kinoxits.net Open in urlscan Pro
87.236.16.8  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://counter.yadro.ru/hit?t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8071450009685188 HTTP 302
• https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8071450009685188

Request Chain 60

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9424.u8q3dzfy3iq3cGhCGuRCWQd6P7byA0fdLY7IUmDVdIHooInHU1xx5cUnXO0D7IEQ.c5gyfUalfsPM4hzhnAbF7OQPdpc%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9424.dXYvBnJRCeScZ4r57pgEbXnGki2hHfXNKpBd0SZtsONCG6s4dzniSu_j5DJ9y8e2xCSzWVISnIO3Si8eYsoHnQ%2C%2C.MbOEO6ROujyH6xexY8QmObbikCs%2C

Request Chain 64

• https://pixel.onaudience.com/?partner=137085098&mapped=51A016340616321770E8AFE5B5D1175E HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
• https://pixel.onaudience.com/?partner=147&mapped=26b2340d-7f7a-445d-990a-ec7ef1176a2d&icm HTTP 302
• https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
• https://tags.bluekai.com/site/33141?&id=a9ebb1a66cb9d7ae

Request Chain 68

• https://mc.yandex.com/watch/71378167?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1378321569027%3Ahid%3A200108393%3Az%3A0%3Ai%3A202101012180033%3Aet%3A1634061633%3Ac%3A1%3Arn%3A231557864%3Arqn%3A1%3Au%3A1634061633647687361%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634061631347%3Ads%3A62%2C115%2C412%2C1%2C1%2C0%2C%2C1249%2C14%2C%2C%2C%2C1851%3Adsn%3A62%2C114%2C413%2C1%2C%2C0%2C%2C1252%2C15%2C%2C%2C%2C1850%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634061633%3At%3Adanielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip HTTP 302
• https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1378321569027%3Ahid%3A200108393%3Az%3A0%3Ai%3A202101012180033%3Aet%3A1634061633%3Ac%3A1%3Arn%3A231557864%3Arqn%3A1%3Au%3A1634061633647687361%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634061631347%3Ads%3A62%2C115%2C412%2C1%2C1%2C0%2C%2C1249%2C14%2C%2C%2C%2C1851%3Adsn%3A62%2C114%2C413%2C1%2C%2C0%2C%2C1252%2C15%2C%2C%2C%2C1850%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634061633%3At%3Adanielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip

Request Chain 92

• https://id5-sync.com/s/19/9.gif?puid=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1 HTTP 302
• https://id5-sync.com/c/19/19/9/1.gif?puid=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&gdpr_consent= HTTP 302
• https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
• https://tags.bluekai.com/site/5907?limit=0&id=71e3a7bbd8e42c0490bdd4aeb52c9e56&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
• https://id5-sync.com/c/19/224/7/3.gif?puid=3589309544358786890&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzcxNDQ5MzVjMGQzMTIzZWQ0YzhiYzFjODFiYmJkNjc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ

Request Chain 95

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4c032d48-a017-486b-9df7-029ac29cb4da

Request Chain 96

• https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0 HTTP 302
• https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0&xl8blockcheck=1

Request Chain 98

• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c7144935c0d3123ed4c8bc1c81bbbd67&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=c7144935c0d3123ed4c8bc1c81bbbd67&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13400507587440989861429058917784392112

Request Chain 102

• https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67 HTTP 302
• https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67

Request Chain 103

• https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
• https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164871103937000336482

Request Chain 104

• https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
• https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
• https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5ee89fd7-848d-4ba9-be20-a3da501db8fa?gdpr=1&gdpr_consent=

Request Chain 105

• https://ps.eyeota.net/match?bid=51mdg9u&uid=c7144935c0d3123ed4c8bc1c81bbbd67 HTTP 302
• https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=c7144935c0d3123ed4c8bc1c81bbbd67 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVkTHd0THNDUE96OHRnUDN1ZGdyWDRGSWwxZG9PdjFBTEtONlVjd1NaSXM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESENMuH36Wag11XwbF08Q4Q9I&google_cver=1 HTTP 302
• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3589309544358786890&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://ps.eyeota.net/match?bid=7vi0rg0&uid=9f0a6165-cd43-4600-b18a-6c5045e9a864&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
• https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YWXNQwAImLamVwAT HTTP 302
• https://ps.eyeota.net/match?uid=YWXNQwAImLamVwAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YWXNQwAImLamVwAT HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
• https://ps.eyeota.net/match?uid=26b2340d-7f7a-445d-990a-ec7ef1176a2d&bid=1e2n4ou

Request Chain 106

• https://dt-secure.videohub.tv/v1/usync/lo HTTP 303
• https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5e244004851ef9f4ac730f44b4e2acf3

Request Chain 108

• https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=9f0a6165-cd43-4600-b18a-6c5045e9a864

Request Chain 109

• https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
• https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=42bf55b2-f093-40b3-90f6-155ce23caf2d-6165cd43-5553

Request Chain 110

• https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
• https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
• https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=tuCtMv4b1MAm4P5

Request Chain 111

• https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YWXNQwAAAEZNXgA6 HTTP 302
• https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YWXNQwAAAEZNXgA6&_test=YWXNQwAAAEZNXgA6

Request Chain 114

• https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c7144935c0d3123ed4c8bc1c81bbbd67/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
• https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7624534810482751306

