ed432b2090daf7f204e0daaec8981821e9bd6ca186a052ea6e707160801

Request headers

Accept: application/json;
Referer: https://j.cackle.me/xdm/index.html?xdm_e=https%3A%2F%2Fpresaver.com&xdm_c=default8728&xdm_p=1
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:56 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK version Show response
moevideo.biz/embed/core/ 45 B
219 B 134ms
134ms Script
application/javascript 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/core/version?jsonp=&jsonpCallback=jsonp_1636794596301_45810
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx /
Resource Hash: 6d37cd594b379941ea29a61d2589b587972ee2fc3e569e95e9f98c0a7595bfd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 45
X-My-Reqtime: 0.094
Content-Type: application/javascript

GET
H/1.1 200
OK native Show response
moevideo.biz/ Frame 932D 40 KB
17 KB 210ms
210ms Document
text/html 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/js/mvpt.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx / PHP/5.5.38
Resource Hash: d05a62e2a0f48aab57b64cbfce86982ee3c3d90bf436cc52a45ad600a1373f8d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://presaver.com/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.5.38
X-My-Adv-Time: 0.00302410125732
Expires: Thu, 19 Feb 1998 13:24:18 GMT
Last-Modified: Sat, 13 Nov 2021 09:09:56 GMT
Cache-Control: max-age=0
Pragma: no-cache
X-Mv-TryCache: 0
X-My-App-Time: 0.036
X-Mv-Embed-Version: 1384
X-My-Name: s26
X-My-Reqtime: 0.124
Access-Control-Allow-Origin: *
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
moevideo.biz/embed/player/1742/skins/gray/ Frame 932D 54 KB
16 KB 211ms
211ms Stylesheet
text/css 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1742/skins/gray/styles.css
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx /
Resource Hash: 8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Content-Encoding: gzip
Last-Modified: Tue, 09 Nov 2021 11:53:16 GMT
Server: nginx
X-My-Name: s35
ETag: W/"618a612c-d99f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive
X-My-Reqtime: 0.081

GET
H/1.1 200
OK mvplayer.min.js Show response
moevideo.biz/embed/player/1742/ Frame 932D 585 KB
585 KB 299ms
217ms Script
application/javascript 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx /
Resource Hash: c847cfbe83788fb7472e0ca76fcb041695ed7e704d5943c4e9e3b934fe611d09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Last-Modified: Tue, 09 Nov 2021 11:54:19 GMT
Server: nginx
X-My-Name: s12
ETag: "618a616b-92238"
Content-Type: application/javascript
Content-Length: 598584
Connection: keep-alive
Accept-Ranges: bytes
X-My-Reqtime: 0.094

GET
H/1.1 200
OK set Show response
playreplay.me/api/cookie/ Frame 932D 0
332 B 226ms
134ms Script
text/plain 92.38.138.52
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.me/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22de3d2055a0e0e17edc4c%22},{%22key%22:%22mvsid%22,%22value%22:%2240926da0-063e-48ee-a41a-fe279507fa4b%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f29.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.093

GET
H/1.1 200
OK set Show response
thesame.tv/api/cookie/ Frame 932D 0
332 B 241ms
139ms Script
text/plain 92.223.103.52
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://thesame.tv/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22de3d2055a0e0e17edc4c%22},{%22key%22:%22mvsid%22,%22value%22:%2240926da0-063e-48ee-a41a-fe279507fa4b%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.52 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f20.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.094

GET
H/1.1 200
OK set Show response
moevideo.biz/api/cookie/ Frame 932D 0
332 B 122ms
122ms Script
text/plain 92.223.103.7
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22de3d2055a0e0e17edc4c%22},{%22key%22:%22mvsid%22,%22value%22:%2240926da0-063e-48ee-a41a-fe279507fa4b%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.7 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f23.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.081

GET
H/1.1 200
OK set Show response
cs-0.moevideo.biz/api/cookie/ Frame 932D 0
332 B 231ms
129ms Script
text/plain 92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-0.moevideo.biz/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22de3d2055a0e0e17edc4c%22},{%22key%22:%22mvsid%22,%22value%22:%2240926da0-063e-48ee-a41a-fe279507fa4b%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.087

GET
H/1.1 200
OK set Show response
playreplay.net/api/cookie/ Frame 932D 0
332 B 221ms
120ms Script
text/plain 92.38.138.51
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://playreplay.net/api/cookie/set?cookies=[{%22key%22:%22mvuid%22,%22value%22:%22de3d2055a0e0e17edc4c%22},{%22key%22:%22mvsid%22,%22value%22:%2240926da0-063e-48ee-a41a-fe279507fa4b%22}]
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.51 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f50.moevideo.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:57 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
X-My-Reqtime: 0.080

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 195E 18 KB
7 KB 327ms
184ms Document
text/html 92.38.138.49
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.49 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f28.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 11:55:18 GMT
ETag: W/"618a61a6-4783"
X-My-Name: s33
X-My-Reqtime: 0.093
X-B-Name: f28
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ Frame 932D 313 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 204
No Content auction_multi
am-0.moevideo.biz/ssp/ Frame 0
0 138ms
42ms Preflight 92.223.103.59
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.59 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f47.moevideo.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://moevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:58 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS

POST
H/1.1 200
OK auction_multi Show response
am-0.moevideo.biz/ssp/ Frame 932D 2 B
472 B 218ms
218ms Fetch
application/json 92.223.103.59
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://am-0.moevideo.biz/ssp/auction_multi
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.223.103.59 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f47.moevideo.net
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:58 GMT
X-Balancer-Name: f47
Last-Modified: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://moevideo.biz
X-B-Name: f47
Cache-Control: no-cache, must-revalidate;post-check=0,pre-check=0;max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2
Expires: Thu, 19 Feb 1998 13:24:18 GMT

GET
DATA 200
OK truncated
/ Frame 932D 363 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 932D 49 KB
20 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4131
date: Sat, 13 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sat, 13 Nov 2021 10:01:06 GMT

