Submitted URL: https://licloud.in/PPgnYCa
Effective URL: https://a.afly.pro/PPgnYCa
Submission: On June 17 via api from US — Scanned from DE

Summary

This website contacted 75 IPs in 7 countries across 58 domains to perform 235 HTTP transactions. The main IP is 2606:4700:3033::ac43:9eb0, located in United States and belongs to CLOUDFLARENET, US. The main domain is a.afly.pro. The Cisco Umbrella rank of the primary domain is 452946.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time a.afly.pro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
17 216.58.212.162 15169 (GOOGLE)
1 205.185.216.42 20446 (STACKPATH...)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2a00:1450:401... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 45.133.44.4 39572 (ADVANCEDH...)
1 217.182.228.53 16276 (OVH)
1 5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.241.157.60 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 108.156.255.76 16509 (AMAZON-02)
1 104.79.89.16 16625 (AKAMAI-AS)
4 209.205.197.154 55081 (24SHELLS)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
7 34.231.197.99 14618 (AMAZON-AES)
1 104.90.161.232 16625 (AKAMAI-AS)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
5 45.133.44.3 39572 (ADVANCEDH...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 143.204.89.3 16509 (AMAZON-02)
1 54.203.27.146 16509 (AMAZON-02)
1 46.105.202.126 16276 (OVH)
1 141.95.4.204 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a02:26f0:ef:... 20940 (AKAMAI-ASN1)
16 18.156.195.47 16509 (AMAZON-02)
1 18.66.122.63 16509 (AMAZON-02)
2 37.252.161.190 29990 (ASN-APPNEX)
11 185.33.221.91 29990 (ASN-APPNEX)
2 213.19.147.42 26120 (RHYTHMONE)
5 216.52.2.48 29791 (VOXEL-DOT...)
1 169.63.109.126 36351 (SOFTLAYER)
5 51.38.120.206 16276 (OVH)
1 7 147.75.85.234 54825 (PACKET)
2 34.149.20.76 15169 (GOOGLE)
1 11 172.67.10.198 13335 (CLOUDFLAR...)
1 34.107.148.139 15169 (GOOGLE)
1 13.32.99.89 16509 (AMAZON-02)
1 162.19.138.119 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.205.46.89 14618 (AMAZON-AES)
3 141.95.98.69 16276 (OVH)
4 23.227.137.155 55081 (24SHELLS)
1 34.201.234.123 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 37.157.4.29 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.67.209.155 16509 (AMAZON-02)
4 185.184.8.90 204995 (RTB-HOUSE...)
5 178.250.2.131 44788 (ASN-CRITE...)
3 7 46.249.52.248 50673 (SERVERIUS-AS)
2 2602:803:c004... 26667 (RUBICONPR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2 34.254.107.25 16509 (AMAZON-02)
3 23.20.184.128 14618 (AMAZON-AES)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 52.223.40.198 16509 (AMAZON-02)
1 1 193.122.128.135 31898 (ORACLE-BM...)
1 184.87.212.214 16625 (AKAMAI-AS)
1 18.156.0.31 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
4 178.250.0.157 44788 (ASN-CRITE...)
1 3.210.87.30 14618 (AMAZON-AES)
1 52.213.127.205 16509 (AMAZON-02)
1 151.101.129.108 54113 (FASTLY)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 184.87.212.24 ()
235 75
Apex Domain
Subdomains
Transfer
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
287 KB
17 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1032
ups.analytics.yahoo.com — Cisco Umbrella Rank: 308
964 B
14 adnxs.com
prebid.adnxs.com — Cisco Umbrella Rank: 1823
ib.adnxs.com — Cisco Umbrella Rank: 247
acdn.adnxs.com — Cisco Umbrella Rank: 603
124 KB
13 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 739
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2507
4 KB
12 modoro360.com
tg1.modoro360.com — Cisco Umbrella Rank: 106454
servt.modoro360.com — Cisco Umbrella Rank: 97734
serv.modoro360.com — Cisco Umbrella Rank: 128406
servs.modoro360.com — Cisco Umbrella Rank: 179568
12 KB
11 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5841
csync.smilewanted.com
2 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
604 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 9
adservice.google.com — Cisco Umbrella Rank: 92
25 KB
7 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6931
5 KB
7 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 5839
ghb.adtelligent.com — Cisco Umbrella Rank: 6412
ghb1.adtelligent.com — Cisco Umbrella Rank: 8221
100 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1259
1 KB
7 afly.pro
a.afly.pro — Cisco Umbrella Rank: 452946
149 KB
6 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1693
252 KB
6 adipolo.com
player.aplhb.adipolo.com — Cisco Umbrella Rank: 127329
ghb.aplhb.adipolo.com — Cisco Umbrella Rank: 132261
signup.adipolo.com — Cisco Umbrella Rank: 187521
36 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
5 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 318
109 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 813
2 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1498
sync.1rx.io — Cisco Umbrella Rank: 557
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6622
702 B
4 adform.net
adx.adform.net — Cisco Umbrella Rank: 4033
809 B
4 googlesyndication.com
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
7 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 7295
1 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1574
id5-sync.com — Cisco Umbrella Rank: 581
13 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
44 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2430
mp.4dex.io — Cisco Umbrella Rank: 3434
24 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 9409
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1245
at.teads.tv — Cisco Umbrella Rank: 4424
s8t.teads.tv — Cisco Umbrella Rank: 3069
5 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
529 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 651
771 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 521
2 KB
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1375
hbx.media.net
1 KB
2 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1899
517 B
2 gcprivacy.com
p.gcprivacy.com — Cisco Umbrella Rank: 24643
p2.gcprivacy.com — Cisco Umbrella Rank: 13494
1 KB
2 fervorstech.com
p.fervorstech.com — Cisco Umbrella Rank: 80639
25 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
109 KB
2 adtcdn.com
player.adtcdn.com — Cisco Umbrella Rank: 22581
112 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 246
cloudflare.com — Cisco Umbrella Rank: 156
7 KB
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1631
332 B
1 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 5364
582 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 994
433 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com Failed
6 KB
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1232
406 B
1 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 642
533 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1931
324 B
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1509
592 B
1 in-appadvertising.com
in-appadvertising.com — Cisco Umbrella Rank: 14682
547 B
1 ovh.net
storage.de.cloud.ovh.net — Cisco Umbrella Rank: 164054
15 KB
1 ad.gt
id.halo.ad.gt — Cisco Umbrella Rank: 4957
1 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1427
api.rlcdn.com Failed
36 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
28 KB
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 9257
61 KB
1 hbwrapper.com
cat.hbwrapper.com — Cisco Umbrella Rank: 14818
255 B
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13091
144 KB
1 adapex.io
cdn.adapex.io — Cisco Umbrella Rank: 20238
126 KB
1 greeter.me
jscdn.greeter.me — Cisco Umbrella Rank: 121676
8 KB
1 licloud.in
licloud.in
877 B
0 criteo.net Failed
static.criteo.net Failed
235 58
Domain Requested by
17 securepubads.g.doubleclick.net a.afly.pro
securepubads.g.doubleclick.net
16 c2shb.pubgw.yahoo.com cdn.adapex.io
11 ib.adnxs.com cdn.adapex.io
player.adtcdn.com
player.adtelligent.com
player.aniview.com
acdn.adnxs.com
10 prebid.smilewanted.com cdn.adapex.io
player.adtcdn.com
7 pbjs.e-planning.net 3 redirects a.afly.pro
player.adtcdn.com
7 prebid.a-mo.net 1 redirects cdn.adapex.io
player.adtcdn.com
player.adtelligent.com
player.aniview.com
7 servt.modoro360.com a.afly.pro
player.aniview.com
7 a.afly.pro a.afly.pro
6 player.aniview.com player.avplayer.com
player.aniview.com
6 www.gstatic.com www.google.com
www.gstatic.com
6 fonts.googleapis.com a.afly.pro
securepubads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 bidder.criteo.com player.adtcdn.com
player.adtelligent.com
player.aniview.com
5 onetag-sys.com cdn.adapex.io
player.adtcdn.com
5 ap.lijit.com cdn.adapex.io
player.adtcdn.com
player.aniview.com
5 www.google.com 1 redirects a.afly.pro
www.gstatic.com
www.google.com
4 mug.criteo.com a.afly.pro
4 gum.criteo.com 2 redirects
4 prebid-eu.creativecdn.com player.adtcdn.com
player.adtelligent.com
4 adx.adform.net player.adtcdn.com
4 adservice.google.com securepubads.g.doubleclick.net
4 adservice.google.de securepubads.g.doubleclick.net
4 fonts.gstatic.com fonts.googleapis.com
www.google.com
4 ghb.aplhb.adipolo.com player.aplhb.adipolo.com
4 c.amazon-adsystem.com cdn.adapex.io
c.amazon-adsystem.com
3 sync.1rx.io 3 redirects
3 servs.modoro360.com player.aniview.com
3 ghb.adtelligent.com p.fervorstech.com
player.adtcdn.com
3 id5-sync.com cdn.id5-sync.com
cdn.adapex.io
player.adtcdn.com
3 player.adtelligent.com player.adtcdn.com
p.fervorstech.com
player.adtelligent.com
2 tpc.googlesyndication.com a.afly.pro
2 match.adsrvr.org player.aniview.com
2 ad.360yield.com 2 redirects
2 fastlane.rubiconproject.com player.adtcdn.com
2 script.4dex.io player.adtcdn.com
script.4dex.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ssc.33across.com cdn.adapex.io
2 tag.1rx.io cdn.adapex.io
player.aniview.com
2 prebid.adnxs.com cdn.adapex.io
2 p.fervorstech.com player.adtcdn.com
p.fervorstech.com
2 www.googletagmanager.com a.afly.pro
www.googletagmanager.com
2 player.adtcdn.com a.afly.pro
1 hbx.media.net 1 redirects
1 csync.smilewanted.com 1 redirects
1 pagead2.googlesyndication.com
1 googleads.g.doubleclick.net a.afly.pro
1 ghb1.adtelligent.com player.adtcdn.com
1 acdn.adnxs.com player.aniview.com
1 id.crwdcntrl.net cdn.adapex.io
1 idx.liadm.com cdn.adapex.io
1 csync.loopme.me 1 redirects
1 ups.analytics.yahoo.com player.aniview.com
1 ads.pubmatic.com player.aniview.com
1 sync.technoratimedia.com 1 redirects
1 tlx.3lift.com player.adtcdn.com
1 mp.4dex.io player.adtcdn.com
1 region1.google-analytics.com www.googletagmanager.com
1 serv.modoro360.com player.aniview.com
1 p2.gcprivacy.com a.afly.pro
1 c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 geo.privacymanager.io ats.rlcdn.com
1 prebid.media.net cdn.adapex.io
1 in-appadvertising.com cdn.adapex.io
1 p.gcprivacy.com cdn.adapex.io
1 signup.adipolo.com a.afly.pro
1 storage.de.cloud.ovh.net a.afly.pro
1 cdn.id5-sync.com a.afly.pro
1 id.halo.ad.gt a.afly.pro
1 ats.rlcdn.com a.afly.pro
1 www.googletagservices.com jscdn.greeter.me
1 s8t.teads.tv a.afly.pro
1 at.teads.tv a.teads.tv
1 player.avplayer.com tg1.modoro360.com
1 a.teads.tv cdn.adapex.io
1 cloudflare.com cdn.adapex.io
1 cat.hbwrapper.com cdn.adapex.io
1 i.ibb.co a.afly.pro
1 player.aplhb.adipolo.com player.adtcdn.com
1 cdnjs.cloudflare.com a.afly.pro
1 cdn.adapex.io a.afly.pro
1 tg1.modoro360.com a.afly.pro
1 jscdn.greeter.me a.afly.pro
1 licloud.in 1 redirects
0 static.criteo.net Failed player.adtcdn.com
0 api.rlcdn.com Failed cdn.adapex.io
0 image6.pubmatic.com Failed ads.pubmatic.com
235 87

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
adssettings.google.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
greeter.me
E1
2022-05-20 -
2022-08-18
3 months crt.sh
wl1.aniview.com
R3
2022-05-23 -
2022-08-21
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
player.aplhb.adipolo.com
R3
2022-05-20 -
2022-08-18
3 months crt.sh
ibb.co
R3
2022-06-07 -
2022-09-05
3 months crt.sh
www.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
cat.hbwrapper.com
R3
2022-06-05 -
2022-09-03
3 months crt.sh
cloudflare.com
Cloudflare Inc ECC CA-3
2022-05-04 -
2023-05-04
a year crt.sh
c.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-18
a year crt.sh
teads.tv
R3
2022-06-01 -
2022-08-30
3 months crt.sh
ghb.aplhb.adipolo.com
ZeroSSL ECC Domain Secure Site CA
2022-06-10 -
2022-09-08
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
outstreamedia.com
R3
2022-05-08 -
2022-08-06
3 months crt.sh
*.adservrs.com
Amazon
2022-04-26 -
2023-05-25
a year crt.sh
p.fervorstech.com
R3
2022-06-14 -
2022-09-12
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
halo.ad.gt
Amazon
2022-04-04 -
2023-05-03
a year crt.sh
cdn.id5-sync.com
R3
2022-04-13 -
2022-07-12
3 months crt.sh
storage.de.cloud.ovh.net
Sectigo RSA Domain Validation Secure Server CA
2022-02-22 -
2023-02-22
a year crt.sh
signup.adipolo.com
Cloudflare Inc ECC CA-3
2021-08-07 -
2022-08-06
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-08 -
2022-08-31
6 months crt.sh
*.gcprivacy.com
Amazon
2022-01-02 -
2023-01-31
a year crt.sh
prebid.adnxs.com
GeoTrust TLS RSA CA G1
2022-02-28 -
2023-03-31
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2022-02-11 -
2023-03-14
a year crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2021-06-01 -
2022-07-02
a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2
2022-03-11 -
2023-04-12
a year crt.sh
*.in-appadvertising.com
Sectigo RSA Domain Validation Secure Server CA
2021-06-29 -
2022-07-30
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-10 -
2023-01-03
a year crt.sh
*.a-mo.net
R3
2022-05-05 -
2022-08-03
3 months crt.sh
ssc.33across.com
GTS CA 1D4
2022-05-20 -
2022-08-18
3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA
2022-04-06 -
2023-05-04
a year crt.sh
*.privacymanager.io
Amazon
2021-09-25 -
2022-10-24
a year crt.sh
player.adtelligent.com
R3
2022-05-20 -
2022-08-18
3 months crt.sh
*.eu-1-id5-sync.com
R3
2022-06-01 -
2022-08-30
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-06-06 -
2022-09-04
3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
*.3lift.com
Amazon
2022-05-13 -
2023-06-11
a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-17 -
2023-04-12
a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-06-15 -
2022-09-18
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2022-03-08 -
2023-04-04
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA
2022-02-04 -
2023-02-03
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-06-07 -
2022-11-30
6 months crt.sh
*.liadm.com
Amazon
2021-10-31 -
2022-11-28
a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2022-05-01 -
2023-06-02
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2022-03-11 -
2023-04-11
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA
2022-06-09 -
2022-09-07
3 months crt.sh
*.e-planning.net
R3
2022-05-17 -
2022-08-15
3 months crt.sh

This page contains 16 frames:

Primary Page: https://a.afly.pro/PPgnYCa
Frame ID: B5ED868D81BA66EB147C546153E9B0B6
Requests: 181 HTTP requests in this frame

Frame: https://p.fervorstech.com/prebidlink/19160/j.html?i=12916
Frame ID: 93611605D5CFC74DEBA70CC1E148BC9F
Requests: 17 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Frame ID: 1676FBD74EE39C5CF19AB8F83AEE29D9
Requests: 6 HTTP requests in this frame

Frame: https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 961DEAE0A5B750F500B7C42A00A39625
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Frame ID: B4412D3E9B16D0393886F1E7FFD21F96
Requests: 8 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1655484504298-942280382455-006803-000-006067&key=18010e05-e261-4acc-a605-d5140af7caa8
Frame ID: DA0DB8266C9673BF5D4B5439D4C1F9F0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8048896307
Frame ID: 96F6B192CE4CA0F2A5AC01F59B1C4879
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1655484504298-942280382455-006803-000-006067&key=GDPR
Frame ID: 09BAB8A0BD8DE72929978723BC504F4B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D
Frame ID: 9E91243FCF09EC2B88F54EE978D1E4F3
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%24UID
Frame ID: 71C216A084BB89552926F0571C78B2E7
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Frame ID: 3EFBBCBAEB395C1986577AB3AB1A9A46
Requests: 1 HTTP requests in this frame