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response kinoxits.net/user/danielway48/	41 KB 13 KB	590ms 413ms	Document text/html	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / PHP/5.6.40 Resource Hash 5ed2226be86d8c18e13e7e19390a7940031d82454ee0bb6f99a376896c996610 Request headers :method GET :authority kinoxits.net :scheme https :path /user/danielway48/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx-reuseport/1.21.1 date Tue, 12 Oct 2021 18:00:31 GMT content-type text/html; charset=utf-8 vary Accept-Encoding x-powered-by PHP/5.6.40 set-cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219; path=/; HttpOnly expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache content-encoding gzip
GET H2	200	actualize.js Show response partnercoll.github.io/	3 KB 2 KB	34ms 6ms	Script application/javascript	185.199.111.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://partnercoll.github.io/actualize.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.111.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-111-153.github.com Software GitHub.com / Resource Hash f2afe5479f953f56df0927aabc69d251a8dac7a24e30d39f50d5d9c21f2edaf4 Security Headers Name Value Strict-Transport-Security max-age=31556952 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-fastly-request-id af16d3529654138f8b520103fb6b4e65b9bc2d6d strict-transport-security max-age=31556952 content-encoding gzip etag W/"61487130-bb2" age 124 x-cache HIT content-length 1463 x-served-by cache-hhn4059-HHN access-control-allow-origin * last-modified Mon, 20 Sep 2021 11:32:00 GMT server GitHub.com x-github-request-id EBD0:EEF2:7F4991:821887:61551B12 x-timer S1634061632.058887,VS0,VE0 date Tue, 12 Oct 2021 18:00:32 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Thu, 30 Sep 2021 02:14:02 GMT cache-control max-age=600 permissions-policy interest-cohort=() accept-ranges bytes x-proxy-cache MISS x-cache-hits 7
GET H2	200	playerjs.js Show response goldfilm.net/	224 KB 91 KB	210ms 99ms	Script application/javascript	31.31.198.39 AS-REG
General Check archive.org Show headers Download Go to Full URL https://goldfilm.net/playerjs.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 31.31.198.39 , Russian Federation, ASN197695 (AS-REG, RU), Reverse DNS server244.hosting.reg.ru Software nginx / Resource Hash c8f573d61b63c7f169a1209bb7fda1c740556c3655bd918d3ee949026bc7a6b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Thu, 10 Dec 2020 20:35:55 GMT server nginx etag W/"5fd286ab-37f9a" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control max-age=3888000 strict-transport-security max-age=31536000; expires Fri, 26 Nov 2021 18:00:32 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	130ms 63ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash df25a89baab0bfb1e5b93eaf49ca951ab0ff0dc5bdd63357250b5706b99db798 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51374 x-xss-protection 0 server cafe etag 7667996485004739214 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 39 KB	106ms 48ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-156485311-1 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash ee51685a025f32305b856888738400f22d7e8ed90c3a3806624372c5a3fec649 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38984 x-xss-protection 0 expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	styles.css kinoxits.net/templates/MOVIEBOX_DARK/css/	64 KB 14 KB	60ms 59ms	Stylesheet text/css	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash ae8cce0b0669afcaeebf073c582790b065c1d333bd48418fdba9f993482980b5 Request headers :path /templates/MOVIEBOX_DARK/css/styles.css pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Thu, 11 Feb 2021 19:56:23 GMT server nginx-reuseport/1.21.1 etag W/"60258be7-10023" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	engine.css kinoxits.net/templates/MOVIEBOX_DARK/css/	129 KB 36 KB	60ms 59ms	Stylesheet text/css	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash b0c10ad565d9d7fc3e082ee33cc7a5d3e8906789640deabcf2de4fabeeead90c Request headers :path /templates/MOVIEBOX_DARK/css/engine.css pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag W/"601b74e4-20237" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	63ms 25ms	Stylesheet text/css	216.58.212.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US), Reverse DNS ams15s22-in-f10.1e100.net Software ESF / Resource Hash da5f3c964672c3c16cee672fd13145f4219b5e4dc48f2bf851d5af1285cb6128 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Oct 2021 18:00:32 GMT server ESF date Tue, 12 Oct 2021 18:00:32 GMT x-frame-options SAMEORIGIN report-to {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cross-origin-opener-policy-report-only same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk" expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	037-KINOXITS.gif i.ibb.co/KVZF7dt/	4 MB 4 MB	64ms 17ms	Image image/gif	146.59.152.166 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/KVZF7dt/037-KINOXITS.gif Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.59.152.166 , France, ASN16276 (OVH, FR), Reverse DNS i.ibb.co Software nginx / Resource Hash e0696668a639172d10213801ad2d984f4acccaef580057e6d1aecad8dadf325d Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Mon, 09 Aug 2021 09:57:39 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 4355181 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	mosbet%20900x100Catfish.gif kinoxits.net/banner/	91 KB 92 KB	68ms 64ms	Image image/gif	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/banner/mosbet%20900x100Catfish.gif Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash f4dbca8da16899f9f4180f0bb04c5b14f661bc9fc12c87698c1cee154ce2ef65 Request headers :path /banner/mosbet%20900x100Catfish.gif pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Fri, 11 Jun 2021 10:36:51 GMT server nginx-reuseport/1.21.1 etag "60c33cc3-16da2" content-type image/gif cache-control max-age=2592000 accept-ranges bytes content-length 93602 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	200	900x100.gif i.ibb.co/BV8DGXq/	72 KB 72 KB	64ms 17ms	Image image/gif	146.59.152.166 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/BV8DGXq/900x100.gif Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.59.152.166 , France, ASN16276 (OVH, FR), Reverse DNS i.ibb.co Software nginx / Resource Hash 1b1521cbf2c4284a8e107c202e45a4fcf655cb6093f1f3a432724c7cf265e843 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Wed, 08 Sep 2021 05:05:20 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 73529 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	noavatar.png kinoxits.net/templates/MOVIEBOX_DARK/dleimages/	2 KB 2 KB	68ms 64ms	Image image/png	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/dleimages/noavatar.png Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 21103b10d89449ac9db3d5db945080082d43b12c28107b9d19b6a88cf670a0ed Request headers :path /templates/MOVIEBOX_DARK/dleimages/noavatar.png pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag "601b74e4-7df" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2015 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	404	default.js kinoxits.net/engine/skins/	0 0	61ms 60ms	Script text/html	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/skins/default.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash Request headers :path /engine/skins/default.js pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT server nginx-reuseport/1.21.1 content-length 297 content-type text/html; charset=iso-8859-1