GET
H/1.1 200
OK ads-async.js Show response
ad.mail.ru/static/ Frame 932D 185 KB
185 KB 271ms
95ms Script
application/javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/static/ads-async.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 189564
Expires: Sat, 13 Nov 2021 09:19:58 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 5577 18 KB
7 KB 181ms
180ms Document
text/html 92.38.138.49
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.49 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f28.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 11:55:19 GMT
ETag: W/"618a61a7-4783"
X-My-Name: s36
X-My-Reqtime: 0.087
X-B-Name: f28
Content-Encoding: gzip

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame FA86 18 KB
7 KB 266ms
182ms Document
text/html 92.38.138.49
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.49 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f28.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 11:55:19 GMT
ETag: W/"618a61a7-4783"
X-My-Name: s36
X-My-Reqtime: 0.089
X-B-Name: f28
Content-Encoding: gzip

GET
H/1.1 200
OK 389706 Show response
ad.mail.ru/vast/ Frame 932D 60 B
413 B 85ms
52ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/389706?pr=6513559&sc=2453607411&dl=https%3A%2F%2Fpresaver.com%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 201579 Show response
ad.mail.ru/vast/ Frame 932D 61 B
414 B 139ms
55ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/201579?dl=presaver.com
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 49162435 Show response
mc.yandex.com/webvisor/ 43 B
176 B 32ms
32ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49162435?wmode=0&wv-part=1&wv-hit=490261810&page-url=https%3A%2F%2Fpresaver.com%2F1&rn=549125574&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1636794598%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211113090957%3Au%3A1636794595803193261%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1636794598&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://presaver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
last-modified: Sat, 13-Nov-2021 09:09:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 13-Nov-2021 09:09:58 GMT

GET
H/1.1 200
OK storage.html Show response
moe.video/ Frame 911B 18 KB
7 KB 188ms
187ms Document
text/html 92.38.138.49
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://moe.video/storage.html?v=08
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.38.138.49 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f28.moevideo.net
Software: nginx /
Resource Hash: 55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Nov 2021 11:55:22 GMT
ETag: W/"618a61aa-4783"
X-My-Name: s45
X-My-Reqtime: 0.096
X-B-Name: f28
Content-Encoding: gzip

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 932D
Redirect Chain

https://moevideo-sync.rutarget.ru/sync
https://cs-0.moevideo.biz/ssp/cs?d=1&b=AEX7O3khqazn

36 B
208 B

221ms
127ms

Image
image/gif

92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=1&b=AEX7O3khqazn
Protocol: HTTP/1.1
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

Location: https://cs-0.moevideo.biz/ssp/cs?d=1&b=AEX7O3khqazn
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 932D 0
239 B 59ms
12ms Image
text/plain 37.18.103.16
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=117

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.103.16 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 514
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

moevideo
px.adhigh.net/p/cm/ Frame 932D
Redirect Chain

https://px.adhigh.net/p/cm/moevideo
https://px.adhigh.net/p/cm/moevideo?bounced=1

49 B
326 B

46ms
46ms

Image
image/gif

193.232.150.60
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/moevideo?bounced=1
Protocol: H2
Server: 193.232.150.60 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp20.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f20-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/p/cm/moevideo?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 932D
Redirect Chain

https://sync.bumlam.com/?src=moe2&uid=de3d2055a0e0e17edc4c
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABjmgb6MBlIFst3qqQtiFGRlM2QyMDU1YTBlMGUxN2VkYzRj
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARjmgb6MBlIFst3qqQtiFGRlM2QyMDU1YTBlMGUxN2VkYzRjogEQeZilRkRhEeyG4AAlkMBkfA**
https://sync.bumlam.com/?src=moe2&s_data=CAIQABjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8
https://sync.bumlam.com/?src=moe2&s_data=CAIQARjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8

43 B
552 B

7ms
6ms

Image
image/gif

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=moe2&s_data=CAIQARjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
ETag: 7998a546-4461-11ec-86e0-002590c0647c
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=moe2&s_data=CAIQARjmgb6MBmIUZGUzZDIwNTVhMGUwZTE3ZWRjNGOiARB5mKVGRGER7IbgACWQwGR8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 932D
Redirect Chain

https://mitdmp.whiteboxdigital.ru/pixel?source=moevideo&id=de3d2055a0e0e17edc4c&redirect=true&href=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D51%26b%3D%7Buid%7D
https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}

36 B
208 B

127ms
127ms

Image
image/gif

92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Protocol: HTTP/1.1
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx/1.21.0
Location: https://cs-0.moevideo.biz/ssp/cs?d=51&b={uid}
Access-Control-Max-Age: 3628800
Access-Control-Allow-Methods: GET, DELETE, OPTIONS, POST, PUT
Access-Control-Allow-Origin
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, JSNLog-RequestId, activityId, applicationId, applicationUserId, channelId, senderId, sessionId
Content-Length: 0

GET
H/1.1

200
OK

rle.cgi
ad.adriver.ru/cgi-bin/ Frame 932D
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5813903570

42 B
581 B

61ms
61ms

Image
image/gif

195.209.108.51
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5813903570
Protocol: HTTP/1.1
Server: 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:58 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: image/gif
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:58 GMT
Location: /cgi-bin/rle.cgi?sid=1&ad=719570&bt=21&bn=719570&tuid=-5813903570
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Access-Control-Allow-Origin: *
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 932D
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/moevideo?redirect_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D81%26b%3D%24%7BUUID%7D
https://cs-0.moevideo.biz/ssp/cs?d=81&b=e11d4939-e12f-4333-42c0-d4cd7f3b3fee

36 B
208 B

129ms
129ms

Image
image/gif

92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=81&b=e11d4939-e12f-4333-42c0-d4cd7f3b3fee
Protocol: HTTP/1.1
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

location: https://cs-0.moevideo.biz/ssp/cs?d=81&b=e11d4939-e12f-4333-42c0-d4cd7f3b3fee
date: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 932D
Redirect Chain

https://sync.upravel.com/moevideo/sync
https://sync.upravel.com/moevideo/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
https://90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com/moevideo/sync?ud_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly9tb2V2aWRlby5iaXovIiwiaHR0cHM6Ly9tb2V2aWRlby5iaXovIl19fQ
https://cs-0.moevideo.biz/ssp/cs?d=91&b=90c0c700-9453-4cf1-a9d9-b1a8f967dfc1