Frame: https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1655484504298-942280382455-006803-000-006067&key=0cb14b58-0866-4ce5-92e7-fb78b95abbb5
Frame ID: 9B1CB39CAB89940FEAC9838E95962CD1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc
Frame ID: 8A16838919E862413C00FC929D8D327F
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 06E93589BA72FBC4CC01B0D961863BD2
Requests: 2 HTTP requests in this frame

Frame: https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 63C594C7C32A0B8327AE1C222E19D720
Requests: 1 HTTP requests in this frame

Frame: https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2E4347301DCED1ED1B46B50F95C46434
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://licloud.in/PPgnYCa HTTP 301
    https://a.afly.pro/PPgnYCa Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

235
Requests

91 %
HTTPS

38 %
IPv6

58
Domains

87
Subdomains

75
IPs

7
Countries

2519 kB
Transfer

7301 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://licloud.in/PPgnYCa HTTP 301
    https://a.afly.pro/PPgnYCa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 119
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&e_pubcid=bea6693e-70dd-4033-9219-c3baf26fc3ed HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&e_pubcid=bea6693e-70dd-4033-9219-c3baf26fc3ed
Request Chain 131
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
Request Chain 135
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
Request Chain 144
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%7BPUB_USER_ID%7D HTTP 302
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1655484504298-942280382455-006803-000-006067&key=18010e05-e261-4acc-a605-d5140af7caa8
Request Chain 145
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%5BRX_UUID%5D&cb=1655484504481 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8048896307
Request Chain 146
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1655484504298-942280382455-006803-000-006067&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D3%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%5BUSER_ID%5D HTTP 307
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1655484504298-942280382455-006803-000-006067&key=GDPR
Request Chain 150
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%7Bdevice_id%7D HTTP 307
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1655484504298-942280382455-006803-000-006067&key=0cb14b58-0866-4ce5-92e7-fb78b95abbb5
Request Chain 177
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ypHLpnwyaVJNdGxSQjJoS3Urd0NVcWZHalhTUkV1ZzkzVVF3eEtMOTJDYzFHN3QrcHpEMUJLekF6eGcwRzh2T0pqcFdZVkYwTS9DSGdMNlZwazBuTTNKZ0tvOTBYUG93MFU4bVhGMk1pQzQ0djAwV3B0NGVaOW9tMXpvNDIvYTNxcjU2WEFnaW5kZTVDNnQ5bVpOVjZyUWJ3MnIyby9IKyt2M2cyM0h6V09sbDFxS1FxZWpiai9CbGtObWFGc0xlWFZLam96R1VCTEVoVUZ6SFJocVZmLy9STEE0S0tidG1SL3FwWWtsRWd4ZExoYURBPXw&cppv=2
Request Chain 221
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 231
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=19gDjHxOTUtaRkpManlIKzhmS2o1ZEJ4bGp5enpjRTJPb2szSHppeEZ3VlpmZ1RCbVJoMzUyNDllTWdrTHRWV1F6b2t3ZUtOczYreVlQSG1hRURMTUZmeXFlRkpxVlYyUkNTR3RMUVJ4Y1d1NWFHQVBiemlyNjU5T2N4SUVlRUJ2aS9iUXJDbWpxNXdUd2hUSVdSR3hGZmttYW9ETHZDYXJXem5SZVVEM3FGQm15akF4c3R0b20wZ3hlZTQ3bzM3T1E4c2RsWWpUNlJua1hsaXQrT1NHOG5PWElEazVKdGpJQnZtYWFmUWNJSzErZHRjPXw&cppv=2
Request Chain 236
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&f=i&uid=34fe156e16de692bccce41c03dfae1b7
Request Chain 237
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
Request Chain 238
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7410115936
Request Chain 239
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=6cf1a0ea-2e51-4b1c-99cd-10ff862026fc&gdpr=&gdpr_consent=&us_privacy=

235 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request PPgnYCa
a.afly.pro/
Redirect Chain
  • https://licloud.in/PPgnYCa
  • https://a.afly.pro/PPgnYCa
92 KB
26 KB
Document
General
Full URL
https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d72017a59e0ef725206093beae3ba17d7249acf2ea8fde7a4c24149c34277e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
71cd45be3fd69bf8-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:48:23 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IIssmISa1v7c%2FTitvd0vDP1IcKPhwNtMvP7b3FpO%2BhW562KyfJSAkM2BQIGtVUbfq4c0945UPhEDgJg3BogYx7XYnfM1E8AcL11Nc307MI6fU9QoQXmaqAuvdMWLJgZJazqj1ReUwKHo"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
71cd45b97b7e9031-FRA
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:48:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://a.afly.pro/PPgnYCa
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PcJkBdu2%2FwnaTOTbInYeo%2FB%2F2PRUoVCvJraA%2BNGs8f5XlXuZ%2FYN1TNcwSvcsglxMhnzBjY3PukIqcY%2FyNPO9kh%2FatyhATjnNqZbMwo6CuD%2BQaYuMQNgxPYdzFe53Xw5hbVB9leqY4GuY"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN, SAMEORIGIN
x-robots-tag
noindex, nofollow
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
f70e19eb47044dc28778ea6e3215b5d69b94887e54dd2019752692baef13489a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27908
x-xss-protection
0
server
sffe
etag
"1247 / 34 of 1000 / last-modified: 1655464010"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Jun 2022 16:48:23 GMT
dynamicrashed.js
jscdn.greeter.me/
8 KB
8 KB
Script
General
Full URL
https://jscdn.greeter.me/dynamicrashed.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
205.185.216.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
218787638817e37992f8c5df113784c7f30a0deaa9abb296a029112d81a8cdce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
Connection
Keep-Alive
Last-Modified
Mon, 30 Aug 2021 09:10:48 GMT
x-amz-request-id
tx0000000000000025667ba-0062acabe1-5242291f-fra1b
etag
"7b977ac9322042ee4a980a8d8ef73068"
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1655484503.dop204.am5.t,1655484503.cds001.am5.shn,1655484503.dop204.am5.t,1655484503.cds307.am5.c
Content-Type
text/javascript
Cache-Control
max-age=2458
x-rgw-object-type
Normal
strict-transport-security
max-age=15552000; includeSubDomains; preload
Accept-Ranges
bytes
Content-Length
7895
spt
tg1.modoro360.com/api/adserver/
22 KB
6 KB
Script
General
Full URL
https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=6140a5a747e57404ec5977fe&AV_PUBLISHERID=615083ec2eec7c62d8776ba2
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e1a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
cb4ede43bd7ccfea495fa09e302b5400b02653f1bc37286b6fa2cb39cb9b524f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
5935
Expires
Fri, 17 Jun 2022 16:53:23 GMT
aaw.afl.js
cdn.adapex.io/hb/
463 KB
126 KB
Script
General
Full URL
https://cdn.adapex.io/hb/aaw.afl.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1372a619189a59fd566368e36784e9e7805023bb5f7e98f730c42b4c2c82b11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31807
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 07 Jun 2022 03:22:54 GMT
server
cloudflare
etag
W/"629ec48e-73aa5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvNhERThhvcstr4DkMEfj3yaqEpghVQwr62Vbt0akfOFSMudX0kkMTgeFkDwTkqYIQELzm8BqSwGafbv7d43Js2o35O7RVf27M0CDQTKRubvoXDLeyjBpQR4xGSe18mIjDjjLcU2q67ONr0c"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
71cd45c28a9a918c-FRA
expires
Sat, 18 Jun 2022 03:25:05 GMT
styles.min.css
a.afly.pro/cloud_theme/build/css/
164 KB
28 KB
Stylesheet
General
Full URL
https://a.afly.pro/cloud_theme/build/css/styles.min.css
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65f8a23069807473f5609822a2ef6509afb6384a87695fa4b87e54a86e8c603a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2000070
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Sep 2019 22:14:56 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9e2CXBra8DNIJozbtLyu97WD3KWJ3waFFf94aAeu5nWr0W7HPEGDmCZkyxjgpxpB5M5KBv08l%2BFC0R98XBUkB41F8vfeRojSdZayQ%2FHPSMqAPqlg667qwqGEXMQay1RL59MgM%2BLKS%2Fm"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
71cd45c22eab9bf8-FRA
expires
Fri, 24 Jun 2022 13:13:53 GMT
css
fonts.googleapis.com/
11 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2d878b667d54c03cad23bf230559cab36e53baa5ddff26ddbadd4f275ccb53e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 15:16:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:23 GMT
icon
fonts.googleapis.com/
569 B
868 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 16:48:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:23 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3776058
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BF4M7b1924Jjz%2FDbAA%2F%2B7ckNmP%2FdIfGEhqx0OnHKjWySEVG45WNQYFxDlyeCwY5uPQnsfL9L2X2oJyf5tcUATwyE%2BpUBYoZCCbVM9L1eVMzqLuGjUt8aafOTLDkDYxDxO%2FnMASMVGp93Z%2BSQE8nDiYso"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71cd45c24fd26987-FRA
expires
Wed, 07 Jun 2023 16:48:23 GMT
css
fonts.googleapis.com/
3 KB
622 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e4e735eaeeb3dcf7bfe26c0a6990d0e162bdcd06cacab1ba8ee0c234ddae328f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 16:00:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:23 GMT
css
fonts.googleapis.com/
6 KB
681 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lora:400,700,400italic,700italic&subset=latin
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7953eaab5e8d1a017a1b9618bbef7b2a62cb3c953182445c7a40251471dff926
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 16:48:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:23 GMT
css
fonts.googleapis.com/
28 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
88156593eff159f60d89ae065edc04e3ceb759b26d930cfe9ba3c7e589ee438c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 16:08:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:23 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:23 GMT
hb_323303_10647.js
player.adtcdn.com/prebidlink/459856/
381 KB
111 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
467b90f80e743bfd4c6d0a69cf9e59f7e6f88e62774c0a8c8814cd9cf99d8025

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 06 Jun 2022 08:52:21 GMT
server
cloudflare
etag
W/"629dc045-5f44f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b1saRQuPKmuHZyky4Bh1CNVeoZAEIVxzzwBqxoW7W925TmipjN8v8Z5Ls4dqu7y8ZRifgWtRzvdubOIKAGP9yu12NOcCQCyMU3kdl14r5sCPbajCfr5JWVECpxlIwG3bLefdJnu%2Bp80gWOHd0Aot%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
71cd45c26dd3928f-FRA
expires
Fri, 17 Jun 2022 17:01:36 GMT
wrapper_hb_323303_10647.js
player.adtcdn.com/prebidlink/459856/
789 B
1 KB
Script
General
Full URL
https://player.adtcdn.com/prebidlink/459856/wrapper_hb_323303_10647.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19521f51ffa72850ea9b0fd87487088a05efa2b563ac0def21bf7a8cb0fa5512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Jun 2022 14:46:39 GMT
server
cloudflare
etag
W/"62ac93cf-315"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eEzC4z1gJ5NmL4bBJShf0Hu9IRj5E3l%2F49dXf0vhlywsYlAV5a3iJAcPR5vdPElLWh%2Ffqn2x2rXSvM3cxyz%2Bc4qGlwOEIKnKXUUf7lz%2FDJehhLdFktCoxpegFyYMl01W5VJ8KzK%2B1MGTvpUsMB3bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=345600
cf-ray
71cd45c26dd8928f-FRA
expires
Fri, 17 Jun 2022 17:01:36 GMT
hbw_master_323303_10647.js
player.aplhb.adipolo.com/prebidlink/459856/
229 KB
35 KB
Script
General
Full URL
https://player.aplhb.adipolo.com/prebidlink/459856/hbw_master_323303_10647.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/wrapper_hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
19f837b3071299c27f3122f9b77c79dbf95b3ccd3ec3c140be9d70375dec56a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
last-modified
Fri, 17 Jun 2022 14:46:39 GMT
server
nginx
etag
W/"62ac93cf-394ee"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
expires
Fri, 17 Jun 2022 17:48:23 GMT
CLICK-HERE-TO-GET-LINK-1.png
i.ibb.co/FgMpHcJ/
143 KB
144 KB
Image
General
Full URL
https://i.ibb.co/FgMpHcJ/CLICK-HERE-TO-GET-LINK-1.png
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
217.182.228.53 , France, ASN16276 (OVH, FR),
Reverse DNS
ip53.ip-217-182-228.eu
Software
nginx /
Resource Hash
537fa000b241ddfa017657c8abdf139de4327463bce527e5f2c5099f08fbe10a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
last-modified
Sun, 28 Feb 2021 18:11:57 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
146752
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.min.js
a.afly.pro/cloud_theme/build/js/
202 KB
61 KB
Script
General
Full URL
https://a.afly.pro/cloud_theme/build/js/script.min.js?ver=6.4.0
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1999645
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 25 Sep 2019 19:29:30 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3ftPSF2cp6pxT00pnxWmMcxTdRZX4XRsr9etVcDwdu5ontcH92zYySgzLfTZ7kgHY9k2FUZTO26q24SLbxzAFyVUopRpUO%2FyT%2B%2FTSdH3Xs578jA%2FAyQm%2BgtcBmcrn%2F0rkTis5Es4RAJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
71cd45c2f99b68f8-FRA
expires
Fri, 24 Jun 2022 13:20:58 GMT
so.css
a.afly.pro/assets/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://a.afly.pro/assets/css/so.css
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e1ea8f5bb08ee03296e6008f3c93e2031dfcfd9183e2338e755c2acb8dddac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1999645
cf-polished
origSize=1863
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 08 Apr 2021 09:59:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2ZXQE1qSQgFDXwXIGtMUE5jsz6qRzRbB9GbPMcK4SFNB7jjfBaFZG6y7tEeYr3JBJe8MNpbuwp9uCIwQEjaluK63vn9JQX6NeESxAd6Pfw1vKRsLpa3w9k3Kx5KW8tmNDd4kPf6xvLY"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
71cd45c2f99f68f8-FRA
expires
Fri, 24 Jun 2022 13:20:58 GMT
jqueryy.min.js
a.afly.pro/assets/js/
86 KB
32 KB
Script
General
Full URL
https://a.afly.pro/assets/js/jqueryy.min.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1999644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 08 Apr 2021 08:16:22 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cb7o7PWrP26VI74uREGyZoeiqCwol5PJx4bwy67glwdXQs9Eox%2BP6vda0AFRYCN4ElN%2FuEtmOUn44UAMHQQDUCdg6IWw3Ggt5AONVQ9kZA37wtnen9J8RlxdkNqzug9lWU%2BDQyU3AErL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
71cd45c2f9a068f8-FRA
expires
Fri, 24 Jun 2022 13:20:59 GMT
script.js
a.afly.pro/assets/js/
412 B
860 B
Script
General
Full URL
https://a.afly.pro/assets/js/script.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02774706ad5ed7a4923248eeb6c71c23079e6ed71a3526453a88f1780806276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
47304
cf-polished
origSize=494
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 10 Apr 2021 08:21:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1EQW5y7Km1pInlsbr1zmOMDiqOlMLm12QUevuG7DfU6CZW8y%2F4kU8cBiJfN0EPHgM4eN9uXB3VSsEprpqmMUyaQunBdGcJJb%2FBda67SqvZtWORrg2AwZWYQ%2BfI76KDX52RJmP3g6KYR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
71cd45c2f9a268f8-FRA
expires
Sun, 17 Jul 2022 03:39:59 GMT
ads.js
a.afly.pro/js/
190 B
708 B
Script
General
Full URL
https://a.afly.pro/js/ads.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:9eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/PPgnYCa
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1999643
cf-polished
origSize=191
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 03 Sep 2019 04:54:48 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6gGkV1z%2F7%2FKYo2W7y4e6Qi%2BDRNcoFQyi3tiQXogMX9XXOia8CxmWP%2BkM537pa7hXNa12VR0uBCaQ%2FeUKkma36rfMRAGXXRaaoYOrnKRRtQvLp6nLXi3PqUMlIjJEo7oDB5TX7Ae2Ib9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
71cd45c2f9a568f8-FRA
expires
Fri, 24 Jun 2022 13:21:00 GMT
api.js
www.google.com/recaptcha/
850 B
965 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
552
x-xss-protection
1; mode=block
expires
Fri, 17 Jun 2022 16:48:23 GMT
js
www.googletagmanager.com/gtag/
103 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-144229328-1
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a69773467fe39544d085dce7f6b88660b00ffc8e28508bfb474354e7e76a30b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40832
x-xss-protection
0
expires
Fri, 17 Jun 2022 16:48:23 GMT
/
cat.hbwrapper.com/
15 B
255 B
XHR
General
Full URL
https://cat.hbwrapper.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.241.157.60 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
capture.analytics.hbwrapper
Software
Apache /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://a.afly.pro
Date
Fri, 17 Jun 2022 16:48:23 GMT
Access-Control-Allow-Credentials
true
Server
Apache
Connection
close
Content-Length
15
Content-Type
text/html; charset=UTF-8
trace
cloudflare.com/cdn-cgi/
285 B
432 B
XHR
General
Full URL
https://cloudflare.com/cdn-cgi/trace
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1202244237cd65d8fcfa7f983d947f435d45b57f2f6dd671f5f6fdc723730b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
71cd45c33da692b9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/
140 KB
38 KB
Script
General
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 17 Jun 2022 15:54:55 GMT
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront), 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 19:19:59 GMT
server
AmazonS3
age
3209
etag
W/"915836bd4f06d8d29dfc0840694722ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, DUS51-P2
content-encoding
gzip
x-amz-cf-id
zcoRysn4RR2Ntj5cmblPqW4MEW3y3XajyJ14HReBi9LF4GftlTpf2A==
tag.js
a.teads.tv/analytics/
19 KB
5 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.79.89.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-89-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
irOlEHoFUsDZEf3_amcRiMP6y8y2THaL
content-encoding
br
last-modified
Tue, 14 Jun 2022 12:22:21 GMT
x-amz-request-id
DJDEQXHCAC4V8CBC
etag
"f92f25ba5af332861dc8cea3da5eb278"
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
date
Fri, 17 Jun 2022 16:48:23 GMT
accept-ranges
bytes
content-length
4779
x-amz-id-2
y4cyqkhD41KmvIHT1Arc1DXbpuiduQewLzISlATD+8x28Y7jRXvTUHFN67GEwdaqr8i0LeyAqP4=
/
ghb.aplhb.adipolo.com/geo/
149 B
415 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/geo/
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459856/hbw_master_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5600661e23633f79567ba0dd40405c7df49526b31b8f88e7a5c7b5a8f7de9cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.aplhb.adipolo.com/adunit/
43 B
429 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=10647&full_page_url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&adid=ioqa69.c8&features=16416&vpbv=N063&lifecycle_tte=1622
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459856/hbw_master_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/
30 KB
31 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,400,500,600,700,800,900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a.afly.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:08:21 GMT
x-content-type-options
nosniff
age
258002
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:08:21 GMT
pubads_impl_2022060901.js
securepubads.g.doubleclick.net/gpt/
368 KB
125 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:40:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127664
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 08:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Jun 2023 14:40:24 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
277 B
164 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
05f5b72e1e9f8430f1715c4d47020c01d37856c2d798dac75bb15d9895f524c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
expires
Fri, 17 Jun 2022 16:48:23 GMT
avcplayer.js
player.avplayer.com/script/2/v/
251 KB
61 KB
Script
General
Full URL
https://player.avplayer.com/script/2/v/avcplayer.js
Requested by
Host: tg1.modoro360.com
URL: https://tg1.modoro360.com/api/adserver/spt?AV_TAGID=6140a5a747e57404ec5977fe&AV_PUBLISHERID=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ef::5f65:4d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv3MtB8ywSkxoFTIcVTwmMCJVLnsqLiokzJPDc1lTU-XBbxh1xIFRlJmFv_ujNnAJO9Rwzbgi9de8Pj1jr87iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
61326
last-modified
Thu, 03 Mar 2022 17:18:44 GMT
server
UploadServer
etag
"9dff0335699f04080269947f40c366ae"
vary
Accept-Encoding
x-goog-hash
crc32c=DITkQg==, md5=nf8DNWmfBAgCaZR/QMNmrg==
content-language
en
x-goog-generation
1646327924579580
cache-control
public, max-age=300
x-goog-stored-content-length
61326
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:23 GMT
track
servt.modoro360.com/
0
71 B
Image
General
Full URL
https://servt.modoro360.com/track?pid=615083ec2eec7c62d8776ba2&cid=626e835dcbc46b5e674a35a9&cb=1655484503592&r=a.afly.pro&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&e=playerLoaded
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a.afly.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:26:49 GMT
x-content-type-options
nosniff
age
163294
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47312
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 15:53:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:26:49 GMT
fpc
at.teads.tv/
0
333 B
XHR
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_17018&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&sv=5b1da8a&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.90.161.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-90-161-232.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:23 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 17 Jun 2022 16:48:23 GMT
interface
s8t.teads.tv/logs/publishers/
0
0
Image
General
Full URL
https://s8t.teads.tv/logs/publishers/interface?sharedIdsCount%7CPUB_17018%7C0%7C%5B%5D
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:1b2::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