GET H2	200	logo.png kinoxits.net/templates/MOVIEBOX_DARK/images/	31 KB 31 KB	67ms 64ms	Image image/png	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/images/logo.png Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 8a427847e1150f6a630e0d196f85b5da5b1d3652fe11d2c3dc85c63ff219035f Request headers :path /templates/MOVIEBOX_DARK/images/logo.png pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag "601b74e4-7ce9" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 31977 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	200	3_1_FFFFFFFF_EFEFEFFF_0_pageviews informer.yandex.ru/informer/71378167/	1 KB 2 KB	111ms 36ms	Image image/png	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://informer.yandex.ru/informer/71378167/3_1_FFFFFFFF_EFEFEFFF_0_pageviews Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash d4e247d2a3a73e16ee4d4f17b98d77835df5e74e682c3aaa9fb96dc4805efe48 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 last-modified Tue, 12-Oct-2021 18:00:32 GMT content-type image/png cache-control private, no-cache, no-store, must-revalidate, max-age=0 content-length 1444 x-xss-protection 1; mode=block expires Tue, 12-Oct-2021 18:00:32 GMT
GET H2	200	c.js Show response waust.at/	12 KB 6 KB	100ms 29ms	Script application/x-javascript	104.26.5.7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://waust.at/c.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.5.7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2797 last-modified Mon, 03 May 2021 17:48:47 GMT server cloudflare etag W/"6090377f-2f8d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8d0%2ByThtBYPWdfna7clR85SheTUGr2GCjVQQJJN0n%2Fq3a4zUmwGy7g6mSKi7jYEMXmEFTwWdJg3Nil6lZbi1w4ZIJALsLuvvVDqrWLF1h44oOmk3Ja5wiuFV"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf-ray 69d23a7318495403-LHR expires Wed, 13 Oct 2021 17:13:55 GMT
GET H2	200	default.css kinoxits.net/engine/editor/css/	2 KB 915 B	65ms 64ms	Stylesheet text/css	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/editor/css/default.css?v=26 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d Request headers :path /engine/editor/css/default.css?v=26 pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Wed, 03 Feb 2021 18:51:46 GMT server nginx-reuseport/1.21.1 etag W/"601af0c2-9ab" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	jquery.js Show response kinoxits.net/engine/classes/js/	84 KB 29 KB	62ms 61ms	Script application/x-javascript	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/classes/js/jquery.js?v=26 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Request headers :path /engine/classes/js/jquery.js?v=26 pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Wed, 03 Feb 2021 18:51:46 GMT server nginx-reuseport/1.21.1 etag W/"601af0c2-14e4a" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	jqueryui.js Show response kinoxits.net/engine/classes/js/	94 KB 27 KB	67ms 65ms	Script application/x-javascript	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/classes/js/jqueryui.js?v=26 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash a8fb761046658f69cf76644463af836dc85c492bcabc43793ab6fbe4f9e2f21b Request headers :path /engine/classes/js/jqueryui.js?v=26 pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Wed, 03 Feb 2021 18:51:46 GMT server nginx-reuseport/1.21.1 etag W/"601af0c2-177c0" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	dle_js.js Show response kinoxits.net/engine/classes/js/	33 KB 7 KB	67ms 65ms	Script application/x-javascript	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/classes/js/dle_js.js?v=26 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 17b7e53b981c41f5183fd23e96462bb23774706dfbac95f47492a8a14250415c Request headers :path /engine/classes/js/dle_js.js?v=26 pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Wed, 03 Feb 2021 18:51:46 GMT server nginx-reuseport/1.21.1 etag W/"601af0c2-84bd" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	libs.js Show response kinoxits.net/templates/MOVIEBOX_DARK/js/	86 KB 25 KB	61ms 59ms	Script application/x-javascript	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/js/libs.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 92ceaee1d3af4a639f5c1fab550009f1224b30e3dfd9caecad23c471541d57e3 Request headers :path /templates/MOVIEBOX_DARK/js/libs.js pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 04:15:34 GMT server nginx-reuseport/1.21.1 etag W/"601b74e6-159f1" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	share.js Show response kinoxits.net/templates/MOVIEBOX_DARK/js/	97 KB 33 KB	66ms 63ms	Script application/x-javascript	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/js/share.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 6257df35087b8470c682924d6cb3769e316d5375dba54fba14ffe95f2fb1d2cc Request headers :path /templates/MOVIEBOX_DARK/js/share.js pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip last-modified Thu, 04 Feb 2021 04:15:34 GMT server nginx-reuseport/1.21.1 etag W/"601b74e6-183d6" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Tue, 19 Oct 2021 18:00:32 GMT
GET H2	200	fe271d92aa.js Show response use.fontawesome.com/	9 KB 4 KB	619ms 118ms	Script text/javascript	172.67.214.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/fe271d92aa.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash baf2c878746725481a09ba009c48e1175c54de4032b7fa50f2aaa4253542efbf Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4506 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 6PGFFZ44DG41TA3M x-amz-id-2 ff860s+kwOUmX6zaFi3qK6L1DOsQQtpo9Z1eaI8NeQ3QbltskWprgKdAc2MhnWSKWZLx7f/pqG0= last-modified Thu, 01 Jul 2021 20:44:43 GMT server cloudflare etag W/"8c6940d05a8f6c8050213b6af539b94a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpsCY2cnD1R5fggUJNRtc7LGqtaoKepxX5B8faGnIa%2Bw0%2BhKpgqVzLe6BfzI1IyORj5dCph4TrDveZ8d7MS3dC6YZmC80PbQZ1uB4LQfgnvqjwLw47OWUYRY8uy0wLRwPhwhQRY2"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=1800 cf-ray 69d23a75f84a59df-IAD
HEAD H/1.1	200 OK	ping test.takedwn.ws/	0 0	55ms 14ms	Fetch text/plain	51.210.156.174 OVH
General Check archive.org Show headers Download Go to Full URL https://test.takedwn.ws/ping Requested by Host: partnercoll.github.io URL: https://partnercoll.github.io/actualize.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 51.210.156.174 , France, ASN16276 (OVH, FR), Reverse DNS ns3177961.ip-51-210-156.eu Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 12 Oct 2021 18:00:32 GMT Server nginx Connection keep-alive Access-Control-Allow-Headers * Content-Length 0 Content-Type text/plain
GET H2	200	player stats.myangular.life/	0 87 B	59ms 14ms	Image text/plain	138.201.57.104 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://stats.myangular.life/player?hit=script&sub=actualize&host=kinoxits.net Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 138.201.57.104 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.104.57.201.138.clients.your-server.de Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Tue, 12 Oct 2021 18:00:32 GMT server nginx content-length 0 content-type text/plain; charset=utf-8