36 B
208 B

138ms
129ms

Image
image/gif

92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=91&b=90c0c700-9453-4cf1-a9d9-b1a8f967dfc1
Protocol: HTTP/1.1
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

date: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx
location: https://cs-0.moevideo.biz/ssp/cs?d=91&b=90c0c700-9453-4cf1-a9d9-b1a8f967dfc1
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
content-type: image/png
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H/1.1

204
No Content

em
sm.rtb.mts.ru/ Frame 932D
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=moevideo&id=de3d2055a0e0e17edc4c
https://sm.rtb.mts.ru/match/second?ssp=22&exu=de3d2055a0e0e17edc4c
https://tech.rtb.mts.ru/?dsp_uid=ff32e059-b7f0-45ca-a122-e592ec7988d2&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fsm.rtb.mts.ru%252Fem%253Fnext%253D2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fsm.rtb.mts.ru%2Fem%3Fnext%3D22%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1
https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=oN6VT71Muw3ss5WkeEeFGg

0
291 B

37ms
37ms

Image
text/plain

217.66.147.169
SPBMTS-AS Malaya ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=oN6VT71Muw3ss5WkeEeFGg
Protocol: HTTP/1.1
Server: 217.66.147.169 St Petersburg, Russian Federation, ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU),
Reverse DNS: host-169-147-66-217.spbmts.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:59 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:59 GMT
last-modified: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://sm.rtb.mts.ru/em?next=22&em=2&ssp=aidata&id=oN6VT71Muw3ss5WkeEeFGg
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 13 Nov 2021 09:09:58 GMT

GET
H2 204 moevideo
sync.dmp.otm-r.com/match/ Frame 932D 0
70 B 52ms
15ms Image
text/plain 116.202.236.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/moevideo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 116.202.236.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.228.236.202.116.clients.your-server.de
Software: nginx/1.17.10 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx/1.17.10

GET
H/1.1 204
No Content myvideo-sync
rtb.com.ru/ Frame 932D 0
240 B 144ms
45ms Image
text/plain 83.222.114.186
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.com.ru/myvideo-sync?uid=de3d2055a0e0e17edc4c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 83.222.114.186 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Cache-Control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Server: nginx/1.18.0
Connection: keep-alive
P3p: CP="rtb.com.ru does not have a P3P policy"

GET
H/1.1

200
OK

cs
cs-0.moevideo.biz/ssp/ Frame 932D
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=42837&callback_url=https%3A%2F%2Fcs-0.moevideo.biz%2Fssp%2Fcs%3Fd%3D161%26b%3D%24%7BUSER_ID%7D&crf=1
https://cs-0.moevideo.biz/ssp/cs?d=161&b=31e0105b-f125-533d-8a84-1705eb0b97e3

36 B
208 B

124ms
124ms

Image
image/gif

92.223.103.115
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs-0.moevideo.biz/ssp/cs?d=161&b=31e0105b-f125-533d-8a84-1705eb0b97e3
Protocol: HTTP/1.1
Server: 92.223.103.115 Moscow, Russian Federation, ASN199524 (GCORE, LU),
Reverse DNS: f3.moevideo.net
Software: nginx /
Resource Hash: 9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Connection: keep-alive
Content-Length: 36
Content-Type: image/gif

Redirect headers

location: https://cs-0.moevideo.biz/ssp/cs?d=161&b=31e0105b-f125-533d-8a84-1705eb0b97e3
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

204

collect
dx.frontend.weborama.com/ Frame 932D
Redirect Chain

https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A//moevideo.biz/native%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com
https://dx.frontend.weborama.com/collect?touchpoint=0&url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com&bounce=1&random=3818780584
https://rd.frontend.weborama.fr/rd?key=wamsync&url=https%3A%2F%2Fdx.frontend.weborama.com%2Fcollect%3Fdsp_id%3D0%26eid%3D%7BWEBO_ID%7D
https://dx.frontend.weborama.com/collect?dsp_id=0&eid=t1Z4WyWokoO3

0
123 B

16ms
16ms

Image
text/plain

35.201.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=t1Z4WyWokoO3
Protocol: H2
Server: 35.201.80.102 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 102.80.201.35.bc.googleusercontent.com
Software: nginx/1.12.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
via: 1.1 google
last-modified: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx/1.12.0
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
via: 1.1 google
last-modified: Sat, 13 Nov 2021 09:09:58 GMT
server: nginx/1.12.0
location: https://dx.frontend.weborama.com/collect?dsp_id=0&eid=t1Z4WyWokoO3
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H/1.1 200
OK 197143 Show response
ad.mail.ru/vast/ Frame 932D 61 B
414 B 55ms
55ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/197143?pr=4225150&sc=2453607411&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 932D 60 B
413 B 55ms
55ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=3769955&sc=2453607411&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK 362146 Show response
ad.mail.ru/vast/ Frame 932D 60 B
413 B 58ms
58ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/362146?rand=1621041&sc=2453607411&dl=https%3A%2F%2Fpresaver.com%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 932D 11 KB
2 KB 86ms
50ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_2&description_url=https%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1636794598

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ba4629ec64b36417510c5f4fc511ecd93b20e4e4f8ab8401056dd326095cd757

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2266
x-xss-protection: 0
google-lineitem-id: 5787806370
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364017550
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 932D 11 KB
3 KB 70ms
36ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/Ad_064_RedDigital_gam_9&description_url=http%3A%2F%2Fmoevideo.biz&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1636794598

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

aa085cea6f4043ea90f64d520e9cce89cc82b6a813ebd69b588f668065031cf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2119
x-xss-protection: 0
google-lineitem-id: 5787813585
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363704277
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 932D 60 B
413 B 105ms
56ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=9690215&sc=2453607411&dl=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK vkAuth.html Show response
ad.mail.ru/dist/ Frame B802 523 B
802 B 52ms
52ms Document
text/html 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/dist/vkAuth.html
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