j.html
p.fervorstech.com/prebidlink/19160/ Frame 9361
1 KB
888 B
Document
General
Full URL
https://p.fervorstech.com/prebidlink/19160/j.html?i=12916
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Jun 2022 16:48:23 GMT
etag
W/"620bee41-43d"
expires
Sun, 19 Jun 2022 16:48:23 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
config
c.amazon-adsystem.com/cdn/prod/
2 KB
2 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fa.afly.pro&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
Server /
Resource Hash
a0a41b0ceacf4f6f406f1b3cd1df48443fbb87fdf45d64169f5cba2e1ee54039

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:40:32 GMT
via
1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
server
Server
age
14870
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
content-length
1697
x-amz-cf-id
hxwv4Wngs76fVnrNqY4ianlBRPfYVVb3Gjxt_ENWiwPU55W4TZFNrA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/
6 KB
3 KB
XHR
General
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
33887
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 16 Jun 2022 07:15:00 GMT
server
AmazonS3
date
Fri, 17 Jun 2022 07:23:37 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 b1dc6a0d7547e8d4ab339f8c4caf9ea8.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
LKyd4YcRb05e8ncFfUqe4bhuS17Etx-fkAeEZMlE6aNdL4I4b-tpUw==
gpt.js
www.googletagservices.com/tag/js/
81 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/dynamicrashed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ff739da0c58814db5c76a31a8682501cf62947832dc71be75a2c3a2e4d0402e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27914
x-xss-protection
0
server
sffe
etag
"1247 / 966 of 1000 / last-modified: 1655464010"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 17 Jun 2022 16:48:23 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
Origin
https://a.afly.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8029
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 14:34:34 GMT
ats.js
ats.rlcdn.com/
109 KB
36 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-3.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding
br
etag
W/"148e21f812b555a13b2a9c6b616141f4"
age
52135
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Fri, 17 Jun 2022 02:19:29 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
FRA50-C1
content-type
application/x-javascript
x-amz-cf-id
IowKtpa765K-JETIw2Y_9sFoOCzRn4lWwS_6fzkkuOfxtNZUIngTkA==
405
id.halo.ad.gt/api/v1/partner/
0
0
Script
General
Full URL
https://id.halo.ad.gt/api/v1/partner/405?url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&ref=&_it=amazon
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.27.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-27-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

id5-api.js
cdn.id5-sync.com/api/1.0/
41 KB
12 KB
Script
General
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:45:45 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11494
x-request-id
851673636
truncated
/
385 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
240 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
favicon.ico
storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/
15 KB
15 KB
Image
General
Full URL
https://storage.de.cloud.ovh.net/v1/AUTH_4b1b323ce19643f985895cf772add44b/js/favicon.ico
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
141.95.4.204 , France, ASN16276 (OVH, FR),
Reverse DNS
ip204.ip-141-95-4.eu
Software
/
Resource Hash
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
X-Openstack-Request-Id
tx61855f0683834016a3760-0062acb057
Last-Modified
Sun, 31 Jan 2021 12:57:34 GMT
X-Trans-Id
tx61855f0683834016a3760-0062acb057
Etag
7bf4f6782dee3b520a65ff84286e3691
Content-Type
image/x-icon
X-Timestamp
1612097853.12655
Accept-Ranges
bytes
Content-Length
15086
/
signup.adipolo.com/
0
0
Image
General
Full URL
https://signup.adipolo.com/
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

truncated
/
480 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 1676
380 KB
108 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
abbc9188a88031ac44b861e0c23bdb342107b93d4a59afd12505360678d87896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtLnUT_orzrrIiSPATSyteGiJ7wPtkl6m2n64v52M71oyGG9EHwAKfyC3Pz0eOB_p2RNu4SmNPpLl4Idh3uRA7Cb7d-PpqD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
109620
last-modified
Thu, 16 Jun 2022 09:56:53 GMT
server
UploadServer
etag
"bb6b8fc88deeed3c824792c42387ec8f"
vary
Accept-Encoding
x-goog-hash
crc32c=f6aWXw==, md5=u2uPyI3u7TyCR5LEI4fsjw==
x-goog-generation
1655373413708625
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
109620
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:23 GMT
bid
c.amazon-adsystem.com/e/dtb/
23 B
489 B
XHR
General
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pid=uVMfTV43RGS0F&cb=0&ws=1600x1200&v=8.0.1&t=2000&slots=%5B%7B%22sd%22%3A%2220de69d5-2f2a-4628-a813-fa29b06884a2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%229f35ea54-3f53-4757-9842-07a4d775937d%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%2236945de3-e36c-4c76-b0f7-360c8c77ad59%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%22394d350e-9ab0-4d6b-a805-04840047ee50%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%22f129a69d-b2f9-4595-9c3a-5d6d575749ff%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%220a5fa185-6ac7-4a7d-baa4-18a01a06f7d6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%22ce3fe10d-9f8a-4bc1-a116-5dbc91f56d31%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_300s_1%22%7D%2C%7B%22sd%22%3A%22e9bdce42-d54c-4a43-a487-f51553ebf6bf%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22181265%2Fafl_stickyfooter%22%7D%5D&schain=1.0%2C1!adapex.io%2Cs1083%2C1%2C%2C%2C&pubid=1ad7261b-91ea-4b6f-b9e9-b83522205b75&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-76.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
via
1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
EKVQZVMWWAMZRJH2AWWR
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
wK5L2p4jVIvnmVJU683wIhauPHY4CQ_0dOVpvzrLUCwVxJcG5tnMPA==
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
600
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:23 GMT
server
ATS/9.1.0.46
gcid_s.min.js
p.gcprivacy.com/t/
807 B
1 KB
Script
General
Full URL
https://p.gcprivacy.com/t/gcid_s.min.js
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-63.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1f87574360ed92506f4aa3dcb6c2aff905e96dce9313a989102a3002b162d20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
JVSnJsDZfG..J.iViixnuLe1DMZuYxPF
via
1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
etag
"aaf00c019bfb4a9f9dcb55fd650c5e32"
last-modified
Fri, 08 Apr 2022 19:34:23 GMT
server
AmazonS3
age
62582
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
date
Thu, 16 Jun 2022 23:25:22 GMT
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
807
x-amz-cf-id
oe3gRP2nOApetrDmaP8rp4bANo6BlDwcimhrMC-wme8wDNYmFXUD7g==
auction
prebid.adnxs.com/pbs/v1/openrtb2/
57 KB
27 KB
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/openrtb2/auction
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f9956b981c98afada1ab9247d8df9619aecdb00b0078f79c079b3685311a7ab1

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
X-Prebid
pbs-go/0.214.0
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
prebid
ib.adnxs.com/ut/v3/
154 KB
32 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e4aecfb2fb4a5ed820b368ba9d25c5f14968f012e036e6b5579d937b81ad2dc6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0f984786-c3ce-4a35-b217-950deebe560b
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
mvo
tag.1rx.io/rmp/239524/0/
0
166 B
XHR
General
Full URL
https://tag.1rx.io/rmp/239524/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
pragma
no-cache
date
Fri, 17 Jun 2022 16:48:23 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
bid
ap.lijit.com/rtb/
95 B
743 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e960f16dce807f9e729b178b83d29337b9a5e6bbbf9bd6a7866ba09c0b66dae3

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bidRequest
in-appadvertising.com/api/
56 B
547 B
XHR
General
Full URL
https://in-appadvertising.com/api/bidRequest?bidId=110f3bd98f1e80b1&pubId=30557&sectionId=10256&vers=6.27.0&url=https://a.afly.pro/PPgnYCa&sizes=728x90&tr_wd=0&tr_hd=0&tr_vs=visible
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
169.63.109.126 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
7e.6d.3fa9.ip4.static.sl-reverse.com
Software
nginx/1.16.1 /
Resource Hash
7c90b7a4f8c84004ed9a67e2c12818ff8027d621f87737bb9108176d5c293fcc

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Server
nginx/1.16.1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,OPTIONS,POST
Content-Type
application/javascript
Access-Control-Allow-Origin
https://a.afly.pro
Cache-control
no-cache
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Content-Type, Content-Length, X-Requested-With
Expires
0
prebid-request
onetag-sys.com/
15 B
357 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://a.afly.pro
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
c
prebid.a-mo.net/a/
0
274 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
136
vary
origin, Accept-Encoding
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
5baa961f5266071886fa449db783175a8d248d37c8dddec1709d567b95cd77ae

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
614a851e2956eaa1238d5c06556946906d910e237f76ad3ecdc657cab60ff367

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
84b5ab490c6f8b9a10d7ede6fcd91229e81ea2706c23f2912de33ef7a1ff4245

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
4e17cf51a84644146c4d99f513f3565fccbe6bd0a88f249f70e14a518bd24f87

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
bef3b3bb6328ad375436ec0748fde9b3276755ab6ab64a7252a1a34be65387de

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d57700c43d82aa3e0d84faf5a2548bc521d5b4ca19c75862f460c7b36b1bac7d

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
96 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c880d9a7bc5d8948ea7fe7c4192157b7aeda2c37851c46d2948970edfc7757ce

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/
66 B
292 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
feb93e74117b9c26371cd10c823414fbd03fae78f6bf3a8650fcbb2b3b7721d9

Request headers

Referer
https://a.afly.pro/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-length
66
hb
ssc.33across.com/api/v1/
87 B
179 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=dHLOiE8lGr64fWaKlKyvbs
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a6b14a7c0ba32d87a77013ffae9a086bbc0516a806496934fdcd6d00ab6e96cb

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
hb
ssc.33across.com/api/v1/
87 B
338 B
XHR
General
Full URL
https://ssc.33across.com/api/v1/hb?guid=d1bb3E8lGr64fWaKlKyvbs
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
a6b14a7c0ba32d87a77013ffae9a086bbc0516a806496934fdcd6d00ab6e96cb

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
/
prebid.smilewanted.com/
0
433 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b7e91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b7f91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8191f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8391f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8791f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
76 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8a91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8c91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c51b8f91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid
prebid.media.net/rtb/
1 KB
878 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUQWX43D
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
978bb6a80446b3d854f21aee81ea83462c7c210967a16ec7ab621e34a9c073f0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
js
www.googletagmanager.com/gtag/
193 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-83F4504S3G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144229328-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2f20abf047ba134cac36907cd197069bc9bcab63bf285edeb47cfa13ad1e2145
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70767
x-xss-protection
0
expires
Fri, 17 Jun 2022 16:48:23 GMT
hbw_master_307825_12916.js
p.fervorstech.com/prebidlink/y19160/ Frame 9361
74 KB
25 KB
Script
General
Full URL
https://p.fervorstech.com/prebidlink/y19160/hbw_master_307825_12916.js
Requested by
Host: p.fervorstech.com
URL: https://p.fervorstech.com/prebidlink/19160/j.html?i=12916
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
83aed14aa2ba2a0be743b81973c1b29490c65a211d944636b369fa765e0b6328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/prebidlink/19160/j.html?i=12916
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
last-modified
Fri, 03 Jun 2022 07:41:53 GMT
server
nginx
etag
W/"6299bb41-12622"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Sun, 19 Jun 2022 16:48:23 GMT
/
geo.privacymanager.io/
30 B
592 B
Fetch
General
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-89.fra60.r.cloudfront.net
Software
/
Resource Hash
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 02:03:54 GMT
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront), 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
age
53069
x-amzn-requestid
54804818-b56c-4026-a94f-de8bd766ab7b
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62abe10a-1d46f21e69a22e317ef5672f;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1, FRA60-P3
x-amz-apigw-id
T2AZsH7oDoEFrnA=
content-length
30
x-amz-cf-id
nW3EPEhCesLXX31WYc7ki7hr_wfx1veVia_FQ8JlRkVCLk84KveNUg==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
config.json
player.adtelligent.com/exchange_rates/313490/
11 KB
5 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fa.afly.pro%2FPPgnYCa
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6bde58cffd1d1fe98fb3dd1c9038498d0265df34bbfc642e8acba7f84c6e983e