GET H2	200	gtm.js Show response www.googletagmanager.com/	78 KB 31 KB	137ms 82ms	Script application/javascript	142.250.184.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N7HRDSR Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f8.1e100.net Software Google Tag Manager / Resource Hash 30d9ee36e526cb4166b5fd4a038ed66856d50403d3428bd9283a1845c5ccb7f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31735 x-xss-protection 0 expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	NTI5OA==.js Show response brdmin.com/js/	1 KB 1 KB	132ms 79ms	Script application/x-javascript	104.21.40.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://brdmin.com/js/NTI5OA==.js?r=4209793319.5777016 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.40.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.18 Resource Hash 515048287a859ea3f2a6c53d0638e23ad55ef0f8938bc5bd06ff0950c50cfd7f Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br cf-cache-status BYPASS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.18 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwBBLYk3tTQsWJ3lxtveHz7%2B0Xzp8WFbVs%2FuXW1k3gKzeSpbYABOS23Yu3jP4yDiE38zYcerXncOyAXlXxq62ToL2MRLM%2FkCaTQXeYdOhk3RMMj0VOU7pKGMVr%2B9"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" access-control-allow-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 access-control-allow-credentials true cf-ray 69d23a72fd5c3bbc-CDG content-type application/x-javascript; charset=utf-8
GET H2	200	bg2.png kinoxits.net/templates/MOVIEBOX_DARK/images/	4 KB 4 KB	125ms 125ms	Image image/png	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/images/bg2.png Requested by Host: kinoxits.net URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 3329a1b7df435c94f0ce0ad7fb684813d4556d8bcf4e32ccd867b84d1ec71d95 Request headers :path /templates/MOVIEBOX_DARK/images/bg2.png pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag "601b74e4-1099" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 4249 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	200	iJWKBXyIfDnIV7nBrXw.woff2 fonts.gstatic.com/s/rubik/v14/	33 KB 33 KB	99ms 40ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v14/iJWKBXyIfDnIV7nBrXw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash 815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://kinoxits.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 06 Oct 2021 03:46:39 GMT x-content-type-options nosniff age 569633 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33620 x-xss-protection 0 last-modified Tue, 29 Jun 2021 19:46:35 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 06 Oct 2022 03:46:39 GMT
GET H2	200	w.php Show response mrelko.com/j/	280 B 487 B	169ms 105ms	Script application/x-javascript	172.67.182.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mrelko.com/j/w.php?id=2544&r=0.5077932919998609 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.18 Resource Hash fb70608a915d6d59374a363ddb7f64ada485222ff0638c36345fffd2e49d523f Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.18 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnkGcklMgN7g3my7l3Y8qAFKk7xhAsg2VyjFYg5pKD2%2BgQEmjTDAlIwGm%2BWht%2BKPzxHkD0mDAZFDDYAYDIPDebYxIxy7encnLjS4XRMhyfzSsn1AyA9g6%2Bk8B33F"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript; charset=utf-8 access-control-allow-origin access-control-allow-credentials true cf-ray 69d23a733c0265cb-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	w.php Show response mrelko.com/j/	280 B 840 B	163ms 103ms	Script application/x-javascript	172.67.182.205 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://mrelko.com/j/w.php?id=2546&r=0.29874809377591927 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.182.205 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.18 Resource Hash fb70608a915d6d59374a363ddb7f64ada485222ff0638c36345fffd2e49d523f Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.18 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COQp7w2s%2B1c%2BKiOXAkE2CQS%2BCOYXASaaCq7ZSPF%2BvEVM65UefW5nj6lXpwYOpogfxjEn6SLCz%2Bs%2FoQYEsqVbcHw%2BClintBUAbsmv5JzHeJez2xfbwaMXEH4fLY7u"}],"group":"cf-nel","max_age":604800} content-type application/x-javascript; charset=utf-8 access-control-allow-origin access-control-allow-credentials true cf-ray 69d23a733c0765cb-LHR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	404	fa-regular-400.woff2 kinoxits.net/templates/MOVIEBOX_DARK/webfonts/	0 0	89ms 89ms	Font text/html	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff2 Requested by Host: kinoxits.net URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash Request headers sec-fetch-mode cors origin https://kinoxits.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 :path /templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority kinoxits.net referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css :scheme https sec-fetch-site same-origin :method GET Referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css Origin https://kinoxits.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT server nginx-reuseport/1.21.1 content-length 327 content-type text/html; charset=iso-8859-1
GET H2	200	iJWKBXyIfDnIV7nFrXyi0A.woff2 fonts.gstatic.com/s/rubik/v14/	14 KB 15 KB	37ms 21ms	Font font/woff2	142.250.186.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/rubik/v14/iJWKBXyIfDnIV7nFrXyi0A.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f3.1e100.net Software sffe / Resource Hash d860a9894b043142169904d0f318c1913accd3a6587aafbd8f412b1005a01e6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://kinoxits.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 10 Oct 2021 11:51:34 GMT x-content-type-options nosniff age 194938 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14312 x-xss-protection 0 last-modified Tue, 29 Jun 2021 19:47:40 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Mon, 10 Oct 2022 11:51:34 GMT
GET H2	404	default.js kinoxits.net/engine/skins/	0 0	71ms 70ms	Script text/html	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/skins/default.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash Request headers :path /engine/skins/default.js pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT server nginx-reuseport/1.21.1 content-length 297 content-type text/html; charset=iso-8859-1
GET H2	200	fa-regular-400.woff kinoxits.net/templates/MOVIEBOX_DARK/webfonts/	187 KB 187 KB	65ms 64ms	Font application/font-woff	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff Requested by Host: kinoxits.net URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 69faef17aa881302dc2d4232c5e8f40c30dd40eed4dccb52b71a6cdd1382746b Request headers sec-fetch-mode cors origin https://kinoxits.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest font cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 :path /templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority kinoxits.net referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css :scheme https sec-fetch-site same-origin :method GET Referer https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css Origin https://kinoxits.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:34 GMT server nginx-reuseport/1.21.1 etag "601b74e6-2eb44" content-type application/font-woff cache-control max-age=2592000 accept-ranges bytes content-length 191300 expires Thu, 11 Nov 2021 18:00:32 GMT
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H/1.1	200 OK	hit counter.yadro.ru/ Redirect Chain https://counter.yadro.ru/hit?t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043... https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u0...	236 B 722 B	55ms 52ms	Image image/gif	88.212.201.210 UNITEDNET