Server: nginx
Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 523
Connection: keep-alive
Expires: Sat, 13 Nov 2021 09:19:58 GMT
Cache-Control: max-age=600
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *

GET
H/1.1 200
OK / Show response
ad.mail.ru/adq/ Frame 932D 83 B
450 B 56ms
56ms Script
application/x-javascript 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/adq/?callback=mailru_ad1636794598108&q=199847&vk=0&_=271504035
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/static/ads-async.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: e68b752672be141ab41f610b7f225bb9dcb20d2716dc3a8e3beed45d120a1363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Content-Encoding: gzip
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: private, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *

GET
H/1.1 200
OK vast Show response
public.advarkads.com/ Frame 932D 858 B
1 KB 177ms
69ms XHR
application/xml 88.212.233.108
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://public.advarkads.com/vast?id=8099-1-1&target_id=1&type_id=3
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.233.108 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.18.0 / ASP.NET
Resource Hash: 363dd1a51491ff56b5dc6e77a65edbec2048c8862c4076d786f49b900883db51

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx/1.18.0
X-Powered-By: ASP.NET
Vary: Origin
Content-Type: application/xml; charset=utf-8
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 858
Expires: -1

GET
H/1.1 200
OK bid Show response
clientside-video-bidder.rutarget.ru/ Frame 932D 27 B
438 B 163ms
71ms XHR
text/xml 80.64.106.150
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to

Full URL: https://clientside-video-bidder.rutarget.ru/bid?url=moevideo.biz&request_id=246130349&placement_id=68&mimes=video%2Fmp4&placement=1&protocols=2&protocols=3&protocols=5&protocols=6&mimes=application/javascript&vd_api_0=VPAID_2_0&video_skippable=allow
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.150 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr5.rutarget.ru
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:58 GMT
Server: nginx
Access-Control-Allow-Methods: OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name
Content-Length: 27

GET
H2 200 openapi.js Show response
vk.com/js/api/ Frame B802 102 KB
23 KB 110ms
36ms Script
application/x-javascript 87.240.139.194
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: ad.mail.ru
URL: https://ad.mail.ru/dist/vkAuth.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv194-139-240-87.vk.com
Software: kittenx /
Resource Hash: 2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-encoding: br
x-frontend: front609307
last-modified: Thu, 07 Oct 2021 11:12:43 GMT
server: kittenx
etag: "615ed62b-5a1f"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 23071
expires: Wed, 17 Nov 2021 09:09:58 GMT

POST
H2 200 49162435 Show response
mc.yandex.com/webvisor/ 43 B
73 B 133ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49162435?wmode=0&wv-part=1&wv-hit=490261810&page-url=https%3A%2F%2Fpresaver.com%2F1&rn=707118748&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1636794598%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211113090958%3Au%3A1636794595803193261%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1636794598&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://presaver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:58 GMT
last-modified: Sat, 13-Nov-2021 09:09:58 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 13-Nov-2021 09:09:58 GMT

GET
H2 200 vpaid.js Show response
s3.advarkads.com/modules/ Frame 568A 227 KB
54 KB 48ms
15ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/vpaid.js
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4fe42ff9a5315f45a81b2ae59f9e9d35806b5f23ed19ac0c3ba9bbbac8384f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Oct 2021 16:55:25 GMT
server: cloudflare
age: 28
etag: "803c22f240c4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6ad6dd42bae568fe-FRA
content-length: 55070

GET
H2 200 / Show response
login.vk.com/ Frame B802 27 B
540 B 152ms
53ms XHR
text/html 87.240.129.135
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.vk.com/?act=openapi&oauth=1&aid=7871968&location=ad.mail.ru&new=1

Requested by

Host: vk.com
URL: https://vk.com/js/api/openapi.js?169

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.129.135 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv135-129-240-87.vk.com

Software

kittenx / KPHP/7.4.109286

Resource Hash

52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ad.mail.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:59 GMT
content-encoding: gzip
server: kittenx
x-powered-by: KPHP/7.4.109286
strict-transport-security: max-age=15768000
access-control-allow-methods: GET
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://ad.mail.ru
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=windows-1251
content-length: 41

GET
H2 200 advarkmanager.html Show response
s3.advarkads.com/modules/ Frame AF00 186 B
253 B 56ms
55ms Document
text/html 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/advarkmanager.html?origin=https%3A%2F%2Fmoevideo.biz
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/vpaid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b83275fb39694198b3b2a1c019d2278e312b71dc29cf3d66f8b6e071a0a27d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-type: text/html
cache-control: max-age=60
last-modified: Mon, 10 Apr 2017 16:53:50 GMT
vary: Accept-Encoding
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ad6dd433bfd68fe-FRA
content-encoding: gzip

GET
H2 200 advarkmanager.js Show response
s3.advarkads.com/modules/ Frame AF00 205 KB
47 KB 14ms
13ms Script
application/javascript 2606:4700:10::6816:457
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.advarkads.com/modules/advarkmanager.js
Requested by: Host: s3.advarkads.com
URL: https://s3.advarkads.com/modules/advarkmanager.html?origin=https%3A%2F%2Fmoevideo.biz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:457 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc82a1a40b05b973cf6c2c43df1eb3df0b025a58a96d7ff6c7d2eb1420dac6e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s3.advarkads.com/modules/advarkmanager.html?origin=https%3A%2F%2Fmoevideo.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:58 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Oct 2021 16:55:25 GMT
server: cloudflare
age: 59
etag: "803c22f240c4d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
cf-ray: 6ad6dd43aca868fe-FRA
content-length: 48450

GET vmap
api.advarkads.com/api/ Frame AF00 0
0

GET
H/1.1 200
OK 942495 Show response
ad.mail.ru/vast/ Frame 932D 60 B
413 B 59ms
59ms XHR
text/xml 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/vast/942495?rand=7981980&sc=2453607411&dl=https%3A%2F%2Fpresaver.com%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:09:59 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/xml
Access-Control-Allow-Origin: https://moevideo.biz
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