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 12:01:11 GMT
server
nginx
etag
W/"62ab1b87-2aca"
content-type
application/json
access-control-allow-origin
https://a.afly.pro
expires
Sun, 19 Jun 2022 16:48:23 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
v1
lb.eu-1-id5-sync.com/lb/
33 B
324 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
7c308f9804358119c061f644f79d79a30db9dd052957401cb96bdb27ede5ebbd

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:23 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
959 B
555 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=2890526383852446&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21939239661%3A22305556653%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=2327846384&sfv=1-0-38&ecs=20220617&ists=1&fas=8&fsapi=false&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300&sc=1&cookie_enabled=1&abxe=1&dt=1655484503944&lmt=1655484503&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=false&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
04649d5e5371af4731fef52e6d13d09138f5b7c15a51f317502f4a6c045b36bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
525
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 961D
6 KB
4 KB
Document
General
Full URL
https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
Sat, 17 Jun 2023 16:48:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022060901.js
securepubads.g.doubleclick.net/gpt/
36 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022060901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
sffe /
Resource Hash
9d41bb881a53e0debdb0ab84039cd54317824d663ee9a90c241b13c109c19610
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 10:47:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108051
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13509
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 08:36:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Jun 2023 10:47:32 GMT
track
servt.modoro360.com/
0
70 B
Image
General
Full URL
https://servt.modoro360.com/track?r=a.afly.pro&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.31&apppkg=&fv=1&proto=https&pid=615083ec2eec7c62d8776ba2&cid=626e835dcbc46b5e674a35a9&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&e=inventory&vi=100&cb=1655484503967
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
s.gif
p2.gcprivacy.com/
43 B
202 B
Image
General
Full URL
https://p2.gcprivacy.com/s.gif?pid=Q6CV1VBC&uid=93555b1b-d59d-4923-aedd-c66f513fd23a&s=PPgnYCa&u=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&h=a.afly.pro&ref=
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.46.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-46-89.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-length
43
content-type
image/gif
hb_307825_12916.js
player.adtelligent.com/prebidlink/ex19161/ Frame 9361
296 KB
91 KB
Script
General
Full URL
https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Requested by
Host: p.fervorstech.com
URL: https://p.fervorstech.com/prebidlink/y19160/hbw_master_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d53fdc4c20e3a6d0cb1fc824d0d05625345003ecd86133a00cf5111d502680da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
last-modified
Tue, 26 Apr 2022 10:42:41 GMT
server
nginx
etag
W/"6267cca1-49f87"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sun, 19 Jun 2022 16:48:23 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
579.json
id5-sync.com/g/v2/
213 B
617 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
b7edcb208c06fdab1e723d10fe42a4b9122ca6fd7ad6f001afd794a7cd6b0357
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:23 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
anchor
www.google.com/recaptcha/api2/ Frame B441
43 KB
22 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a6aedfc33b023e9886aa2ef638b395c8dbdc0476e4a6b5a20352f7054eddcb2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GjvMJDUlRASzwSU1MQw0nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
22844
content-security-policy
script-src 'report-sample' 'nonce-GjvMJDUlRASzwSU1MQw0nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
ghb.adtelligent.com/geo/ Frame 9361
149 B
422 B
XHR
General
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.fervorstech.com
URL: https://p.fervorstech.com/prebidlink/y19160/hbw_master_307825_12916.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5600661e23633f79567ba0dd40405c7df49526b31b8f88e7a5c7b5a8f7de9cc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.fervorstech.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
149
tracking
ghb.adtelligent.com/adunit/ Frame 9361
43 B
434 B
XHR
General
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=12916&full_page_url=https%3A%2F%2Fa.afly.pro&adid=ioqahv.1p&features=16416&vpbv=N061&lifecycle_tte=362
Requested by
Host: p.fervorstech.com
URL: https://p.fervorstech.com/prebidlink/y19160/hbw_master_307825_12916.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 17 Jun 2022 16:48:23 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.fervorstech.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
/
serv.modoro360.com/api/adserver/tag/
30 KB
4 KB
XHR
General
Full URL
https://serv.modoro360.com/api/adserver/tag/?AV_TAGID=6140a5a747e57404ec5977fe&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&AV_CHANNELID=626e835dcbc46b5e674a35a9&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=a.afly.pro&AV_DADPOS=1&AV_TAG=6140a5a747e57404ec5977fe&AV_TEMPLATE=60bceb5ae580aa6950275314&d36=6.2.31&responsive=1&sver=2&avtoken=503967&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1655484504023
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.201.234.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-234-123.compute-1.amazonaws.com
Software
/
Resource Hash
ed04819f5429616e4dfe98a16a2e3677d3360c89fa7379f063cc1f03ca64a94f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache
access-control-allow-credentials
true
expires
Mon, 06 Jun 2022 03:01:44 GMT
collect
region1.google-analytics.com/g/
0
343 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-83F4504S3G&gtm=2oe6f0&_p=1795708186&_z=ccd.v9B&cid=2071306809.1655484504&ul=en-us&sr=1600x1200&_s=1&sid=1655484503&sct=1&seg=0&dl=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&dt=Is%20CLOUD%20STORAGE%20Secure%3F%204%20Steps%20to%20Control%20YOUR%20DATA!&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-83F4504S3G&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-144229328-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
7157
date
Fri, 17 Jun 2022 14:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 17 Jun 2022 16:49:07 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1795708186&t=pageview&_s=1&dl=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&ul=en-us&de=UTF-8&dt=Is%20CLOUD%20STORAGE%20Secure%3F%204%20Steps%20to%20Control%20YOUR%20DATA!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=788292972&gjid=415524807&cid=2071306809.1655484504&tid=UA-144229328-1&_gid=1528705160.1655484504&_r=1&gtm=2ou6f0&z=1804531329
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
localstore.js
script.4dex.io/
483 B
940 B
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
877712
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMOMqw2QaESonkqQZ%2BAWVzjJcnGpslum9CEFNqzxli23%2FOYvTuCLuES82ssMhEI%2Fkzh2pe18BHrk9pAknSG8U9Fu6ydDVe2gM2W6Ki93qdWyPi7API4fSs1mK%2B4layC1xDBc6NDmZ0ciTOEu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
71cd45c7bee6901f-FRA
prebid
mp.4dex.io/
0
383 B
XHR
General
Full URL
https://mp.4dex.io/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
71cd45c7efe39b4b-FRA
x-err
Parsing the Prebid Request. site disabled
expires
0
auction
tlx.3lift.com/header/
19 B
533 B
XHR
General
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.7.0-pre&referrer=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&tmax=2000
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.67.209.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-67-209-155.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
x-auction-status
7, 7
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb.adtelligent.com/v2/auction/
571 B
567 B
XHR
General
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
977b0713053027e3a380b0f1489257a6c57e25fe850c19ceb1c603bf1782c480

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
262
prebid-request
onetag-sys.com/
15 B
357 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://a.afly.pro
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
133 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/
18 B
307 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=70953912590
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
/
prebid.smilewanted.com/
0
100 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c7afce91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/
0
77 B
XHR
General
Full URL
https://prebid.smilewanted.com/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cf-ray
71cd45c7afcf91f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ROS
pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320...
437 B
849 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&e_pubcid=bea6693e-70dd-4033-9219-c3baf26fc3ed
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
4dad77fca0497f956cc3fc0b09ab118de89263fd00b115941d88afe96ebc3361

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://a.afly.pro
expires
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
437
x-sid
AMS-739

Redirect headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
location
/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.665903270187338&e=300x250_0%3A300x250%2C336x280%2B300x250_1%3A300x250%2C336x280%2B728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pbv=6.7.0-pre&ncb=1&vs=FFFF&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&e_pubcid=bea6693e-70dd-4033-9219-c3baf26fc3ed
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-739
prebid-request
onetag-sys.com/
15 B
357 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://a.afly.pro
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/
93 B
741 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
2ca578654a67c3ed5ea8829a1abf06e75922e673b6cebc92b4ddb97717a2d654

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
prebid
ib.adnxs.com/ut/v3/
27 KB
11 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b9772148a654d1b1d44ea23d5acfee0f8708ca41bfd67159cb3b47f1c33db3fe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
978cd9df-0a06-4169-9b52-a01b432cd2f9
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
13 KB
8 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
373cc0357b36ee131c453022d528dc253a02e3365c3b1f872dc328d332239f61
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
88a3142b-ca6f-4543-a55c-0690b85c9d0f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
377 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=15&alt_size_ids=16&eid_pubcid.org=bea6693e-70dd-4033-9219-c3baf26fc3ed%5E1&rf=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&tg_i.pbadslot=%2F21939239661%2C22305556653%2Fapl%2Faplmcm%2Fsticky%23stick&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e6a4e07b-507f-42b0-ba8f-14ad2e668990&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22305556653%2Fapl%2Faplmcm%2Fsticky%23stick&slots=1&rand=0.0911125738878309
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9b48059ab5589ce79f01c0489b5afd77e755b0307719f41d37f929d0976bb5fb

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
377
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
383 B
1 KB
XHR
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24558&site_id=425696&zone_id=2416802&size_id=2&alt_size_ids=43%2C55%2C117&eid_pubcid.org=bea6693e-70dd-4033-9219-c3baf26fc3ed%5E1&rf=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&tg_i.pbadslot=%2F21939239661%2C22305556653%2Fapl%2Faplmcm%2Fsticky%23stick&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=15343fc7-9c07-4c1f-bd14-669c9e736bf0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22305556653%2Fapl%2Faplmcm%2Fsticky%23stick&slots=1&rand=0.19119682156348428
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7f3a41f35cee6aed738db522abe8f4b8c711c69e5284abf34e71e9e48d71e7d5

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:24 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
383
Expires
Wed, 17 Sep 1975 21:32:10 GMT
openrtb
adx.adform.net/adx/
0
405 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 9361
2 KB
1 KB
XHR
General
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fa.afly.pro
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b81b496425cdbd2f2277d81e65f81edfe2cd36d8d2a992d2217ff4e2eb6d80de

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 12:01:10 GMT
server
nginx
etag
W/"62ab1b86-851"
content-type
application/json
access-control-allow-origin
https://p.fervorstech.com
expires
Sun, 19 Jun 2022 16:48:24 GMT
cache-control
max-age=172800
x-proxy-cache
HIT
prebid
ib.adnxs.com/ut/v3/ Frame 9361
12 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fa922318bc71aa16dfa3b8432274a29bc40099056f14f05974bb7b3ae6a1283f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1e71fb84-a960-43b2-9776-ae873ebfe937
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://p.fervorstech.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 9361
0
219 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=47623407014
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://p.fervorstech.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9361
0
179 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.fervorstech.com
date
Fri, 17 Jun 2022 16:48:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ Frame 9361
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https...
385 B
802 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
96ab442b9eaf944431264da944dc44d0ca98bc0a97108187c823bedaa2922229

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.fervorstech.com
expires
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
385
x-sid
AMS-739

Redirect headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
location
/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=300x250_0%3A300x250%2C336x280&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.fervorstech.com
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-739
c
prebid.a-mo.net/a/ Frame 9361
0
153 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.fervorstech.com
date
Fri, 17 Jun 2022 16:48:23 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame 9361
12 KB
7 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3ade6aed9a139e9889ea147a9d7e2145f5c77dd7823dc5621eba60a5a3fa5293
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:24 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
041af528-fc54-4dba-8dda-1b5f800d90a3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://p.fervorstech.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 9361
0
179 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.fervorstech.com
date
Fri, 17 Jun 2022 16:48:24 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ Frame 9361
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&cr...
384 B
801 B
XHR
General
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8fb8cd9563129f2fcaaf20476bf10694cbba9607e670bb76d74d1f8ecbab9629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://p.fervorstech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.fervorstech.com
expires
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
384
x-sid
AMS-739

Redirect headers

date
Fri, 17 Jun 2022 16:48:24 GMT
server
openresty
location
/hb/1/2e43c/1/a.afly.pro/ROS?ct=1&r=pbjs&rnd=0.3175619188652603&e=320x50_0%3A320x50%2C970x90%2C728x90%2C320x100&ur=https%3A%2F%2Fa.afly.pro%2F&pbv=6.7.0-pre&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2F&e_pubcid=896a4252-df02-4815-a2de-798ae819b92c
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.fervorstech.com
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
AMS-739
cdb
bidder.criteo.com/ Frame 9361
0
218 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=70665692207
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:23 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://p.fervorstech.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ Frame 9361
0
154 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19161/hb_307825_12916.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.fervorstech.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.fervorstech.com
date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
602 B
353 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3887397463099264&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21939239661%3A22305556653%2Capl%2Canchor%2Canchortop&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2186292215&sfv=1-0-38&ecs=20220617&ists=1&fas=2&fsapi=false&prev_scp=hb_rfBid%3D0&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300&sc=1&cookie=ID%3D16438d363702a8f2-22af6558b6cd00e9%3AT%3D1655484503%3AS%3DALNI_MZaquEhJvqFzK7FvC5gM1PpQ83LtQ&abxe=1&dt=1655484504315&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H9KYixCk7gOTub7gBf9yHSZbjnxU7m6X9LU5lCDH52r&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
a4da6305d723961c26388648ff84f83dd1af9edf75ceb1c3f78001686c1bd07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
322
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B441
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame B441
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 14:34:34 GMT
adagio.js
script.4dex.io/
72 KB
23 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
65823
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx39d23219a0b546ffaafb1-0062a05153
x-amz-id-2
tx39d23219a0b546ffaafb1-0062a05153
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ScELrlyF%2BlvE7CWEGhllGK%2F6sEnXiYKC2FONNdVqpbd184ySjcWjIujOjT1o8xo%2FAjg4ONJTUXIc5M0xCWRDJ3Yse7AtoRPNW63z6GvAJ8VAn0BVZbiIHWmHPGPVTp7uB2G8N4YF1%2BBJciBO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
71cd45c859ea9bf8-FRA
access-control-allow-headers
Authorization
cookiesyncendpoint
servs.modoro360.com/ Frame DA0D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1655484504298-942280382455-...
  • https://ad.360yield.com/ul_cb/server_match?partner_id=1581&r=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D22%26auid%3D1655484504298-9422803...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1655484504298-942280382455-006803-000-006067&key=18010e05-e261-4acc-a605-d5140af7caa8
0
237 B
Document
General
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1655484504298-942280382455-006803-000-006067&key=18010e05-e261-4acc-a605-d5140af7caa8
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.184.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-184-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 17 Jun 2022 16:48:24 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 17 Jun 2022 16:48:24 GMT
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=22&auid=1655484504298-942280382455-006803-000-006067&key=18010e05-e261-4acc-a605-d5140af7caa8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 96F6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1655484504298-942280382455...
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&zcc=1&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1655484504298-942280...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8048896307
70 B
265 B
Document
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8048896307
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 17 Jun 2022 16:48:24 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 17 Jun 2022 16:48:24 GMT
etag
RX6fc43fda474c46098a9d42fdabc72dbc003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8048896307
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
server
Tengine
cookiesyncendpoint
servs.modoro360.com/ Frame 09BA
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&uid=1655484504298-942280382455-006803-000-006067&cb=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%2...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1655484504298-942280382455-006803-000-006067&key=GDPR
0
195 B
Document
General
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1655484504298-942280382455-006803-000-006067&key=GDPR
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.184.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-184-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 17 Jun 2022 16:48:24 GMT