General Check archive.org Show headers Download Go to Show image Full URL https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8071450009685188 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU), Reverse DNS Software nginx/1.17.9 / Resource Hash d88488774b5a125b6208dc6921c5142df9c60cbcba693055e206d361dab483dd Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:32 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Access-Control-Allow-Origin * Cache-control no-cache Connection keep-alive Content-Type image/gif Content-Length 236 Expires Sun, 11 Oct 2020 21:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:32 GMT Server nginx/1.17.9 Strict-Transport-Security max-age=86400 P3P policyref="/w3c/p3p.xml", CP="UNI" Location https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/danielway48/;hdanielway48%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8071450009685188 Cache-control no-cache Connection keep-alive Content-Type text/html Content-Length 32 Expires Sun, 11 Oct 2020 21:00:00 GMT
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	191 KB 65 KB	451ms 443ms	Script application/javascript	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 8ce174fc34969d02274382ec6da5a274b254802c3814de6971de6ec349c7dd6c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br last-modified Tue, 12 Oct 2021 15:49:43 GMT etag "61658467-1031a" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 66330 expires Tue, 12 Oct 2021 19:00:32 GMT
GET H/1.1	200 OK	gl.php Show response retarget.ssl-services.com/p/	21 B 422 B	328ms 14ms	Script application/x-javascript	188.72.221.186 WEBZILLA
General Check archive.org Show headers Download Go to Full URL https://retarget.ssl-services.com/p/gl.php?callback=retCallback_5298&format_id=5&geo=DE Requested by Host: brdmin.com URL: https://brdmin.com/js/NTI5OA==.js?r=4209793319.5777016 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 188.72.221.186 , Netherlands, ASN35415 (WEBZILLA, NL), Reverse DNS Software nginx/1.8.0 / PHP/7.4.11 Resource Hash 2824c1eaa9cb75658f8ea301f1693cedeb32aad55d715a60fd35da32da899862 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:32 GMT Server nginx/1.8.0 X-Powered-By PHP/7.4.11 Transfer-Encoding chunked Content-Type application/x-javascript; charset=windows-1251 Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0 Connection close Expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/i/	8 KB 9 KB	287ms 8ms	Script application/javascript	51.89.24.69 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Requested by Host: waust.at URL: https://waust.at/c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip69.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash 8863079ed3c2e872966ad08fbd5dd18bbccacca8b2b9281976ff8eda45f3a363 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:32 GMT X-T 0.522 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-cache Connection close X-S ger1 Expires Tue, 12 Oct 2021 18:00:31 GMT
GET H2	200	bar-bg.png kinoxits.net/templates/MOVIEBOX_DARK/images/	313 B 498 B	62ms 55ms	Image image/png	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/images/bar-bg.png Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e Request headers :path /templates/MOVIEBOX_DARK/images/bar-bg.png pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag "601b74e4-139" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 313 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	200	bar-blue.png kinoxits.net/templates/MOVIEBOX_DARK/images/	253 B 438 B	63ms 56ms	Image image/png	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kinoxits.net/templates/MOVIEBOX_DARK/images/bar-blue.png Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / Resource Hash 694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9 Request headers :path /templates/MOVIEBOX_DARK/images/bar-blue.png pragma no-cache cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT last-modified Thu, 04 Feb 2021 04:15:32 GMT server nginx-reuseport/1.21.1 etag "601b74e4-fd" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 253 expires Thu, 11 Nov 2021 18:00:32 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/	131 KB 46 KB	586ms 583ms	Script application/javascript	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: kinoxits.net URL: https://kinoxits.net/templates/MOVIEBOX_DARK/js/share.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash d5c91393fc42ed4d1234c6180d0bd54ab46c10bcac71822415902d5cec48163f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br last-modified Tue, 12 Oct 2021 15:49:43 GMT etag "61658467-b968" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 47464 expires Tue, 12 Oct 2021 19:00:32 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	96ms 25ms	Script text/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-156485311-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 28 Sep 2021 21:34:48 GMT server Golfe2 age 7166 date Tue, 12 Oct 2021 16:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19887 expires Tue, 12 Oct 2021 18:01:06 GMT
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/	272 KB 98 KB	57ms 56ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e898396a63a31caead5610be17a0d5e1465f251e8f7dd0f1df02f144ff5c81d6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 99725 x-xss-protection 0 server cafe etag 18043168443402353962 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/ Frame 7D47	10 KB 5 KB	55ms 14ms	Document text/html	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20211007/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f2.1e100.net Software cafe / Resource Hash f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20211007/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://kinoxits.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Mon, 11 Oct 2021 18:55:18 GMT expires Mon, 25 Oct 2021 18:55:18 GMT content-type text/html; charset=UTF-8 etag 414810510046348021 x-content-type-options nosniff content-encoding gzip server cafe content-length 4645 x-xss-protection 0 age 83114 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	js Show response www.google-analytics.com/gtm/	94 KB 37 KB	80ms 48ms	Script application/javascript	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/js?id=GTM-W65VNBP&t=gtag_UA_156485311_1&cid=884574714.1634061633 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Google Tag Manager / Resource Hash e9511c3c8826bae20084c5e1bea57d4a637f0cf0f4e0aeb7e1c973159156ea01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:32 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38235 x-xss-protection 0 expires Tue, 12 Oct 2021 18:00:32 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	202 B 659 B	114ms 33ms	Script text/javascript	142.250.186.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=kinoxits.net&callback=_gfp_s_&client=ca-pub-8456985064256923 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s06-in-f2.1e100.net Software cafe / Resource Hash 388fe35a1df78eb0a485e10529c0caf8ffd7e975e34457fcb07d4f874c3fbe97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 193 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 853 B	107ms 32ms	Script application/javascript	142.250.185.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=kinoxits.