GET
H2 200 pl15526 Show response
ssp.bidvol.com/vast/ Frame 932D 49 B
506 B 135ms
75ms XHR
text/xml 65.108.1.48

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.bidvol.com/vast/pl15526?ref=https%3A%2F%2Fpresaver.com%2F
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.108.1.48 -, , ASN (),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: 3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:59 GMT
server: nginx/1.14.0
surrogate-control: no-store
vary: Accept-Encoding
content-type: text/xml; charset=utf-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-length: 49
x-request-id: f65234ea-3b52-460d-a6f2-5e91c0a66a86
expires: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 932D 11 KB
2 KB 41ms
41ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_1&description_url=http%3A%2F%2Freddigital.ru&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=1636794599

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f812ed1bdb6641e3b45bec98cacc214e8a724daaf5d29718d08fc75abe21ae04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2199
x-xss-protection: 0
google-lineitem-id: 5831389590
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138370852748
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
pub-eu.p.otm-r.com/ Frame 932D 65 B
354 B 47ms
15ms XHR
text/xml 159.69.59.100

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-eu.p.otm-r.com/get?placement_id=58b41eb87a379fc852fa4496&when=pre&stream=instream&domain=presaver.com
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.69.59.100 -, , ASN (),
Reverse DNS
Software: nginx/1.17.10 /
Resource Hash: a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:09:59 GMT
server: nginx/1.17.10
vary: Origin
content-type: text/xml
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 65
expires: 0

GET
H2 403 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 932D 176 B
438 B 27ms
27ms XHR
text/xml 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_USN&description_url=https%3A%2F%2Fpresaver.com%2F&url=https%3A%2F%2Fpresaver.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=9013467&sid1=2453607411

Requested by

Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3f98cc8bef2a3a87ffe948e7fd805858eefede4f98d1a37c3dceb83cc2bb4ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 09:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 123
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://moevideo.biz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET myvideo-vast
adx.com.ru/ Frame 932D 0
0

GET
H/1.1 200
OK erle.cgi Show response
ad.adriver.ru/cgi-bin/ Frame 932D 142 B
863 B 61ms
60ms XHR
text/xml 195.209.108.51
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/erle.cgi?sid=222859&bn=1&bt=61&tuid=1&pz=0&vz=1&vp=1&target=top&vmindn=0&vmaxdn=180&vminbtr=300&vmaxbtr=1000&rnd=837407302&tail256=moevideo.biz
Requested by: Host: moevideo.biz
URL: https://moevideo.biz/embed/player/1742/mvplayer.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375

Request headers

Accept: */*
Referer: https://moevideo.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 09:09:59 GMT
Transfer-Encoding: chunked
P3P: policyref="https://adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Access-Control-Allow-Origin: https://moevideo.biz
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/xml
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

myvideo-confirm-vast Show response
adx.com.ru/ Frame 932D
Redirect Chain

https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fpresaver.com%2F&uid=&vpaid=false&rolltype=outstream
https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Fpresaver.com%2F&rolltype=outstream&uid=618f80e8d41e064d424be09e&vpaid=false

0
206 B

14ms
14ms

XHR
text/plain

188.34.131.132

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.com.ru/myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Fpresaver.com%2F&rolltype=outstream&uid=618f80e8d41e064d424be09e&vpaid=false
Protocol: H2
Server: 188.34.131.132 -, , ASN (),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://moevideo.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://moevideo.biz
date: Sat, 13 Nov 2021 09:10:00 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
server: nginx/1.20.1
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

date: Sat, 13 Nov 2021 09:10:00 GMT
server: nginx/1.20.1
access-control-allow-origin: https://moevideo.biz
p3p: CP="adx.com.ru does not have a P3P policy"
location: /myvideo-confirm-vast?confirm=1&referer=https%3A%2F%2Fpresaver.com%2F&rolltype=outstream&uid=618f80e8d41e064d424be09e&vpaid=false
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 168

POST
H2 200 49162435 Show response
mc.yandex.com/webvisor/ 43 B
145 B 32ms
31ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/49162435?wmode=0&wv-part=2&wv-hit=490261810&page-url=https%3A%2F%2Fpresaver.com%2F1&rn=326557492&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1636794600%3Aw%3A1600x1200%3Av%3A700%3Az%3A0%3Ai%3A20211113090959%3Au%3A1636794595803193261%3Avf%3A4bjmbg3ayomqwinwev%3Awe%3A1%3Ast%3A1636794600&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://presaver.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 09:10:00 GMT
last-modified: Sat, 13-Nov-2021 09:10:00 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://presaver.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 13-Nov-2021 09:10:00 GMT

GET native
moevideo.biz/ Frame 932D 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.advarkads.com
URL: https://api.advarkads.com/api/vmap?inte=5&id=8099-1-1&target_id=1&type_id=3&session_id=YY-A5mv5ykaXvHyuf8-PpA&width=600&height=338&mref=presaver.com%2Cmoevideo.biz&category_id=4&referer_url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com&page_url=https%3A%2F%2Fmoevideo.biz%2F&headless=0&netecon=4&samehash=1&ip_based_data=2925533-DE-HE-16839

Domain: adx.com.ru
URL: https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fpresaver.com%2F&uid=&vpaid=false&rolltype=outstream