Redirect headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://a.afly.pro/
age
0
content-length
0
date
Fri, 17 Jun 2022 16:48:24 GMT
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=3&auid=1655484504298-942280382455-006803-000-006067&key=GDPR
server
nginx
via
1.1 varnish
x-varnish
167516677
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E91
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=160993&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D1%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.212.214 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-212-214.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=133397
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 16:48:24 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sun, 19 Jun 2022 05:51:41 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame 71C2
0
0
Document
General
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D18%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 17 Jun 2022 16:48:24 GMT
X-Sovrn-Pod
ad_ap5ams1
occ
ups.analytics.yahoo.com/ups/58543/ Frame 3EFB
0
0
Document
General
Full URL
https://ups.analytics.yahoo.com/ups/58543/occ?gdpr=1&gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Fri, 17 Jun 2022 16:48:24 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
cookiesyncendpoint
servs.modoro360.com/ Frame 9B1C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D56%26auid%3D1655484504298-942280382455-006803-000-006067%26k...
  • https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1655484504298-942280382455-006803-000-006067&key=0cb14b58-0866-4ce5-92e7-fb78b95abbb5
0
242 B
Document
General
Full URL
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1655484504298-942280382455-006803-000-006067&key=0cb14b58-0866-4ce5-92e7-fb78b95abbb5
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.184.128 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-184-128.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Fri, 17 Jun 2022 16:48:24 GMT

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71cd45c90eff9156-FRA
content-length
0
date
Fri, 17 Jun 2022 16:48:24 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://servs.modoro360.com/cookiesyncendpoint?pid=59c9148628a0612da3689288&biddername=56&auid=1655484504298-942280382455-006803-000-006067&key=0cb14b58-0866-4ce5-92e7-fb78b95abbb5
server
cloudflare
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1676
178 KB
54 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdshBeU0iJW-vWEaFAw9tnyJs9MOqOZ_PtNLF6984Sy4YUTs1bMhkXqgpUkH2Ec7ZZBKL--KC3Nblp8QCLhJ4XwMMQ4FdzF6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Thu, 16 Jun 2022 09:56:54 GMT
server
UploadServer
etag
"80d69965155d7abf3e386cd37d9d2d0a"
vary
Accept-Encoding
x-goog-hash
crc32c=Ie9ohw==, md5=gNaZZRVder8+OGzTfZ0tCg==
x-goog-generation
1655373414151560
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:24 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1676
71 KB
22 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdumFpX5TvApOyJDGolXRRozUHDB5i7VO1I4kUVIitd64p94krZ0we0C861cQjvNpu71kV1XdP9-GaZwcDHkQuCos0N1QxEH
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Thu, 16 Jun 2022 09:56:54 GMT
server
UploadServer
etag
"1aa6ae4ae3671f3e9a4aba0502197ae5"
vary
Accept-Encoding
x-goog-hash
crc32c=Yf4XsA==, md5=GqauSuNnHz6aSroFAhl65Q==
x-goog-generation
1655373414234097
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:24 GMT
avpb6.27.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1676
73 KB
25 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9349b46d2d5c59b60083217f00327f7f7ca3312cb9cd20ba819a2f9bf8906782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsoowej9-liOq95uNjep-AjXS1kygyVtqvroFQekSftxsn1PhWa0mO7RJmF9gwTQB4WBi_2-E6ewsM3zoIknuf-wxYO5Kkk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
24750
last-modified
Thu, 16 Jun 2022 09:56:54 GMT
server
UploadServer
etag
"5e05ce0b4c03a9bc706f5f238c9c13d4"
vary
Accept-Encoding
x-goog-hash
crc32c=6waK4g==, md5=XgXOC0wDqbxwb18jjJwT1A==
x-goog-generation
1655373414230250
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
24750
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:24 GMT
avpb6.27.0a4.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1676
68 KB
23 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a4.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9edef42a0cc4ba9a6629679d9c8695bbafbe64701cf0b1353b6f2d2260b97625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtmTJnOdfQ1_a_aoRlNCn3eLpmQz09i3yU_4FXF7DcgkeLpdSmTIMqhSNZXiXoGzuY-m-nY4N-vq6BKCWNR9J5AqQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22734
last-modified
Thu, 16 Jun 2022 09:56:54 GMT
server
UploadServer
etag
"f7849bb992489bd53606d0548d7198fa"
vary
Accept-Encoding
x-goog-hash
crc32c=EIHicA==, md5=94SbuZJIm9U2BtBUjXGY+g==
x-goog-generation
1655373414306813
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22734
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:24 GMT
avpb6.27.0a5.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1676
66 KB
20 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a5.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ef:28a::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
71c7a28033b54fac3e87f3a39b87107be7026ef9180043d997dd7a6cec45bdc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsrk0hsQhEalPJfxm9txrreqlRF0tR8T53SJ1VyxzVzeGokJPgw0FzqXZeHHAghQgNkS0gFH6BluJI9TiVIjdRz4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20346
last-modified
Thu, 16 Jun 2022 09:56:54 GMT
server
UploadServer
etag
"c9a304229eaa595ac7b2e3ad8b0bda44"
vary
Accept-Encoding
x-goog-hash
crc32c=IlyG6g==, md5=yaMEIp6qWVrHsuOtiwvaRA==
x-goog-generation
1655373414316567
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20346
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 17 Jun 2022 16:53:24 GMT
track
servt.modoro360.com/
0
70 B
Image
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=a.afly.pro&rs=a.afly.pro&sid=77721&t=1655484504&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&test=&aafaid=&proto=https&uid=1655484504298-942280382455-006803-000-006067&cha=0.7&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.31&cb=27523225911&d39=&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=615083ec2eec7c62d8776ba2&nid=60095c900c0799791c46d8d4&pcid=626e835dcbc46b5e674a35a9&ncid=626e836b95d712408a613fd0&pasid=626e839376914242d640f6ed&e=request&cb=1655484504442&asid=626e84921557d8400f3d7ca8%2C626e84921557d8400f3d7cac%2C626e84921557d8400f3d7ca6%2C626e84941557d8400f3d7ccc%2C626e84951557d8400f3d7ce2%2C61827b62d74b9f2d535963dc%2C626e84941557d8400f3d7cca%2C626e84921557d8400f3d7ca2%2C626e84941557d8400f3d7cc6%2C618988bd0ebfc34861229bd6&ofpr=%2C%2C%2C%2C%2C0.5%2C%2C%2C%2C0.6&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.modoro360.com/
0
70 B
Image
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=a.afly.pro&rs=a.afly.pro&sid=77721&t=1655484504&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&test=&aafaid=&proto=https&uid=1655484504298-942280382455-006803-000-006067&cha=0.7&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.31&cb=27523225911&d39=&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=626e836b95d712408a613fd0&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=request&cb=1655484504442&asid=6242e15e4160b0434d0bb5d7%2C61ee75a8d10e31638264ad68%2C61d4255da97a3d0e195080d4%2C618ce0d28400ea00bd124798&ofpr=1%2C%2C%2C3&fpo=%2C%2C%2C
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cdb
bidder.criteo.com/
18 B
307 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=20963052544
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
mvo
tag.1rx.io/rmp/217227/0/
0
166 B
XHR
General
Full URL
https://tag.1rx.io/rmp/217227/0/mvo?z=1r&hbv=6.27,2.1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 Utrecht, Netherlands, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
c
prebid.a-mo.net/a/
0
135 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
122
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/
144 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
70ac3fa284460d57cf171bd3578ff530c0cb871520d5154cfade1b508ba83acd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:24 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9473d854-6b84-4dba-bad0-7a6947e336bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame B441
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B441
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame B441
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 19:40:09 GMT
x-content-type-options
nosniff
age
76095
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Jun 2022 19:40:09 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B441
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
258103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame B441
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc&co=aHR0cHM6Ly9hLmFmbHkucHJvOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=i89onv3hcykh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Fri, 17 Jun 2022 16:48:24 GMT
track
servt.modoro360.com/
0
70 B
Image
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=a.afly.pro&rs=a.afly.pro&sid=77721&t=1655484504&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&test=&aafaid=&proto=https&uid=1655484504298-942280382455-006803-000-006067&cha=0.7&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.31&cb=27523225911&d39=&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&ppid=615083ec2eec7c62d8776ba2&nid=60095c900c0799791c46d8d4&pcid=626e835dcbc46b5e674a35a9&ncid=626e836b95d712408a613fd0&pasid=626e839376914242d640f6ed&e=bid&cb=1655484504668&asid=626e84921557d8400f3d7ca8%2C626e84921557d8400f3d7cac%2C626e84921557d8400f3d7ca6%2C626e84941557d8400f3d7ccc%2C626e84951557d8400f3d7ce2%2C626e84941557d8400f3d7cca%2C626e84921557d8400f3d7ca2%2C626e84941557d8400f3d7cc6&ofpr=%2C%2C%2C%2C%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
servt.modoro360.com/
0
70 B
Image
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=a.afly.pro&rs=a.afly.pro&sid=77721&t=1655484504&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&test=&aafaid=&proto=https&uid=1655484504298-942280382455-006803-000-006067&cha=0.7&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.31&cb=27523225911&d39=&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225&&copid=60095c900c0799791c46d8d4&nid=59c9148628a0612da3689288&cocid=626e836b95d712408a613fd0&ncid=6188f6678186692d1b57a0d4&coasid=6188f6fc4071e35134085f46&e=bid&cb=1655484504668&asid=61ee75a8d10e31638264ad68%2C61d4255da97a3d0e195080d4&ofpr=%2C&fpo=%2C
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
bframe
www.google.com/recaptcha/api2/ Frame 8A16
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
808972526d5d78abd62227a19786f22daf47e4b6523dff4ae93629cbeefab1b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OI9vDA8EVWgCUOqQVn4EqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-OI9vDA8EVWgCUOqQVn4EqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
PugMaster
image6.pubmatic.com/AdServer/ Frame 9E91
0
0

styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 8A16
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:39 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 8A16
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf2oGkUAAAAAPnWjjWViiU1xARFdo28x_ugoDrc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:34:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8030
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 14:34:34 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
44 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=139907575784720&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21939239661%3A22305556653%2Capl%2Caplmcm%2Ccube%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4&prev_iu_szs=300x250%7C336x280%2C970x90%7C728x90%7C320x50%7C320x100&ifi=3&adks=2193279578%2C3042515390&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-8176806-1%26is_vmhbmp%3Dtrue%26hb_override_id%3D3424951%26hb_buyer_id%3D18171%26hb_r_id%3D61e116c79b38fa5%26hb_site_id%3D10647%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.02%26hb_adid%3D947b3107262894f%26hb_bidder%3Dprojectagora%26excl_cat%3DPREPOST%7Ctest%3Drefresh%26hb_rfBid%3D0%26hb_div_id%3Dstick%26is_vmhbmp%3Dtrue%26hb_override_id%3D3424951%26hb_buyer_id%3D18171%26hb_r_id%3D70e7ddda3a4f95c%26hb_site_id%3D10647%26hb_format%3Dbanner%26hb_size%3D970x90%26hb_pb%3D0.02%26hb_adid%3D952544fd1faa143%26hb_bidder%3Dprojectagora%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504880&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650%2C315&adys=680%2C1150&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1090x0%7C970x-1&msz=1090x0%7C970x-1&fws=0%2C512&ohw=0%2C0&psts=AGkb-H9KYixCk7gOTub7gBf9yHSZbjnxU7m6X9LU5lCDH52r%2CAGkb-H_v1bwjj_Mo0N3kiaDijsB3a3vtUin-kk-U2oJBCpdz&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=0%7C0&cbidsp=CuUGCAESDAoGYWRhZ2lvEFIgAhIMCgZhZGFnaW8QUiACEhAKCnRyaXBsZWxpZnQQTSACEhgKEWFkdGVsbGlnZW50TWFya2V0EMYEIAISDAoGb25ldGFnEEYgAhISCgxydGJob3VzZV9ta3AQTiACEgkKA2FteBA7IAISCQoDYW14EDsgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhIRCgtzbWlsZXdhbnRlZBBAIAISEwoNZXBsYW5uaW5nX21rcBBXIAISEwoNZXBsYW5uaW5nX21rcBBXIAISEAoKb25ldGFnX21rcBA2IAISEAoKb25ldGFnX21rcBA2IAISCwoFc292cm4QXSACEgsKBXNvdnJuEF0gAhILCgVzb3ZybhBdIAISCwoFc292cm4QXSACErUBCgxwcm9qZWN0YWdvcmEQsAManwEKDzk0N2IzMTA3MjYyODk0ZhDAygFA6PgEGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCIKaGJfc2l0ZV9pZCIHaGJfcl9pZCILaGJfYnV5ZXJfaWQiDmhiX292ZXJyaWRlX2lkIglpc192bWhibXAiCWhiX2Rpdl9pZCgBOgYI0AIQmAIgARITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsAMgAhITCgxwcm9qZWN0YWdvcmEQsQMgAhITCgxwcm9qZWN0YWdvcmEQsQMgAhIvCgZlel9ta3AQ7gEaIAoPOTJjNDM2MmYwOWJiOWY3EAAaA1VTRCgBOgQIABAAIAESDQoHcnViaWNvbhA8IAISFAoNYWRmb3JtTHVwX21rcBDxASACGAIiJGU2YTRlMDdiLTUwN2YtNDJiMC1iYThmLTE0YWQyZTY2ODk5MCoCCANA0A8.~CrkHCAESDAoGYWRhZ2lvEFIgAhIMCgZhZGFnaW8QUiACEhAKCnRyaXBsZWxpZnQQTSACEhgKEWFkdGVsbGlnZW50TWFya2V0EMYEIAISDAoGb25ldGFnEEYgAhISCgxydGJob3VzZV9ta3AQTiACEgkKA2FteBA7IAISCQoDYW14EDsgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhINCgZjcml0ZW8Q9wEgAhIRCgtzbWlsZXdhbnRlZBBAIAISEwoNZXBsYW5uaW5nX21rcBBXIAISEwoNZXBsYW5uaW5nX21rcBBXIAISEAoKb25ldGFnX21rcBA2IAISEAoKb25ldGFnX21rcBA2IAISCwoFc292cm4QXSACEgsKBXNvdnJuEF0gAhILCgVzb3ZybhBdIAISCwoFc292cm4QXSACErQBCgxwcm9qZWN0YWdvcmEQsAMangEKDzk1MjU0NGZkMWZhYTE0MxCApQFA0IMEGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX2Zvcm1hdCIKaGJfc2l0ZV9pZCIHaGJfcl9pZCILaGJfYnV5ZXJfaWQiDmhiX292ZXJyaWRlX2lkIglpc192bWhibXAiCWhiX2Rpdl9pZCgBOgUIygcQWiABEhMKDHByb2plY3RhZ29yYRCxAyACEhMKDHByb2plY3RhZ29yYRCxAyACEhMKDHByb2plY3RhZ29yYRCxAyACEhMKDHByb2plY3RhZ29yYRCxAyACEhMKDHByb2plY3RhZ29yYRCxAyACEhMKDHByb2plY3RhZ29yYRCxAyACEjwKDHByb2plY3RhZ29yYRDMARonCg85MTkyZjQ4NDNlZmJiMTQQwKIBQOj7AxoDVVNEKAE6BQjKBxBaIAESEwoMcHJvamVjdGFnb3JhELEDIAISLwoGZXpfbWtwEIsCGiAKDzkzZmIwNmNiNWI4ODk2NxAAGgNVU0QoAToECAAQACABEg0KB3J1Ymljb24QPCACEhQKDWFkZm9ybUx1cF9ta3AQ8QEgAhIUCg1hZGZvcm1MdXBfbWtwEPEBIAISFAoNYWRmb3JtTHVwX21rcBDxASACGAIiJDE1MzQzZmM3LTljMDctNGMxZi1iZDE0LTY2OWM5ZTczNmJmMCoCCANA0A8.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
133c42c430634ef18e55f9a24424eb482f87b8df22018fa761334dc3d39bf726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12276
x-xss-protection
0
google-lineitem-id
5816136471,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138374459620,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1202
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ypHLpnwyaVJNdGxSQjJoS3Urd0NVcWZHalhTUkV1ZzkzVVF3eEtMOTJDYzFHN3QrcHpEMUJLekF6eGcwRzh2T0pqcFdZVkYwTS9DSGdMNlZwazBuTTNKZ0tvOTBYUG93MFU4bVhGMk1pQzQ0djAwV3B0NGVaOW9tMXpvND...
342 B
610 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=ypHLpnwyaVJNdGxSQjJoS3Urd0NVcWZHalhTUkV1ZzkzVVF3eEtMOTJDYzFHN3QrcHpEMUJLekF6eGcwRzh2T0pqcFdZVkYwTS9DSGdMNlZwazBuTTNKZ0tvOTBYUG93MFU4bVhGMk1pQzQ0djAwV3B0NGVaOW9tMXpvNDIvYTNxcjU2WEFnaW5kZTVDNnQ5bVpOVjZyUWJ3MnIyby9IKyt2M2cyM0h6V09sbDFxS1FxZWpiai9CbGtObWFGc0xlWFZLam96R1VCTEVoVUZ6SFJocVZmLy9STEE0S0tidG1SL3FwWWtsRWd4ZExoYURBPXw&cppv=2
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
848338f68225700a6b0690345d9aa37331e4baf43e00254bd4212a1a99e6a353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2927
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:24 GMT
location
https://mug.criteo.com/sid?cpp=ypHLpnwyaVJNdGxSQjJoS3Urd0NVcWZHalhTUkV1ZzkzVVF3eEtMOTJDYzFHN3QrcHpEMUJLekF6eGcwRzh2T0pqcFdZVkYwTS9DSGdMNlZwazBuTTNKZ0tvOTBYUG93MFU4bVhGMk1pQzQ0djAwV3B0NGVaOW9tMXpvNDIvYTNxcjU2WEFnaW5kZTVDNnQ5bVpOVjZyUWJ3MnIyby9IKyt2M2cyM0h6V09sbDFxS1FxZWpiai9CbGtObWFGc0xlWFZLam96R1VCTEVoVUZ6SFJocVZmLy9STEE0S0tidG1SL3FwWWtsRWd4ZExoYURBPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1188
content-length
482
expires
0
579.json
id5-sync.com/g/v2/
213 B
617 B
XHR
General
Full URL
https://id5-sync.com/g/v2/579.json
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
e42810fd94a552b202e06ffc55142e75a9ee8c1c4d74d3de3fade0cd6eed81e8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:24 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
any
idx.liadm.com/idex/prebid/
54 B
582 B
XHR
General
Full URL
https://idx.liadm.com/idex/prebid/any
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.87.30 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-87-30.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
98bd7bcc732fdd460d5f3c260db053def974d5186c69ff463c2797940776b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:25 GMT
Vary
Origin
Server
nginx/1.18.0
Request-Time
2
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Connection
keep-alive
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000; includeSubDomains
trace-id
1b74b1815f57315c
Content-Length
54
id
id.crwdcntrl.net/
63 B
332 B
XHR
General
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.127.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-127-205.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6d46cadad7cb8859791732b2d7848012b46eb90e7c5196a645ddc960f2335f2e