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s49-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 18:00:33 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 570 B	105ms 30ms	Script application/javascript	142.250.186.34 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=kinoxits.net Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.34 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f2.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 18:00:33 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 8850	603 B 68 B	60ms 35ms	Document text/html	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456985064256923&output=html&adk=1812271804&adf=3025194257&lmt=1634061632&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634061632687&bpp=3&bdt=745&idt=151&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2947691670843&frm=20&pv=2&ga_vid=884574714.1634061633&ga_sid=1634061633&ga_hid=931568943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3310936222821050&pem=356&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f2.1e100.net Software cafe / Resource Hash 00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-8456985064256923&output=html&adk=1812271804&adf=3025194257&lmt=1634061632&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634061632687&bpp=3&bdt=745&idt=151&shv=r20211007&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2947691670843&frm=20&pv=2&ga_vid=884574714.1634061633&ga_sid=1634061633&ga_hid=931568943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&oid=2&pvsid=3310936222821050&pem=356&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=176 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://kinoxits.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Tue, 12 Oct 2021 18:00:32 GMT server cafe content-length 46 x-xss-protection 0 set-cookie test_cookie=CheckForPermission; expires=Tue, 12-Oct-2021 18:15:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" expires Tue, 12 Oct 2021 18:00:32 GMT cache-control private
GET H/1.1	200 OK	/ Show response t.dtscout.com/idg/ Frame 262D	1 KB 750 B	32ms 7ms	Document text/html	51.89.24.69 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=51A016340616321770E8AFE5B5D1175E Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip69.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash 452804df0f20981b1b54c9824981ac70db40878a2479c37fdf0635e052a9b63d Request headers Host t.dtscout.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://kinoxits.net/ Accept-Encoding gzip, deflate, br Cookie m=1; b=1; st=1; oa=1; df=1634061632; l=51A016340616321770E8AFE5B5D1175E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers Server nginx/1.14.0 (Ubuntu) Date Tue, 12 Oct 2021 18:00:32 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close Expires Tue, 12 Oct 2021 18:00:31 GMT Cache-Control no-cache Content-Encoding gzip
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	33ms 7ms	Script text/javascript	143.204.98.60 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.60 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-60.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY content-encoding gzip last-modified Thu, 03 Jun 2021 13:27:46 GMT server AmazonS3 age 48206 etag W/"a1c6ef0f57fd5dc66dd46feb78238adf" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront) cache-control max-age=86400 date Tue, 12 Oct 2021 04:37:07 GMT x-amz-cf-pop FRA50-C1 x-amz-cf-id k2yHnCS8jurUE1C4xt-s5n_Hrk-gMBzsxKO6evjWTdRKlfAEAHe6Sg==
GET H/1.1	204 No Content	dtscout Show response pd.sharethis.com/pd/	0 88 B	51ms 11ms	Script text/plain	3.121.175.251 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pd.sharethis.com/pd/dtscout Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.121.175.251 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-121-175-251.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection keep-alive Date Tue, 12 Oct 2021 18:00:32 GMT
GET H/1.1	200 OK	/ Show response t.dtscout.com/pv/	50 B 317 B	32ms 8ms	Script application/javascript	51.89.24.69 OVH
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=kinoxits.net&_ss=6s7oy6v10f&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=4nxy&_cb=_dtspv.c Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR), Reverse DNS ip69.ip-51-89-24.eu Software nginx/1.14.0 (Ubuntu) / Resource Hash f5ea561c7071b7df928111e1b35470c180a3de3ab0b74b57e65543a768a34e92 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:32 GMT X-T 0.29 Server nginx/1.14.0 (Ubuntu) Transfer-Encoding chunked X-C 0 Content-Type application/javascript Cache-Control no-cache Connection close Expires Tue, 12 Oct 2021 18:00:31 GMT
GET H3	200	ws.php Show response brdmin.com/j/	314 B 886 B	149ms 106ms	Script application/x-javascript	104.21.40.131 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://brdmin.com/j/ws.php?id=5298&ret=&r=0.17480878310753 Requested by Host: brdmin.com URL: https://brdmin.com/js/NTI5OA==.js?r=4209793319.5777016 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.40.131 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.6.18 Resource Hash 777d4ed23d3dfa13b1bf4028f0da2802c81562b7a8ab5bd070f77b3779c61c52 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/5.6.18 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioQSynmwNtLNKAZaqnbGr8anEOMSDEJBOAVhXMYjaWAjmrNa1eBverf9OkA0P7I2CM%2FZ5vfD4J8aek1X0AEsUUnPW9eiPq3abA3QTir%2FqBqG2tTc9SFvZs2SwZwe"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" access-control-allow-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 access-control-allow-credentials true cf-ray 69d23a762821046e-CDG content-type application/x-javascript; charset=utf-8
GET H2	200	/ Show response onetag-geo.s-onetag.com/	555 B 962 B	171ms 116ms	Fetch application/json	143.204.98.122 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.122 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-122.fra50.r.cloudfront.net Software / Resource Hash f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT via 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront), 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C2, FRA50-C1 x-amzn-requestid 547973b8-e390-4925-a7be-b84d858b42f5 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id HG0CNH2ACYcF2MA= content-length 555 x-amz-cf-id N_7XWn9szA7-2ecRD2n6-SszDrOd9r5tb0cuBXTJCz5uiIxJQpVaJA==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	29ms 29ms	XHR text/plain	142.250.186.46 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j94&a=931568943&t=pageview&_s=1&dl=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&ul=en-us&de=UTF-8&dt=danielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAAC~&jid=2069741759&gjid=2085541301&cid=884574714.1634061633&tid=UA-156485311-1&_gid=348982340.1634061633&_r=1&gtm=2ouab0&z=914421941 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.46 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f14.1e100.net Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:33 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://kinoxits.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	fe271d92aa.css use.fontawesome.com/	1 KB 1 KB	229ms 122ms	Stylesheet text/css	172.67.214.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/fe271d92aa.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/fe271d92aa.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04d91e7bf873b687ac00e3167cc352221c500320f92efd05a8abf94241ffaa56 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3504 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id 6PGCG9YZXQKCTJPH x-amz-id-2 NApTDaXs2xcp7ZXMysrcWeW8ZGD3IpmfDwG9K5l4N4LTxYomTJre99lKxwMIGDpMO+kTW5kgna8= last-modified Thu, 01 Jul 2021 20:44:43 GMT server cloudflare etag W/"0d33b41381408750565b8436efed8740" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BBtJJfUaIrUraos79Kxckl4AHSTN039BJgoDpuulQ5bWtXlYZyU3diljBd9qiqni4FORHaINTVGAQ18GOjsxIg%2F%2B7T1iNbqsW2yg5Wnw3R6OuQBN%2BXBs2LCpbBYsReuIyxnWG06"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=1800 cf-ray 69d23a78db72c184-IAD