Domain: moevideo.biz
URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
presaver.com/	1970-01-19 22:40:01	Name: XSRF-TOKEN Value: eyJpdiI6Ims0UUxHbDVSN1BnNDB3OTFBWkV0clE9PSIsInZhbHVlIjoid2duSDdHU2xpcU5PK2wwNzVtU0FTQzE5RHdyOTdJLy85cENiNWZyTmtOSEJuZy9kY3NIdE0yK1RSc1BnRFVEQXRBM0RUNTBVZlRSVERwWEVBQWgyQzA3WTZXQzVnbVBhNFMvdUZqNFhGNjFSQnMyQ0JyVGk0cFZPTk5Ed1VZVWoiLCJtYWMiOiI3NzA2YWQ5OTYyOTBiNTRmYzNmOTI0MjBjNTY4ZmUzMDlmNjMzYTU3MmUzMjhiOTk4ZWVjMDBkZmU2YjkzYmI3In0%3D
presaver.com/	1970-01-19 22:40:01	Name: presaver_session Value: eyJpdiI6IlJleDV3TDFFdDk5SnVzVHNwY25WZXc9PSIsInZhbHVlIjoibnFyOWNyOURUY1B1TXpPNUpkNjN1ajM5bTVScVB6Ui9PSGdBV0wwM01UR0ovbmFkMklYa2lPUkNaeld5TlVqMk9FV0pYUDgrYjBrM1dBRWQxeFBJdDZRRjA4U1RoZ1dEc2h3SFdXWjlrKytJdXJTTzB3UHAva3hvR3BVTk15d0ciLCJtYWMiOiI1MTk5Mzc0OTA0MmIwODY5NzA2MGFjYzZmODc0YjE5MDM2ODIxOTAyMTJmZTM0ZWE0MmY1ODY0ZWUyOTYwYjVkIn0%3D
.presaver.com/	1970-01-23 14:18:47	Name: tz Value: 0
.yadro.ru/	1970-01-20 07:24:46	Name: FTID Value: 1XZu3k3CJ6eC1XZu3k0020AZ
.presaver.com/	1970-01-20 16:11:06	Name: _ga Value: GA1.2.1466784802.1636794595
.presaver.com/	1970-01-19 22:41:20	Name: _gid Value: GA1.2.122977771.1636794595
.presaver.com/	1970-01-19 22:39:54	Name: _gat_gtag_UA_139618482_1 Value: 1
.presaver.com/	1970-01-20 07:25:30	Name: _ym_uid Value: 1636794595803193261
.presaver.com/	1970-01-20 07:25:30	Name: _ym_d Value: 1636794595
.yadro.ru/	1970-01-20 07:24:46	Name: VID Value: 3VJEsW1MRweC1XZu3l0020C1
.mc.yandex.com/	1970-01-19 22:39:55	Name: sync_cookie_csrf Value: 889163692fake
.presaver.com/	1970-01-19 22:41:06	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-19 22:39:55	Name: sync_cookie_csrf Value: 1329138812fake
.yandex.com/	1970-01-20 07:25:30	Name: yandexuid Value: 3614444461636794595
.yandex.com/	1970-01-20 07:25:30	Name: yuidss Value: 3614444461636794595
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 838034731636794595
.yandex.com/	1970-01-23 14:15:54	Name: i Value: QjR1QDKCxeS6XfehsTOy/m73prE+9b6Vsg5T+8OHksuCmkL1DemZOcF7jE5I5Ylml3SdSUKeVUHaGMriNooT6SP5mBQ=
.yandex.com/	1970-01-20 07:25:30	Name: ymex Value: 1668330595.yrts.1636794595#1668330595.yrtsi.1636794595
.presaver.com/	1970-01-19 22:39:56	Name: _ym_visorc Value: w
playreplay.me/	1970-01-20 07:25:30	Name: mvuid Value: de3d2055a0e0e17edc4c
playreplay.me/	1969-12-31 23:59:59	Name: mvsid Value: 40926da0-063e-48ee-a41a-fe279507fa4b
moevideo.biz/	1970-01-20 07:25:30	Name: mvuid Value: de3d2055a0e0e17edc4c
moevideo.biz/	1969-12-31 23:59:59	Name: mvsid Value: 40926da0-063e-48ee-a41a-fe279507fa4b
thesame.tv/	1970-01-20 07:25:30	Name: mvuid Value: de3d2055a0e0e17edc4c
thesame.tv/	1969-12-31 23:59:59	Name: mvsid Value: 40926da0-063e-48ee-a41a-fe279507fa4b
playreplay.net/	1970-01-20 07:25:30	Name: mvuid Value: de3d2055a0e0e17edc4c
playreplay.net/	1969-12-31 23:59:59	Name: mvsid Value: 40926da0-063e-48ee-a41a-fe279507fa4b
cs-0.moevideo.biz/	1970-01-20 07:25:30	Name: mvuid Value: de3d2055a0e0e17edc4c
cs-0.moevideo.biz/	1969-12-31 23:59:59	Name: mvsid Value: 40926da0-063e-48ee-a41a-fe279507fa4b
.upravel.com/	1970-01-19 22:39:54	Name: session_tptc Value: 1636794598366
.adsniper.ru/	1970-01-27 05:51:54	Name: uuid3 Value: IiQ3OTk4YTU0Ni00NDYxLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.whiteboxdigital.ru/	1970-01-20 16:10:33	Name: MiId Value: 0356a8ea-52f6-4e02-8656-4745c2ed52ad
.upravel.com/	1970-01-23 14:15:54	Name: user_id Value: 90c0c700-9453-4cf1-a9d9-b1a8f967dfc1
.adhigh.net/	1970-01-20 07:25:30	Name: gi_u Value: 7eahTojVXOd.AikABlF9GI-EIw
.mts.ru/	1970-01-20 07:12:32	Name: dspid Value: ff32e059-b7f0-45ca-a122-e592ec7988d2