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:25 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache
x-server
10.45.7.5
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
envelope
api.rlcdn.com/api/identity/
0
0

integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 17 Jun 2022 16:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=2403437439890120&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=5&adks=3628132982&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D166361619bc6d952%26hb_size%3D300x250%26hb_pb%3D0.23%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504947&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=125&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x0&msz=1110x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
12a0358c18fc2f336e96107524c2be8460ba06217d88f8299bb930fdcacf7541
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12030
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3166056636706455&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=6&adks=2642470887&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D16782c8eae44ee4d%26hb_size%3D300x250%26hb_pb%3D0.25%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504953&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=219&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1110x0&msz=1110x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
c0bcb1b22c981f7fc19ad6cac37054df00d388c899e6ef7d514e780f88528275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12021
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=1437930921138176&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=3860099107&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D1681455c94116c0a%26hb_size%3D300x250%26hb_pb%3D0.19%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504958&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=408&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1090x0&msz=1090x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
36ca1cfebac7a6a1dc1cb09361966ef119755070be4e3c49cea10cf95e61af8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11983
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
51 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=1834685697808375&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&adks=3433929020&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D169b6f7f840d5215%26hb_size%3D300x250%26hb_pb%3D0.27%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504964&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=562&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1090x0&msz=1090x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
5a67ca917cd9174b474a21d728dfa326addb78b94d243fd0a007a2f5ed82b060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11998
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
40 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3419024099146218&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=2118877914&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D170cdb3b0de23a14%26hb_size%3D300x250%26hb_pb%3D0.25%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504974&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=1353&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1090x0&msz=1090x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
388903ba0d2c39b87b1a44b3f244c589312a09b110c5c03b2476bb9afbacd573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10207
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
40 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=1049895157440746&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&adks=2727733476&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D17103cb80f11febf%26hb_size%3D300x250%26hb_pb%3D0.28%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dtrue%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504983&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=650&adys=1488&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1090x0&msz=1090x0&fws=0&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
ea79e7af1cbce493d01d113b0c70893ecbe84bcec018e74dc411c9346e1ed0fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10325
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
65 KB
21 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3799840042392347&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_300s_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=11&adks=4129941547&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_adomain%3Dmarklogic.com%26hb_format%3Dbanner%26hb_source%3Ds2s%26hb_adid%3D1729ad606a95ca37%26hb_size%3D300x250%26hb_pb%3D0.16%26hb_cache_path%3D%252Fpbc%252Fv1%252Fcache%26hb_cache_host%3Dprebid.ams1.adnxs-simple.com%26hb_bidder%3Dappnexus%26anh%3Dfalse%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504990&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
649ea78828a9e5062973ce48fefacbd8296b57a2ffc092ba8f479ea268997e13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21402
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
46 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3894715053694930&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=22181265%3A22305556653%2Cafl_stickyfooter&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&adks=3624952851&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh_count%3D0%26amznbid%3D2%26amznp%3D2%26hb_cs%3Dcurrent%26hb_bd%3D1%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_adid%3D180d63fcef67c633%26hb_size%3D728x90%26hb_pb%3D0.03%26hb_bidder%3Dappnexus%26anh%3Dadhesion%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&abxe=1&dt=1655484504995&lmt=1655484504&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=0&adys=1882&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x1881&msz=728x0&fws=128&ohw=0&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
7048c1634c5911c8484ba0873258ee7af3cd84351f8ad1a2f50fb15a4e14302f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11462
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=ypHLpnwyaVJNdGxSQjJoS3Urd0NVcWZHalhTUkV1ZzkzVVF3eEtMOTJDYzFHN3QrcHpEMUJLekF6eGcwRzh2T0pqcFdZVkYwTS9DSGdMNlZwazBuTTNKZ0tvOTBYUG93MFU4bVhGMk1pQzQ0djAwV3B0NGVaOW9tMXpvNDIvYTNxcjU2WEFnaW5kZTVDNnQ5bVpOVjZyUWJ3MnIyby9IKyt2M2cyM0h6V09sbDFxS1FxZWpiai9CbGtObWFGc0xlWFZLam96R1VCTEVoVUZ6SFJocVZmLy9STEE0S0tidG1SL3FwWWtsRWd4ZExoYURBPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:48:24 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1141
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 06E9
52 KB
17 KB
Document
General
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://a.afly.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44450
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Jun 2022 16:48:25 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 Jun 2022 04:27:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 564312
X-Served-By
cache-lga13629-LGA, cache-hhn4058-HHN
X-Timer
S1655484505.283697,VS0,VE0
async_usersync
ib.adnxs.com/ Frame 06E9
0
867 B
Script
General
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:25 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6e5a909d-8aa0-4877-bfac-2c40b05e6463
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
container.html
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63C5
0
0

container.html
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2E43
0
0

mut
ghb.adtelligent.com/adunit/ Frame 9361
0
0

track
servt.modoro360.com/
0
94 B
XHR
General
Full URL
https://servt.modoro360.com/track?d=Chrome&cou=DE&cos=Windows&r=a.afly.pro&rs=a.afly.pro&sid=77721&t=1655484504&cip=185.213.155.163&sn=&tgt=0&osv=10&bv=102.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=615083ec2eec7c62d8776ba2&test=&aafaid=&proto=https&uid=1655484504298-942280382455-006803-000-006067&cha=0.7&stagid=6140a5a747e57404ec5977fe&stplid=60bceb5ae580aa6950275314&d35=&d36=6.2.31&cb=27523225911&d39=&d9=1000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=225
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=615083ec2eec7c62d8776ba2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.231.197.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-197-99.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Jun 2022 16:48:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012205270638000/
220 KB
61 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205270638000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61483
x-xss-protection
0
server
sffe
date
Fri, 17 Jun 2022 05:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3c2451425189fb5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Jun 2023 05:41:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012205270638000/v0/
14 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
504168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5195
x-xss-protection
0
server
sffe
date
Sat, 11 Jun 2022 20:45:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4bef18b80ae165d1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 11 Jun 2023 20:45:37 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012205270638000/v0/
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205270638000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28898
x-xss-protection
0
server
sffe
date
Fri, 17 Jun 2022 05:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7ca71f15d9979237"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Jun 2023 05:41:01 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012205270638000/v0/
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205270638000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Fri, 17 Jun 2022 05:41:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"67a7e3dd539afea9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Jun 2023 05:41:00 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012205270638000/v0/
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012205270638000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
40044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12940
x-xss-protection
0
server
sffe
date
Fri, 17 Jun 2022 05:41:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8dbbd2e5c9e4f2da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 17 Jun 2023 05:41:01 GMT
css
fonts.googleapis.com/
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:401b:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 15:56:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 16:48:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 16:48:25 GMT
en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 07:29:48 GMT
x-content-type-options
nosniff
server
cafe
age
33517
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
11660698925711390587
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2471
x-xss-protection
0
expires
Sat, 18 Jun 2022 07:29:48 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/
295 B
757 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
24920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sat, 18 Jun 2022 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CTJ5UWbCsYp6SA_mE9u8P_fy20A3_oZPwZqfdub-LEGQQASCG94YmYJXikIKgB6AB9tKC_APIAQGpAopy0M0gFY4-4AIAqAMByAMKqgTsAU_Q9ZnXNEA4ftH12OM1iJNDOJcdc9IOie5oQaAPm5JFPnVry5knRbn1-TqGjjkUew3y7DeQtUMJkUEAGtfpw8TaCSZtGuSkLP17RHiiPG9HnI8H2-ra1XOCJgEUJedtigRFUQ5jS7w2C7HrOYiyYeMAhxMgP1aGjuRHd1fsvCFEfeUDM5AHZZMs8KrCfQ25YU9jd9gr-joTD6sDSe3W13hxQI0m7TeUi3dzjLlxVwofPAN_wdKfLHO4W_arGhJwe2WZqWNM4ay-DyPPIcImLDJbuEZ5HizeqUP5o_NvIv6IaqgHys7f_D-PJWx-wASNyvqm-gPgBAGSBQQIBBgBkgUECAUYBIAH8qz9A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMPtFNIIEQiA4YAQEAEYHTICqgI6AoBAgAoDyAsB2BMH0BUBmBYBgBcBshceChwIABIUcHViLTEwNjI5NzI4NjE1NTMzMDMYgdQc&sigh=o83i5002NBc&uach_m=[UACH]
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

truncated
/
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4221957be7cbc9f89f05a053643bce2cba76b61a0f66d8fedf68b2e677d216e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://a.afly.pro
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
159091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:36:54 GMT
openrtb
adx.adform.net/adx/ Frame
0
0
Preflight
General
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://a.afly.pro
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Fri, 17 Jun 2022 16:48:25 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
bid
ap.lijit.com/rtb/
95 B
743 B
XHR
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e61f219a06207e1f953bca6c757aa9cfdeb81f25c41da2bc03fcb166e6194b0d

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:25 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
100
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
172 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:25 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/
0
131 B
XHR
General
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:24 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
/
ghb1.adtelligent.com/v2/auction/
287 B
547 B
XHR
General
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
f86e28fbc874ad627cbcb7ae4f8e50e40224a55bf2c20c2d1c76b6bdb452abf5

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:26 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://a.afly.pro
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
242
prebid-request
onetag-sys.com/
15 B
357 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://a.afly.pro
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/
14 KB
8 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a3f17c712cd86c18af3c755c579089bf453627e6da67946feaf5065b608cc717
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Jun 2022 16:48:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
09450cc1-a897-4a8a-b719-12cc4d01be1a
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/
18 B
307 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=72390856417
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://a.afly.pro
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/
403 B
721 B
XHR
General
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/a.afly.pro/ROS?rnd=0.665903270187338&e=300x600_0%3A300x600%2B300x600_1%3A300x600&ur=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&pbv=6.7.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&e_pubcid=bea6693e-70dd-4033-9219-c3baf26fc3ed
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
59cf57dc14609bed8c2f7cd674e3a6532ae4cb04bb122ae1f0b688bb21913fe8

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Jun 2022 16:48:25 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://a.afly.pro
expires
Fri, 17 Jun 2022 16:48:25 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
403
x-sid
AMS-739
prebid-request
onetag-sys.com/
15 B
357 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://a.afly.pro
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
openrtb
adx.adform.net/adx/
0
404 B
XHR
General
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:25 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
si
googleads.g.doubleclick.net/pagead/drt/
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: a.afly.pro
URL: https://a.afly.pro/PPgnYCa
Protocol
H2
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

date
Fri, 17 Jun 2022 16:48:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
publishertag.prebid.117.js
static.criteo.net/js/ld/
0
0

multitracking
ghb.aplhb.adipolo.com/adunit/
0
221 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459856/hbw_master_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://a.afly.pro
Date
Fri, 17 Jun 2022 16:48:26 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
activeview
pagead2.googlesyndication.com/pcs/
42 B
497 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVqU7ucG4FAg_VWau3QU1N7YwKOV_Gxu5k0q_x3a4Ip4IZQsyzZZ4pk27ylYhmUNDgqzd8e4I1vjsUfy0piY-nKhsMdbscEFFo-kEmnnj6CyZbv85rHGeyUe0xRsEUrqrQRBfnFL5_YZDdCJRcwFwV3Kc_Rt36KKm-rg&sai=AMfl-YQ6cLN2df_XPcyJKV381_8zrSMXgtVydbyzNomGvnNASKbhkkb_LGENND--h5KgX5Fkdv-5PA9R36C1BWFnCQql4r0fjeTJSnqflh3RatBo8Vv04vVFqSm7wPQ&sig=Cg0ArKJSzPMjmFi5dmJ7EAE&cid=CAASF-RoQ4mir2q-HsGdtSU4rwwOPYF9OJqS&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=3887&tls=4887&g=100&h=100&tt=4887&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3624952851
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
0
0