GET H2	200	/ Show response whos.amung.us/pingjs/	28 B 142 B	334ms 111ms	Script text/javascript	67.202.114.214 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://whos.amung.us/pingjs/?k=j6pd4fwo87&t=danielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F&c=c&x=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&y=&a=0&d=1.851&v=27&r=6161 Requested by Host: waust.at URL: https://waust.at/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 67.202.114.214 , United States, ASN32748 (STEADFAST, US), Reverse DNS amung.us Software / Resource Hash 0fb12ff3f5cf393f946c91f50aa7005844ad2d4924fa02136cc934ced5db992a Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding gzip content-type text/javascript;charset=UTF-8
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 461 B	74ms 28ms	XHR text/plain	173.194.76.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-156485311-1&cid=884574714.1634061633&jid=2069741759&gjid=2085541301&_gid=348982340.1634061633&_u=aGBAAUACQAAAAC~&z=1638501837 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 173.194.76.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS ws-in-f154.1e100.net Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 12 Oct 2021 18:00:33 GMT content-type text/plain access-control-allow-origin https://kinoxits.net cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9424.u8q3dzfy3iq3cGhCGuRCWQd6P7byA0fdLY7IUmDVdIHooInHU1xx5cUnXO0D7IEQ.c5gyfUalfsPM4hzhnAbF7OQPdpc%2C https://mc.yandex.com/sync_cookie_image_decide?token=9424.dXYvBnJRCeScZ4r57pgEbXnGki2hHfXNKpBd0SZtsONCG6s4dzniSu_j5DJ9y8e2xCSzWVISnIO3Si8eYsoHnQ%2C%2C.MbOEO6ROujyH6xexY8QmObbikCs%2C	75 B 75 B	34ms 34ms	Image text/html	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9424.dXYvBnJRCeScZ4r57pgEbXnGki2hHfXNKpBd0SZtsONCG6s4dzniSu_j5DJ9y8e2xCSzWVISnIO3Si8eYsoHnQ%2C%2C.MbOEO6ROujyH6xexY8QmObbikCs%2C Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9424.dXYvBnJRCeScZ4r57pgEbXnGki2hHfXNKpBd0SZtsONCG6s4dzniSu_j5DJ9y8e2xCSzWVISnIO3Si8eYsoHnQ%2C%2C.MbOEO6ROujyH6xexY8QmObbikCs%2C date Tue, 12 Oct 2021 18:00:33 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	38 KB 12 KB	59ms 9ms	Script text/javascript	143.204.98.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-4.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 13:05:47 GMT content-encoding gzip etag W/"f321a7442b8087eba0d1817aa7dbb5f7" last-modified Tue, 16 Mar 2021 13:30:17 GMT server AmazonS3 age 17687 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript via 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id k5XWJmUXd2QZBnJNWfg7eJGv3lPIwm3tV9ji8LnQIu09fC6WC2pnSQ==
GET H/1.1	200 OK	/ Show response t.dtscdn.com/widget/	0 407 B	371ms 95ms	Script application/javascript	159.203.161.83 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=51A016340616321770E8AFE5B5D1175E&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&r= Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS lb4.ny1.dtscdn.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 17:01:46 GMT X-T 0.73 x-server web14.ny1.dtscdn.com Cache-Control no-cache Content-Type application/javascript; charset=UTF-8 Transfer-Encoding chunked Expires Tue, 12 Oct 2021 17:01:45 GMT
GET H/1.1	200 OK	27675 tags.bluekai.com/site/	62 B 329 B	228ms 160ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/27675?id=51A016340616321770E8AFE5B5D1175E&ret=html&phint=__bk_t%3Ddanielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&phint=__bk_k%3DKinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&phint=__bk_l%3Dhttps%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&r=89979595 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:33 GMT X-N S Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 BK-Server 71a5 Content-Type image/gif
GET H/1.1	200 OK	33141 tags.bluekai.com/site/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=51A016340616321770E8AFE5B5D1175E https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1 https://pixel.onaudience.com/?partner=147&mapped=26b2340d-7f7a-445d-990a-ec7ef1176a2d&icm https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m https://tags.bluekai.com/site/33141?&id=a9ebb1a66cb9d7ae	62 B 304 B	155ms 155ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/33141?&id=a9ebb1a66cb9d7ae Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:33 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif Redirect headers location https://tags.bluekai.com/site/33141?&id=a9ebb1a66cb9d7ae content-length 0
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 136 B	34ms 34ms	Image image/gif	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT last-modified Tue, 12 Oct 2021 15:49:43 GMT etag "61658467-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Tue, 12 Oct 2021 19:00:33 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 522 B	105ms 48ms	Image image/gif	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-156485311-1&cid=884574714.1634061633&jid=2069741759&_u=aGBAAUACQAAAAC~&z=631654000 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 522 B	118ms 58ms	Image image/gif	142.250.186.163 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-156485311-1&cid=884574714.1634061633&jid=2069741759&_u=aGBAAUACQAAAAC~&z=631654000 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s08-in-f3.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:33 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	1 Show response mc.yandex.com/watch/71378167/ Redirect Chain https://mc.yandex.com/watch/71378167?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3A0... https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3...	331 B 440 B	34ms 33ms	XHR application/json	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1378321569027%3Ahid%3A200108393%3Az%3A0%3Ai%3A202101012180033%3Aet%3A1634061633%3Ac%3A1%3Arn%3A231557864%3Arqn%3A1%3Au%3A1634061633647687361%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634061631347%3Ads%3A62%2C115%2C412%2C1%2C1%2C0%2C%2C1249%2C14%2C%2C%2C%2C1851%3Adsn%3A62%2C114%2C413%2C1%2C%2C0%2C%2C1252%2C15%2C%2C%2C%2C1850%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634061633%3At%3Adanielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 3f8610a539dfafce57a92ad24a645ba2aa5ff0fbedc6369d24ea7a88976d7573 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:33 GMT x-content-type-options nosniff last-modified Tue, 12-Oct-2021 18:00:33 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://kinoxits.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 331 x-xss-protection 1; mode=block expires Tue, 12-Oct-2021 18:00:33 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:33 GMT last-modified Tue, 12-Oct-2021 18:00:33 GMT location /watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A1134%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A660%3Acn%3A1%3Adp%3A0%3Als%3A1378321569027%3Ahid%3A200108393%3Az%3A0%3Ai%3A202101012180033%3Aet%3A1634061633%3Ac%3A1%3Arn%3A231557864%3Arqn%3A1%3Au%3A1634061633647687361%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634061631347%3Ads%3A62%2C115%2C412%2C1%2C1%2C0%2C%2C1249%2C14%2C%2C%2C%2C1851%3Adsn%3A62%2C114%2C413%2C1%2C%2C0%2C%2C1252%2C15%2C%2C%2C%2C1850%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1634061633%3At%3Adanielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip strict-transport-security max-age=31536000 access-control-allow-origin https://kinoxits.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Tue, 12-Oct-2021 18:00:33 GMT