.rutarget.ru/	1970-01-20 02:59:06	Name: userId Value: AEX7O3khqazn
.weborama.com/	1970-01-20 08:11:35	Name: wui Value: 9EE7BFCB-632E-42A7-86E5-177339AEEE65
.adriver.ru/	1970-01-20 16:11:06	Name: cid Value: A7tM3Dc6zHmsKl6TMdrcdSQ
.bumlam.com/	1970-01-27 05:51:54	Name: suuid3 Value: IiQ3OTk4YTU0Ni00NDYxLTExZWMtODZlMC0wMDI1OTBjMDY0N2M*
.betweendigital.com/	1970-01-20 07:25:30	Name: dc Value: was1
.betweendigital.com/	1970-01-20 07:25:30	Name: tuuid Value: 31e0105b-f125-533d-8a84-1705eb0b97e3
.betweendigital.com/	1970-01-20 07:25:30	Name: ss Value: 1
.weborama.fr/	1970-01-20 08:11:35	Name: AFFICHE_W Value: t1Z4WyWokoO319
.weborama.com/	1970-01-19 22:49:59	Name: wam-sync Value: ok
.advarkads.com/	1970-01-20 16:11:06	Name: ipb Value: 2925533-DE-HE-16839
.betweendigital.com/	1970-01-20 07:25:30	Name: ut Value: YY-A5gALnKjvBLaBFIcDzYxRN3KdXyQZ2mOfIw==
.mts.ru/	1970-01-23 13:03:54	Name: mts_id Value: d3788846-1403-401a-8bea-064e9754fcd5
.mts.ru/	1970-01-23 13:03:54	Name: mts_id_last_sync Value: 1636794598
.aidata.io/	1970-01-20 16:11:06	Name: __upin Value: oN6VT71Muw3ss5WkeEeFGg
.aidata.io/	1970-01-20 16:11:06	Name: __upints Value: 1636794599
.vk.com/	1970-01-20 07:15:19	Name: remixlang Value: 6
x01.aidata.io/	1970-01-19 22:39:54	Name: mts Value: 1
.doubleclick.net/	1970-01-20 08:01:30	Name: IDE Value: AHWqTUnMx11qlmhZRkMyk6Fl4i9sTNvO-T3hT9f1xoZ7zvbV4DXYuGbyQt5jJXdqgOI
.otm-r.com/	1970-01-20 07:25:30	Name: mpid Value: NjE4ZjgwZTcwZGQzOWIxNw==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9456.U-URHNGtRDXTZy9Gy9oipd4PHq4mLYdm5uvsDSeIx6_zRG-C5tXufQ1Yg98vAmQhj1O18eGcEUKPkUpWIJ7EHw%2C%2C.JM6fVYJitl_TK--V6cCfTVE9Tqc%2C Message: Failed to load resource: the server responded with a status of 400 ()
javascript	error	URL: https://s3.advarkads.com/modules/advarkmanager.html?origin=https%3A%2F%2Fmoevideo.biz Message: Access to XMLHttpRequest at 'https://api.advarkads.com/api/vmap?inte=5&id=8099-1-1&target_id=1&type_id=3&session_id=YY-A5mv5ykaXvHyuf8-PpA&width=600&height=338&mref=presaver.com%2Cmoevideo.biz&category_id=4&referer_url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com&page_url=https%3A%2F%2Fmoevideo.biz%2F&headless=0&netecon=4&samehash=1&ip_based_data=2925533-DE-HE-16839' from origin 'https://s3.advarkads.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.advarkads.com/api/vmap?inte=5&id=8099-1-1&target_id=1&type_id=3&session_id=YY-A5mv5ykaXvHyuf8-PpA&width=600&height=338&mref=presaver.com%2Cmoevideo.biz&category_id=4&referer_url=https%3A%2F%2Fmoevideo.biz%2Fnative%3Fid%3Dmv-content-roll-2596%26slot%3Dcontent%26api%3D2.0%26ref%3Dpresaver.com&page_url=https%3A%2F%2Fmoevideo.biz%2F&headless=0&netecon=4&samehash=1&ip_based_data=2925533-DE-HE-16839 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://pubads.g.doubleclick.net/gampad/ads?iu=/312118777/Red_Digital/RedDigital_video_USN&description_url=https%3A%2F%2Fpresaver.com%2F&url=https%3A%2F%2Fpresaver.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=vast&unviewed_position_start=1&env=vp&impl=s&correlator=9013467&sid1=2453607411 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://moevideo.biz/native?id=mv-content-roll-2596&slot=content&api=2.0&ref=presaver.com Message: Access to XMLHttpRequest at 'https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fpresaver.com%2F&uid=&vpaid=false&rolltype=outstream' from origin 'https://moevideo.biz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://adx.com.ru/myvideo-vast?confirm=true&referer=https%3A%2F%2Fpresaver.com%2F&uid=&vpaid=false&rolltype=outstream Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