integrator.js
adservice.google.de/adsid/
0
0

integrator.js
adservice.google.com/adsid/
0
0

integrator.js
adservice.google.com/adsid/
0
0

ads
securepubads.g.doubleclick.net/gampad/
21 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=418824732512587&correlator=3970231466116577&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=21939239661%3A22305556653%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&ifi=13&adks=1539052910&sfv=1-0-38&ecs=20220617&fsapi=false&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1655484505679-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D3424958%26hb_buyer_id%3D18171%26hb_r_id%3D112bb4f7c0071d2d%26hb_site_id%3D10647%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.02%26hb_adid%3D1399fe64efe932a3%26hb_bidder%3Dprojectagora%26excl_cat%3DPREPOST&eri=1&cust_params=wvr%3D3%26wie%3Dtop%26cndl%3D1%26cnrtt%3D0%26cntp%3Dna%26cnet%3D4g%26cnsd%3Dfalse%26wrc%3Dnf%26gpt_l%3D400%26wrap_l%3D1600%26ccp%3Dunknown%26sesdepth%3D1%26page_r%3D100%26padpr%3D21%26idl_envtest%3Dna%26lipbtest%3Dna%26lotamePanoramaIdtest%3Dna%26uids%3Dpubcid%26uids_c%3D1%26waai%3D300%26hbmp_loc%3Dhttps%253A%252F%252Fa.afly.pro%252FPPgnYCa%26waae%3D1200%26pbglobal%3Daaw%26tif%3Dtrue%26lui%3D1s&sc=1&cookie=ID%3D16438d363702a8f2%3AT%3D1655484503%3AS%3DALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg&arp=1&abxe=1&dt=1655484507723&lmt=1655484507&dlt=1655484503377&idt=508&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fa.afly.pro%2FPPgnYCa&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AGkb-H_ZuvGYuRQAlWk1ciaEe5hZUbw7MaGGKxMDxl6CcgcEN9a4ghsR6RwiftzTDITB-Jmk-H7tBMJ0DwOyDTlTfKsbO54suNAWomk%2CAGkb-H9KYixCk7gOTub7gBf9yHSZbjnxU7m6X9LU5lCDH52r%2CAGkb-H_v1bwjj_Mo0N3kiaDijsB3a3vtUin-kk-U2oJBCpdz&ga_vid=2071306809.1655484504&ga_sid=1655484504&ga_hid=1795708186&ga_fc=true&btvi=-1&cbidsp=CukFCAESDAoFc292cm4QhAEgAhIMCgVzb3ZybhCEASACEgwKBXNvdnJuEIQBIAISDAoFc292cm4QhAEgAhISCgxydGJob3VzZV9ta3AQFCACEgkKA2FteBARIAISCQoDYW14EBEgAhIYChFhZHRlbGxpZ2VudE1hcmtldBCHCyACEhAKCm9uZXRhZ19ta3AQCiACEhAKCm9uZXRhZ19ta3AQCiACErYBCgxwcm9qZWN0YWdvcmEQ5wEaoAEKEDEzOTlmZTY0ZWZlOTMyYTMQwKwBQIibBBoDVVNEIgloYl9iaWRkZXIiB2hiX2FkaWQiBWhiX3BiIgdoYl9zaXplIgloYl9mb3JtYXQiCmhiX3NpdGVfaWQiB2hiX3JfaWQiC2hiX2J1eWVyX2lkIg5oYl9vdmVycmlkZV9pZCIJaXNfdm1oYm1wIgloYl9kaXZfaWQoAToGCKwCENgEIAESEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISEwoMcHJvamVjdGFnb3JhEOgBIAISDAoGY3JpdGVvECkgAhIMCgZjcml0ZW8QKSACEgwKBmNyaXRlbxApIAISDAoGY3JpdGVvECkgAhIMCgZjcml0ZW8QKSACEgwKBmNyaXRlbxApIAISDAoGY3JpdGVvECkgAhIMCgZjcml0ZW8QKSACEg0KBmV6X21rcBDQDyADEhMKDWVwbGFubmluZ19ta3AQEyACEhMKDWVwbGFubmluZ19ta3AQEyACEgwKBm9uZXRhZxAKIAISEwoNYWRmb3JtTHVwX21rcBB4IAIYAiIkMjBiYWE1Y2QtYTBmOC00ZDcwLWJjMTgtNjdiYjQ5OTVlN2IxKgIIA0DQDw..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
d503ee324b1259bed68c2fabff75633f30ba32f829de86fa7cd19a7791dad3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 16:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9306
x-xss-protection
0
google-lineitem-id
5504336788
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138326745802
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://a.afly.pro
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:48:27 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1333
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fa.afly.pro%2F&domain=a.afly.pro&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=19gDjHxOTUtaRkpManlIKzhmS2o1ZEJ4bGp5enpjRTJPb2szSHppeEZ3VlpmZ1RCbVJoMzUyNDllTWdrTHRWV1F6b2t3ZUtOczYreVlQSG1hRURMTUZmeXFlRkpxVlYyUkNTR3RMUVJ4Y1d1NWFHQVBiemlyNjU5T2N4SU...
350 B
616 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=19gDjHxOTUtaRkpManlIKzhmS2o1ZEJ4bGp5enpjRTJPb2szSHppeEZ3VlpmZ1RCbVJoMzUyNDllTWdrTHRWV1F6b2t3ZUtOczYreVlQSG1hRURMTUZmeXFlRkpxVlYyUkNTR3RMUVJ4Y1d1NWFHQVBiemlyNjU5T2N4SUVlRUJ2aS9iUXJDbWpxNXdUd2hUSVdSR3hGZmttYW9ETHZDYXJXem5SZVVEM3FGQm15akF4c3R0b20wZ3hlZTQ3bzM3T1E4c2RsWWpUNlJua1hsaXQrT1NHOG5PWElEazVKdGpJQnZtYWFmUWNJSzErZHRjPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2dac86988007b181887579954ba6d37aff8861f3e0fa6fef11422b308f94af1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:27 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2876
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:27 GMT
location
https://mug.criteo.com/sid?cpp=19gDjHxOTUtaRkpManlIKzhmS2o1ZEJ4bGp5enpjRTJPb2szSHppeEZ3VlpmZ1RCbVJoMzUyNDllTWdrTHRWV1F6b2t3ZUtOczYreVlQSG1hRURMTUZmeXFlRkpxVlYyUkNTR3RMUVJ4Y1d1NWFHQVBiemlyNjU5T2N4SUVlRUJ2aS9iUXJDbWpxNXdUd2hUSVdSR3hGZmttYW9ETHZDYXJXem5SZVVEM3FGQm15akF4c3R0b20wZ3hlZTQ3bzM3T1E4c2RsWWpUNlJua1hsaXQrT1NHOG5PWElEazVKdGpJQnZtYWFmUWNJSzErZHRjPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://a.afly.pro
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1538
content-length
482
expires
0
692.json
id5-sync.com/g/v2/
213 B
617 B
XHR
General
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
1e9bb3f52a2477be2067a67e91a33703844448fbadf7515375df58ce4d401095
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://a.afly.pro
date
Fri, 17 Jun 2022 16:48:26 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=19gDjHxOTUtaRkpManlIKzhmS2o1ZEJ4bGp5enpjRTJPb2szSHppeEZ3VlpmZ1RCbVJoMzUyNDllTWdrTHRWV1F6b2t3ZUtOczYreVlQSG1hRURMTUZmeXFlRkpxVlYyUkNTR3RMUVJ4Y1d1NWFHQVBiemlyNjU5T2N4SUVlRUJ2aS9iUXJDbWpxNXdUd2hUSVdSR3hGZmttYW9ETHZDYXJXem5SZVVEM3FGQm15akF4c3R0b20wZ3hlZTQ3bzM3T1E4c2RsWWpUNlJua1hsaXQrT1NHOG5PWElEazVKdGpJQnZtYWFmUWNJSzErZHRjPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 16:48:27 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1190
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
multitracking
ghb.aplhb.adipolo.com/adunit/
0
221 B
XHR
General
Full URL
https://ghb.aplhb.adipolo.com/adunit/multitracking
Requested by
Host: player.aplhb.adipolo.com
URL: https://player.aplhb.adipolo.com/prebidlink/459856/hbw_master_323303_10647.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://a.afly.pro
Date
Fri, 17 Jun 2022 16:48:28 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
cookie_sync
prebid.adnxs.com/pbs/v1/
2 KB
969 B
XHR
General
Full URL
https://prebid.adnxs.com/pbs/v1/cookie_sync
Requested by
Host: cdn.adapex.io
URL: https://cdn.adapex.io/hb/aaw.afl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.252.161.190 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
prebid.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e8a09eb8a09fa9425f281a8addc570f55d5da59302e7f6ae209301a5ae09071c

Request headers

Referer
https://a.afly.pro/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:38 GMT
Content-Encoding
gzip
Server
nginx/1.21.3
Vary
Accept-Encoding, Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://a.afly.pro
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_consent%3D%26...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&f=i&uid=34fe156e16de692bccce41c03dfae1b7
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&f=i&uid=34fe156e16de692bccce41c03dfae1b7
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:38 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2397e0d4-37fe-4938-92bc-7eda57891db8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date
Fri, 17 Jun 2022 16:48:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&f=i&uid=34fe156e16de692bccce41c03dfae1b7
access-control-allow-credentials
true
cf-ray
71cd4622aa2791f0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3...
  • https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
43 B
2 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:39 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ce93594d-4ec5-457a-92b6-cfd43147571f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 17 Jun 2022 16:48:39 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ib.adnxs.com/prebid/setuid?bidder=medianet&gdpr=&gdpr_consent=&f=i&uid=0000EEA
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Jun 2022 16:48:39 GMT
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Drhythmone%26gdpr%3D%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7410115936
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7410115936
Protocol
H2
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 17 Jun 2022 16:48:39 GMT
server
Tengine
etag
RX6fc43fda474c46098a9d42fdabc72dbc003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7410115936
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
setuid
ib.adnxs.com/prebid/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26uid%3D
  • https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=6cf1a0ea-2e51-4b1c-99cd-10ff862026fc&gdpr=&gdpr_consent=&us_privacy=
43 B
2 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=6cf1a0ea-2e51-4b1c-99cd-10ff862026fc&gdpr=&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Jun 2022 16:48:39 GMT
X-Proxy-Origin
185.213.155.163; 185.213.155.163; 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
ceed00dd-bfdf-4a51-b29f-4e199e2f0ce1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/prebid/setuid?bidder=amx&gdpr=&gdpr_consent=&uid=6cf1a0ea-2e51-4b1c-99cd-10ff862026fc&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 17 Jun 2022 16:48:38 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/
0
277 B
Image
General
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D%26gdpr_consent%3D%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://a.afly.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Jun 2022 16:48:39 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
image6.pubmatic.com
URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77727247&p=160993&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1323
Domain
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com
URL
https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com
URL
https://c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
ghb.adtelligent.com
URL
https://ghb.adtelligent.com/adunit/mut
Domain
static.criteo.net
URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Domain
adservice.google.de
URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Domain
adservice.google.de
URL
https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro
Domain
adservice.google.com
URL
https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| googletag object| vmpbjs object| vpb object| gptAdSlots function| removeCustomBanner undefined| customBannerCountdownInterval object| interstitialSlot undefined| staticSlot object| anchorSlot function| vmpbjsChunk object| _pbjsGlobals object| ADAGIO object| aawChunk object| aaw object| teads_analytics object| apstag function| docReady object| mnet object| liQ object| ggeac object| google_tag_data object| google_js_reporting_queue object| aniplayerPos object| wow function| fixHeight undefined| captchaShort undefined| captchaContact undefined| captchaSignin undefined| captchaSignup undefined| captchaForgotpassword undefined| captchaShortlink undefined| invisibleCaptchaShort undefined| invisibleCaptchaContact undefined| invisibleCaptchaSignin undefined| invisibleCaptchaSignup undefined| invisibleCaptchaForgotpassword undefined| invisibleCaptchaShortlink function| onloadRecaptchaCallback function| setCookie function| getCookie object| go_popup function| checkAdblockUser function| checkAdsbypasserUser function| checkPrivateMode object| body string| ad_type object| counter_start_object undefined| selectedTab undefined| clipboard function| setTooltip function| cookie_accept function| $ function| jQuery function| WOW function| ClipboardJS number| seconds object| $seconds undefined| modal undefined| closeModal string| capo object| e string| fetchon object| _0x5c99 function| _0x46e3 function| yucaptcha function| yuidea function| gtag object| dataLayer string| lRoByFecCqis string| LnLeCvSsDc number| ydkopJCgnT number| nHwPxEGWoF number| JSeCsMjWMD number| EGpsSLabzb function| sgsITWttvy object| EzTAHGDZuH number| c2 number| c1 object| dDVYkc9W76sY function| FTCQhRzKYM function| parcelRequire boolean| apstagLOADED object| adipolo object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| com function| _avcp object| google_tag_manager object| _gcio object| ats undefined| google_measure_js_timing object| google_reactive_ads_global_state object| ID5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| GCIO object| recaptcha object| closure_lm_352661 object| storageAni function| onYouTubeIframeAPIReady string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| Criteo object| sas object| apntag object| _ADAGIO object| ampInaboxIframes object| ampInaboxPendingMessages object| ONFOCUS object| AMP_CONFIG object| __AMP_LOG object| __AMP_ERRORS function| __AMP_REPORT_ERROR object| __AMP_MODE object| __AMP_TOP object| __AMP_SERVICES object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS boolean| __AMP_TAG object| AMP function| FormProxy

42 Cookies

Domain/Path Name / Value
licloud.in/ Name: AppSession
Value: 4c2e336dd09fe446bce3c1e42a21d6cc
licloud.in/ Name: csrfToken
Value: 31bacf11196d9c659cf157b508086f240c8b8d40cbe1c64ade6d497832e9e33eb8fb8bb6ca90298e3527990000662ae968b025590681614f8a9f629617d25505
a.afly.pro/ Name: AppSession
Value: 478e116d7189f56ec0a0abc7a1038c15
a.afly.pro/ Name: csrfToken
Value: da9eddad2b6e77b1784e7c6747b8803f37410006f7b72f9e311a286d8018c25a2fe0b567d23dc4c10a44622fa05caac26e6bbebb61201a2c54eb7b5a1c21f44e
a.afly.pro/ Name: app_visitor
Value: Q2FrZQ%3D%3D.NzFiMTY4YWFkODRhMWMwZjg2ZjdmNTI3ODYyMzNkODgxYjdhZWQ1NTc4ZThlMjA2MTUxYjY5MDIyYjA3YTQxMr%2FQ9AhfnPKMX%2BVnoV3NqLlbuyGaARSLSbw%2FnEUErTBoYgrjnETK0k1Gur2nEYYRyG2eSZE1gtHbvsaSxdA%2Fc7l3SUcVrP0wCvExg2WGRCp8
a.afly.pro/ Name: _uc_referrer
Value: direct
a.afly.pro/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
a.afly.pro/ Name: ab
Value: 0
a.afly.pro/ Name: _lr_geo_location
Value: DE
.afly.pro/ Name: _ga_83F4504S3G
Value: GS1.1.1655484503.1.0.1655484503.0
.afly.pro/ Name: _ga
Value: GA1.2.2071306809.1655484504
.afly.pro/ Name: _gid
Value: GA1.2.1528705160.1655484504
.afly.pro/ Name: _gat_gtag_UA_144229328_1
Value: 1
.adnxs.com/ Name: uuid2
Value: 1579449253489900128
.afly.pro/ Name: _pubcid
Value: bea6693e-70dd-4033-9219-c3baf26fc3ed
p2.gcprivacy.com/ Name: gcid
Value: bf47a81d-62bd-404c-9ae2-0aa29675407b
.rubiconproject.com/ Name: khaos
Value: L4IOQARE-L-GD9B
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB11kyuf94bLrT5APvdogVCbaTd6KyMQnau0RTcz8e+19efee31ViEIWZkJkwMflxQjsMyOO1LIWp4Cer9G4lI+csqlSNZOaaDQ=
pbjs.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ANhLKVaOWr8w2Ihg
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6fc43fda-474c-4609-8a9d-42fdabc72dbc-003%22%2C%22zdxidn%22%3A%222069.29%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fservs.modoro360.com%2Fcookiesyncendpoint%3Fpid%3D59c9148628a0612da3689288%26biddername%3D200%26auid%3D1655484504298-942280382455-006803-000-006067%26key%3D%5BRX_UUID%5D%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUkcGBtK_QbVRG2B2tZrJxKRaPrCZJpOM7G9ifMnRV1jTp3xKIutdFPljIo_v8Y
.360yield.com/ Name: tuuid
Value: 18010e05-e261-4acc-a605-d5140af7caa8
.360yield.com/ Name: tuuid_lu
Value: 1655484504
.afly.pro/ Name: __gads
Value: ID=16438d363702a8f2:T=1655484503:S=ALNI_MamkJGcRs4aHAZWZpVQvKKzLLyLzg
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.modoro360.com/ Name: 2_C_56
Value: 0cb14b58-0866-4ce5-92e7-fb78b95abbb5
servs.modoro360.com/ Name: 2_C_56
Value: 0cb14b58-0866-4ce5-92e7-fb78b95abbb5
.modoro360.com/ Name: 2_C_22
Value: 18010e05-e261-4acc-a605-d5140af7caa8
servs.modoro360.com/ Name: 2_C_22
Value: 18010e05-e261-4acc-a605-d5140af7caa8
.modoro360.com/ Name: 2_C_3
Value: GDPR
servs.modoro360.com/ Name: 2_C_3
Value: GDPR
a.afly.pro/ Name: _lr_retry_request
Value: true
a.afly.pro/ Name: _lr_env_src_ats
Value: false
.afly.pro/ Name: panoramaId_expiry
Value: 1655570905019
.liadm.com/ Name: lidid
Value: 525db678-1285-45d6-94bd-a9288258ea58
a.afly.pro/ Name: pbjs_li_nonid
Value: %7B%22unifiedId%22%3A%22gMwLqAS5xRzB98sh_kw-_2Rtaujqm36ZykvG1Q%22%7D
.prebid.a-mo.net/ Name: __amc
Value: 6_1655484503_1655484505
.adnxs.com/ Name: icu
Value: ChgI3uM8EAoYASABKAEw2OCylQY4AUABSAEKGAico3oQChgCIAIoAjDZ4LKVBjgCQAJIAhDZ4LKVBhgC
.doubleclick.net/ Name: DSID
Value: NO_DATA
.afly.pro/ Name: cto_bundle
Value: d9PVdV8zTzlFdXZVNWpCRTRhMThhaVNNVm1wMEMwN3ExaUVSWDZTZXlaQ1RYJTJGSmFMJTJCS3AlMkJLTE9iZDV6UGtmNTdpcllzMk8xajFMVjlQbkJTUDUzOXhxOG9BVXQzcWkxa0U2SW9GVEtudFFiN2xseUo1REtBTzRsQUczd1pkY3BCdU5xbw
.afly.pro/ Name: cto_bidid
Value: JF47rF9LMWFNSTElMkJxY3daSjljQ1U4JTJGTHVYUExubU5oc0wyMWZ0NG1acTVCeVJacWw0N0hwJTJCbjglMkJ3aEFNalhGTW5lZmRIeE9RNUFWcXhCbFd0MmZEMEJxYVNBJTNEJTNE