90c0c700-9453-4cf1-a9d9-b1a8f967dfc1.sync.upravel.com
ad.adriver.ru
ad.mail.ru
ads.betweendigital.com
adx.com.ru
am-0.moevideo.biz
api.advarkads.com
cackle.me
cdn.jsdelivr.net
clientside-video-bidder.rutarget.ru
counter.yadro.ru
cs-0.moevideo.biz
dm-eu.hybrid.ai
dx.frontend.weborama.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gravatar.com
i1.wp.com
j.cackle.me
login.vk.com
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
moe.video
moevideo-sync.rutarget.ru
moevideo.biz
playreplay.me
playreplay.net
presaver.com
pub-eu.p.otm-r.com
pubads.g.doubleclick.net
public.advarkads.com
px.adhigh.net
rd.frontend.weborama.fr
rtb.com.ru
s3.advarkads.com
sm.rtb.mts.ru
ssp.bidvol.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.upravel.com
sync3.adsniper.ru
tech.rtb.mts.ru
thesame.tv
vk.com
www.google-analytics.com
www.googletagmanager.com
x01.aidata.io
adx.com.ru
api.advarkads.com
moevideo.biz
116.202.236.228
142.250.185.130
144.76.119.17
148.251.78.49
159.69.59.100
176.9.8.252
188.34.131.132
192.0.77.2
192.0.80.242
193.232.150.60
195.209.108.51
213.87.44.187
217.66.147.169
2606:4700:10::6816:457
2606:4700:3034::ac43:b14b
2606:4700::6810:5614
2a00:1148:db00::17
2a00:1450:4001:80e::2003
2a00:1450:4001:827::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82b::200a
2a02:6b8::1:119
31.172.81.159
31.172.81.160
35.190.16.14
35.201.80.102
37.18.103.16
65.108.1.48
80.64.106.148
80.64.106.150
81.163.17.245
83.222.114.186
87.240.129.135
87.240.139.194
88.212.201.204
88.212.233.108
89.108.119.28
92.223.103.115
92.223.103.52
92.223.103.59
92.223.103.7
92.38.138.49
92.38.138.51
92.38.138.52
94.130.71.126
95.213.129.125
96.46.186.57
021ffecd12a95bd32ac68c836378aacde160419ba034afac25effd8ff32af4b4
1b83275fb39694198b3b2a1c019d2278e312b71dc29cf3d66f8b6e071a0a27d0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2950bc3fd628cb8a8c6b1367f664e31353a6ff9edd99c3f2831ce548610a05b0
299875a7185e097ca07e3e512d4902e89c627adc9fa1f09aa56933217ed60d80
2b2a0ec5190589d2d1e44aadfcda6283283f4f95d9828cf8259f63bc7e093677
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3528345ac5338cb218edf5d9484d631c7fb7eb2c2d442ef03e3c950defe355b5
363dd1a51491ff56b5dc6e77a65edbec2048c8862c4076d786f49b900883db51
3a248e3dc8f3d63cc8242b7ca0c04bca44058e0732bb9343f4e138ce24e79b56
3f98cc8bef2a3a87ffe948e7fd805858eefede4f98d1a37c3dceb83cc2bb4ac2
3fadbc684d39c89871c5e955e22d4a7322e661cbc03e875441f6ea1ec3884733
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
496d7ce31af38b0a6aa9178c0714598621613fa62420dbad92a8f3649bb1c2c2
4ff9af7c7f4c81c67cf206fb527c352456e46e1a23ede23e89ac532c66afe1f4
52732007dd790f73859fc299aef99cd5aaff8c209e045f02ce3b0285a0567095
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5568d248345d825506f88f50e3fb1cd7c05b8b1d2c8a43de15ea3b9314fa0341
55a8269a9ad8cd1bb408b968b3b2264430dd2cb68ddac8d5ee4e68ba802bb660
5979465499d10f2886f567b9395f6d58ffd757ab3f2cf998e3667b6c2499a985
5d3f094734e47a48f932c0f482abe3e8a14791ae07583a8726e7df34a429b83e
5ddea45f7eb06a894584093adf3edfed13711ab62db3016f2461d7cbfebce0f1
6add357eb64adef558f956767816927de0b8be69dd7a8f50953a0f79ee20daee
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d37cd594b379941ea29a61d2589b587972ee2fc3e569e95e9f98c0a7595bfd1
7c2c61b7f8b8289579ca4a0dde7cfb784f98fcfe083d137d3a9e8d93cd5879df
7d09bb222b67e1a06a418fbfdca6eac1170f990e50ac0582398dc9b1901f793f
7fc0b8b8f89f4fc12be0dd43fcc8e4907bf83b2b906828d96becd23a5407bbde
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8981b7634262efb2ccddde3aaf691c544eb2e2a9f95fe7f7976d6574a14999e4
96ece815756726d4acfc51349a5b26cf5cd05d6ade637be117dbe998837a939d
9b33810d308f761a076f7d2ddd720839b719bee12e8082e42b3d2042b5041090
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a46175458f028de2d3304964d119d36dd9c3bdad03f68ca3cf1e75ad08de2887
a4fe42ff9a5315f45a81b2ae59f9e9d35806b5f23ed19ac0c3ba9bbbac8384f3
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
aa085cea6f4043ea90f64d520e9cce89cc82b6a813ebd69b588f668065031cf4
ba4629ec64b36417510c5f4fc511ecd93b20e4e4f8ab8401056dd326095cd757
c552f6e085fb5cf5196d9ef32b915c9591a4459ab5b92178a1f49b8ccb96a375
c5e57602d71b6ae75248a554d8f5e7d43f2a750574d4b006c1659804e67e51b1
c61dbecbc22df05d357d54eafbe04163af59b163a69e1e71c49a3d1ab7e37bb9
c847cfbe83788fb7472e0ca76fcb041695ed7e704d5943c4e9e3b934fe611d09
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca1338d10dc789e3b29fcbfd1ee840acc8e6f7e17acf6197b0e0b2bcfb59a397
cab290f4c3e08a3d377b57d5a497f4089cda26bb2df4256f03032dc2d1d2821d
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cffcfb93817681351e19f7f0156118f4c8eb1b662f948d6e06a6882ce6ac3779
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d05a62e2a0f48aab57b64cbfce86982ee3c3d90bf436cc52a45ad600a1373f8d
db4857f9c629c7255011feed900ea424555f595daea63a20cb9d28f659024778
df31e1db2d0bdaf926af6d9c7b43ffdcfeb08450e505208f586d31ceb23ab956
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68b752672be141ab41f610b7f225bb9dcb20d2716dc3a8e3beed45d120a1363
ed75109404e5ed7750f964bfe12245ad0d67cd4fb6d2d4138ee094d322477c82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7cc45592eb8af039c62ec23fea875d265ce8b20bef061daaadef88bfaddaed
f3794e9a7f229210e1dbaf831a62918c9edfc09a90a6684dcc0468f461c20e0c
f812ed1bdb6641e3b45bec98cacc214e8a724daaf5d29718d08fc75abe21ae04
fb428ed432b2090daf7f204e0daaec8981821e9bd6ca186a052ea6e707160801
fc82a1a40b05b973cf6c2c43df1eb3df0b025a58a96d7ff6c7d2eb1420dac6e6

presaver.com Open in urlscan Pro 2606:4700:3034::ac43:b14b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

91 Requests

79 %HTTPS

19 %IPv6

38 Domains

49 Subdomains

37 IPs

4 Countries

1545 kBTransfer

2778 kBSize

54 Cookies

5 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

presaver.com Open in urlscan Pro
2606:4700:3034::ac43:b14b Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

79 %
HTTPS

19 %
IPv6

38
Domains

49
Subdomains

37
IPs

4
Countries

1545 kB
Transfer

2778 kB
Size

54
Cookies

91 HTTP transactions
2 data transactions