10 Console Messages

Source Level URL
Text
javascript error URL: https://a.afly.pro/PPgnYCa
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1323' from origin 'https://a.afly.pro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1323
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012205270638000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
security error URL: https://player.adtcdn.com/prebidlink/459856/hb_323303_10647.js(Line 2)
Message:
Refused to load the script 'https://static.criteo.net/js/ld/publishertag.prebid.117.js' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 9)
Message:
Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 9)
Message:
Refused to load the script 'https://adservice.google.de/adsid/integrator.js?domain=a.afly.pro' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 9)
Message:
Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js(Line 9)
Message:
Refused to load the script 'https://adservice.google.com/adsid/integrator.js?domain=a.afly.pro' because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://cdn.adapex.io/
Message:
Refused to frame 'https://ic.tynt.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".
security error URL: https://cdn.adapex.io/
Message:
Refused to frame 'https://onetag-sys.com/' because it violates the following Content Security Policy directive: "frame-src 'none'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.afly.pro
a.teads.tv
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
api.rlcdn.com
at.teads.tv
ats.rlcdn.com
bidder.criteo.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com
cat.hbwrapper.com
cdn.adapex.io
cdn.ampproject.org
cdn.id5-sync.com
cdnjs.cloudflare.com
cloudflare.com
csync.loopme.me
csync.smilewanted.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
ghb.adtelligent.com
ghb.aplhb.adipolo.com
ghb1.adtelligent.com
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
i.ibb.co
ib.adnxs.com
id.crwdcntrl.net
id.halo.ad.gt
id5-sync.com
idx.liadm.com
image6.pubmatic.com
in-appadvertising.com
jscdn.greeter.me
lb.eu-1-id5-sync.com
licloud.in
match.adsrvr.org
mp.4dex.io
mug.criteo.com
onetag-sys.com
p.fervorstech.com
p.gcprivacy.com
p2.gcprivacy.com
pagead2.googlesyndication.com
pbjs.e-planning.net
player.adtcdn.com
player.adtelligent.com
player.aniview.com
player.aplhb.adipolo.com
player.avplayer.com
prebid-eu.creativecdn.com
prebid.a-mo.net
prebid.adnxs.com
prebid.media.net
prebid.smilewanted.com
region1.google-analytics.com
s8t.teads.tv
script.4dex.io
securepubads.g.doubleclick.net
serv.modoro360.com
servs.modoro360.com
servt.modoro360.com
signup.adipolo.com
ssc.33across.com
static.criteo.net
storage.de.cloud.ovh.net
sync.1rx.io
sync.technoratimedia.com
tag.1rx.io
tg1.modoro360.com
tlx.3lift.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
adservice.google.com
adservice.google.de
api.rlcdn.com
c3454652bc38ab6e5ad1cb75edeefd44.safeframe.googlesyndication.com
ghb.adtelligent.com
image6.pubmatic.com
static.criteo.net
104.79.89.16
104.90.161.232
108.156.255.76
13.32.99.89
141.95.4.204
141.95.98.69
143.204.89.3
147.75.85.234
151.101.129.108
162.19.138.119
169.63.109.126
172.67.10.198
178.250.0.157
178.250.2.131
18.156.0.31
18.156.195.47
18.66.122.63
184.87.212.214
184.87.212.24
185.184.8.90
185.33.221.91
192.241.157.60
193.122.128.135
2001:4860:4802:34::36
205.185.216.42
209.205.197.154
213.19.147.42
213.19.147.44
216.52.2.48
216.58.212.162
217.182.228.53
23.20.184.128
23.227.137.155
2602:803:c004:200::141
2606:4700:20::681a:9a9
2606:4700:3031::ac43:dd45
2606:4700:3033::ac43:9eb0
2606:4700::6810:85e5
2606:4700::6810:f44e
2606:4700::6811:190e
2606:4700::6812:272
2606:4700::6813:ac6c
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:401b:80d::200a
2a02:2638:1::13
2a02:26f0:ef:28a::2c79
2a02:26f0:ef::5f65:4d5b
2a02:26f0:f7::5c7b:e1a5
2a02:26f0:fb:1b2::26e5
2a06:98c1:3121::3
3.210.87.30
3.67.209.155
34.107.148.139
34.149.20.76
34.201.234.123
34.231.197.99
34.254.107.25
37.157.4.29
37.252.161.190
45.133.44.3
45.133.44.4
46.105.202.126
46.249.52.248
51.38.120.206
52.205.46.89
52.213.127.205
52.223.40.198
54.203.27.146
04649d5e5371af4731fef52e6d13d09138f5b7c15a51f317502f4a6c045b36bd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05f5b72e1e9f8430f1715c4d47020c01d37856c2d798dac75bb15d9895f524c3
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0ff739da0c58814db5c76a31a8682501cf62947832dc71be75a2c3a2e4d0402e
1202244237cd65d8fcfa7f983d947f435d45b57f2f6dd671f5f6fdc723730b44
12a0358c18fc2f336e96107524c2be8460ba06217d88f8299bb930fdcacf7541
133c42c430634ef18e55f9a24424eb482f87b8df22018fa761334dc3d39bf726
19521f51ffa72850ea9b0fd87487088a05efa2b563ac0def21bf7a8cb0fa5512
19f837b3071299c27f3122f9b77c79dbf95b3ccd3ec3c140be9d70375dec56a7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e9bb3f52a2477be2067a67e91a33703844448fbadf7515375df58ce4d401095
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
218787638817e37992f8c5df113784c7f30a0deaa9abb296a029112d81a8cdce
2ca578654a67c3ed5ea8829a1abf06e75922e673b6cebc92b4ddb97717a2d654
2dac86988007b181887579954ba6d37aff8861f3e0fa6fef11422b308f94af1c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f20abf047ba134cac36907cd197069bc9bcab63bf285edeb47cfa13ad1e2145
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
36ca1cfebac7a6a1dc1cb09361966ef119755070be4e3c49cea10cf95e61af8d
373cc0357b36ee131c453022d528dc253a02e3365c3b1f872dc328d332239f61
388903ba0d2c39b87b1a44b3f244c589312a09b110c5c03b2476bb9afbacd573
3ade6aed9a139e9889ea147a9d7e2145f5c77dd7823dc5621eba60a5a3fa5293
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4221957be7cbc9f89f05a053643bce2cba76b61a0f66d8fedf68b2e677d216e4
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
467b90f80e743bfd4c6d0a69cf9e59f7e6f88e62774c0a8c8814cd9cf99d8025
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4dad77fca0497f956cc3fc0b09ab118de89263fd00b115941d88afe96ebc3361
4e17cf51a84644146c4d99f513f3565fccbe6bd0a88f249f70e14a518bd24f87
4fb80b7bf623f709e8773d63406d7d20cbb8dda584d2259f86b7cc94050923d1
51310f9f30077e7818e6b290aae0692724791cb33999d75f916d9d623635b42a
537fa000b241ddfa017657c8abdf139de4327463bce527e5f2c5099f08fbe10a
5600661e23633f79567ba0dd40405c7df49526b31b8f88e7a5c7b5a8f7de9cc6
59cf57dc14609bed8c2f7cd674e3a6532ae4cb04bb122ae1f0b688bb21913fe8
5a67ca917cd9174b474a21d728dfa326addb78b94d243fd0a007a2f5ed82b060
5baa961f5266071886fa449db783175a8d248d37c8dddec1709d567b95cd77ae
614a851e2956eaa1238d5c06556946906d910e237f76ad3ecdc657cab60ff367
649ea78828a9e5062973ce48fefacbd8296b57a2ffc092ba8f479ea268997e13
65f8a23069807473f5609822a2ef6509afb6384a87695fa4b87e54a86e8c603a
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bde58cffd1d1fe98fb3dd1c9038498d0265df34bbfc642e8acba7f84c6e983e
6d46cadad7cb8859791732b2d7848012b46eb90e7c5196a645ddc960f2335f2e
7048c1634c5911c8484ba0873258ee7af3cd84351f8ad1a2f50fb15a4e14302f
70ac3fa284460d57cf171bd3578ff530c0cb871520d5154cfade1b508ba83acd
71c7a28033b54fac3e87f3a39b87107be7026ef9180043d997dd7a6cec45bdc6
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
78e13001bbc9c6b06ffa301191bd9e762226ed69f84e53f956d16e54f4408c7c
7953eaab5e8d1a017a1b9618bbef7b2a62cb3c953182445c7a40251471dff926
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7c308f9804358119c061f644f79d79a30db9dd052957401cb96bdb27ede5ebbd
7c90b7a4f8c84004ed9a67e2c12818ff8027d621f87737bb9108176d5c293fcc
7f3a41f35cee6aed738db522abe8f4b8c711c69e5284abf34e71e9e48d71e7d5
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
808972526d5d78abd62227a19786f22daf47e4b6523dff4ae93629cbeefab1b5
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
83aed14aa2ba2a0be743b81973c1b29490c65a211d944636b369fa765e0b6328
848338f68225700a6b0690345d9aa37331e4baf43e00254bd4212a1a99e6a353
84b5ab490c6f8b9a10d7ede6fcd91229e81ea2706c23f2912de33ef7a1ff4245
852593ea1830ce3d6821822385a17af199442f4938b588ed7c84942c351d9f16
88156593eff159f60d89ae065edc04e3ceb759b26d930cfe9ba3c7e589ee438c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb8cd9563129f2fcaaf20476bf10694cbba9607e670bb76d74d1f8ecbab9629
9349b46d2d5c59b60083217f00327f7f7ca3312cb9cd20ba819a2f9bf8906782
96ab442b9eaf944431264da944dc44d0ca98bc0a97108187c823bedaa2922229
977b0713053027e3a380b0f1489257a6c57e25fe850c19ceb1c603bf1782c480
978bb6a80446b3d854f21aee81ea83462c7c210967a16ec7ab621e34a9c073f0
98bd7bcc732fdd460d5f3c260db053def974d5186c69ff463c2797940776b743
9b48059ab5589ce79f01c0489b5afd77e755b0307719f41d37f929d0976bb5fb
9d41bb881a53e0debdb0ab84039cd54317824d663ee9a90c241b13c109c19610
9d807c16e2160c2660ffd43bf8b8bc54eb39ecd044e823209c0ade70db965d5a
9edef42a0cc4ba9a6629679d9c8695bbafbe64701cf0b1353b6f2d2260b97625
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a0a41b0ceacf4f6f406f1b3cd1df48443fbb87fdf45d64169f5cba2e1ee54039
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f87574360ed92506f4aa3dcb6c2aff905e96dce9313a989102a3002b162d20
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a3f17c712cd86c18af3c755c579089bf453627e6da67946feaf5065b608cc717
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4da6305d723961c26388648ff84f83dd1af9edf75ceb1c3f78001686c1bd07e
a69773467fe39544d085dce7f6b88660b00ffc8e28508bfb474354e7e76a30b3
a6aedfc33b023e9886aa2ef638b395c8dbdc0476e4a6b5a20352f7054eddcb2b
a6b14a7c0ba32d87a77013ffae9a086bbc0516a806496934fdcd6d00ab6e96cb
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
abbc9188a88031ac44b861e0c23bdb342107b93d4a59afd12505360678d87896
aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
b13c284d8d15523bd7ebce4afd286397cf2e82cafe72c0398f2d1724d60102af
b2d878b667d54c03cad23bf230559cab36e53baa5ddff26ddbadd4f275ccb53e
b33ef452b57bede722776b1432be568c083cd38efbcfe92491d71abfcd3fafa0
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b5d72017a59e0ef725206093beae3ba17d7249acf2ea8fde7a4c24149c34277e
b7edcb208c06fdab1e723d10fe42a4b9122ca6fd7ad6f001afd794a7cd6b0357
b81b496425cdbd2f2277d81e65f81edfe2cd36d8d2a992d2217ff4e2eb6d80de
b9772148a654d1b1d44ea23d5acfee0f8708ca41bfd67159cb3b47f1c33db3fe
bb619ed51448a1da3305a765bd0f03477bca62295de9603b7c4f707f86b48101
bef3b3bb6328ad375436ec0748fde9b3276755ab6ab64a7252a1a34be65387de
c0bcb1b22c981f7fc19ad6cac37054df00d388c899e6ef7d514e780f88528275
c1372a619189a59fd566368e36784e9e7805023bb5f7e98f730c42b4c2c82b11
c880d9a7bc5d8948ea7fe7c4192157b7aeda2c37851c46d2948970edfc7757ce
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cb4ede43bd7ccfea495fa09e302b5400b02653f1bc37286b6fa2cb39cb9b524f
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d201bb3b6a9b5c4572b54ff8cd188b8e77374e1694fead0bccd6606ffa147b2d
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d503ee324b1259bed68c2fabff75633f30ba32f829de86fa7cd19a7791dad3fc
d53fdc4c20e3a6d0cb1fc824d0d05625345003ecd86133a00cf5111d502680da
d57700c43d82aa3e0d84faf5a2548bc521d5b4ca19c75862f460c7b36b1bac7d
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e2598751639a254b3c54ab5d1cdd4e601c0203acbe56e4f33ad5ff4e4b447f20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42810fd94a552b202e06ffc55142e75a9ee8c1c4d74d3de3fade0cd6eed81e8
e4aecfb2fb4a5ed820b368ba9d25c5f14968f012e036e6b5579d937b81ad2dc6
e4e735eaeeb3dcf7bfe26c0a6990d0e162bdcd06cacab1ba8ee0c234ddae328f
e61f219a06207e1f953bca6c757aa9cfdeb81f25c41da2bc03fcb166e6194b0d
e8a09eb8a09fa9425f281a8addc570f55d5da59302e7f6ae209301a5ae09071c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e960f16dce807f9e729b178b83d29337b9a5e6bbbf9bd6a7866ba09c0b66dae3
ea79e7af1cbce493d01d113b0c70893ecbe84bcec018e74dc411c9346e1ed0fd
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed04819f5429616e4dfe98a16a2e3677d3360c89fa7379f063cc1f03ca64a94f
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02774706ad5ed7a4923248eeb6c71c23079e6ed71a3526453a88f1780806276
f2e1ea8f5bb08ee03296e6008f3c93e2031dfcfd9183e2338e755c2acb8dddac
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f70e19eb47044dc28778ea6e3215b5d69b94887e54dd2019752692baef13489a
f86e28fbc874ad627cbcb7ae4f8e50e40224a55bf2c20c2d1c76b6bdb452abf5
f9956b981c98afada1ab9247d8df9619aecdb00b0078f79c079b3685311a7ab1
fa922318bc71aa16dfa3b8432274a29bc40099056f14f05974bb7b3ae6a1283f
fabb409cb851ec0674d4e4c618e5aafeb7f9698a1dfb6c59bc1687490acbb007
fb20da3761f50927006a6f6303ae6fceec0b3cb5f4c532ba5845bcd5392112d8
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
feb93e74117b9c26371cd10c823414fbd03fae78f6bf3a8650fcbb2b3b7721d9