GET H2	200	EU Show response onetag-geo-grouping.s-onetag.com/regionalbloc/	1 KB 836 B	34ms 12ms	Fetch application/json	143.204.98.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-40.fra50.r.cloudfront.net Software restify / Resource Hash 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 11 Oct 2021 18:53:57 GMT content-encoding gzip server restify age 83196 vary Accept-Encoding,origin x-cache Hit from cloudfront content-type application/json access-control-allow-origin https://kinoxits.net access-control-expose-headers api-version, content-length, content-md5, content-type, date, request-id, response-time cache-control max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id Th0na2xerFIK1mMwXM__PM-8G_mPlT-_KXj_DWMH3f-qlktoGnmYoQ== via 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
GET H3	200	font-awesome-css.min.css use.fontawesome.com/releases/v4.7.0/css/	30 KB 7 KB	110ms 110ms	Stylesheet text/css	172.67.214.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/fe271d92aa.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350 Request headers Accept-Language de-DE,de;q=0.9 Referer https://use.fontawesome.com/fe271d92aa.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8459589 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-amz-request-id H4F7YQ2GWDECPGT0 x-amz-id-2 plLxMZ2I3cbFTVa3SXcnSL92pgWvlJXMxncJdB/k7hy+48IGE6BGwU5Vp7TkSFBtY/RiNsySGf8= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag W/"36082410df2ef7f83932219089dc1443" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tdt9i%2FTGDmVvh5BaJJ9YfjUGB9voI%2BSX%2FJBh6PQ6tjqetdXJJ2YKTUMPaRYEm8bGEFi2CLCAM1PItknz%2BuzO5uDtKd8k4eZGb0VfldK%2BFlzlqwgYOXysXdxockLnFu3WbWCL2pcC"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 69d23a798c8ec184-IAD
GET H2	200	tc.js Show response cdn.tynt.com/	17 KB 7 KB	59ms 22ms	Script application/javascript	104.18.28.199 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.tynt.com/tc.js Requested by Host: waust.at URL: https://waust.at/c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT content-encoding gzip cf-cache-status HIT last-modified Fri, 27 Aug 2021 20:58:45 GMT server cloudflare age 75657 etag W/"61295205-431d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 69d23a7a38188751-DUS expires Fri, 15 Oct 2021 18:00:33 GMT
GET DATA	200 OK	truncated /	3 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/gif
GET H3	200	fontawesome-webfont.woff2 use.fontawesome.com/releases/v4.7.0/fonts/	75 KB 76 KB	696ms 436ms	Font application/font-woff2	172.67.214.69 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2 Requested by Host: use.fontawesome.com URL: https://use.fontawesome.com/fe271d92aa.css Protocol H3 Security QUIC, , AES_128_GCM Server 172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers Referer https://use.fontawesome.com/fe271d92aa.css Origin https://kinoxits.net Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT access-control-allow-methods GET vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id PKJANA2YRNKFZ48E alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 77160 x-amz-id-2 4ShmkUbERZbRBNdVivgNHJETxZ6wue82JR4Ee/QwgT7ipRoF2g7RFgndnuCdhcYcZd7mA+v0CZI= last-modified Wed, 30 Jun 2021 15:26:48 GMT server cloudflare etag "af7ae505a9eed503f8b8e6982036873e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gRZYFhQzf4TP%2FOtHSl7%2BKhuwxxkYQqHOs9S1S7CM9z9CAa8yTtVmaNHC76uxHxpgHtZu%2BPob6%2BQWanbBotFcL88UeCGPRe0lW7Myc52EJC4uq%2BvJvkkbTNLGhJ0l09wW0I8TClvj"}],"group":"cf-nel","max_age":604800} content-type application/font-woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 69d23a7c5efbf7d2-EZE
GET H2	204	p ic.tynt.com/b/	0 227 B	324ms 106ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0&t=danielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C&cu=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	200	v2 Show response de.tynt.com/deb/	4 B 202 B	325ms 109ms	Script application/javascript	67.202.105.34 STEADFAST
General Check archive.org Show headers Download Go to Full URL https://de.tynt.com/deb/v2?id=w!j6pd4fwo87&dn=TC&cc=1&r= Requested by Host: cdn.tynt.com URL: https://cdn.tynt.com/tc.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 67.202.105.34 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip34.67-202-105.static.steadfastdns.net Software / Resource Hash d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:33 GMT cache-control max-age=86400 content-type application/javascript p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" content-length 4 expires Wed, 13 Oct 2021 18:00:34 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	107ms 107ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0&t=danielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C&cu=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	107ms 106ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0&t=danielway48%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	117ms 117ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
POST H2	200	controller.php Show response kinoxits.net/engine/ajax/	2 B 207 B	196ms 196ms	XHR text/html	87.236.16.8 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://kinoxits.net/engine/ajax/controller.php?mod=adminfunction Requested by Host: kinoxits.net URL: https://kinoxits.net/engine/classes/js/jquery.js?v=26 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.vm5.beget.com Software nginx-reuseport/1.21.1 / PHP/5.6.40 Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers sec-fetch-mode cors origin https://kinoxits.net accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 sec-fetch-dest empty x-requested-with XMLHttpRequest cookie PHPSESSID=2263662ead8ef88294a0db4d1884b219; _ga=GA1.2.884574714.1634061633; _gid=GA1.2.348982340.1634061633; _gat_gtag_UA_156485311_1=1; __gads=ID=bef314e8c78d98fd-22f35744f3ca0087:T=1634061632:RT=1634061632:S=ALNI_MbhY_oEpYum1fQYgetUlm_4tuDnJA; _ym_uid=1634061633647687361; _ym_d=1634061633; __dtsu=51A016340616321770E8AFE5B5D1175E; _ym_isad=2; _ym_visorc=w content-length 109 :path /engine/ajax/controller.php?mod=adminfunction pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept */* cache-control no-cache :authority kinoxits.net referer https://kinoxits.net/user/danielway48/ :scheme https sec-fetch-site same-origin :method POST Accept */* Referer https://kinoxits.net/user/danielway48/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:34 GMT server nginx-reuseport/1.21.1 x-powered-by PHP/5.6.40 content-type text/html; charset=utf-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-length 2 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	204	p ic.tynt.com/b/	0 227 B	106ms 106ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	107ms 107ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H2	204	p ic.tynt.com/b/	0 227 B	107ms 106ms	Image text/plain	208.100.17.182 STEADFAST
General Check archive.org Show headers Download Go to Show image Full URL https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1634061633609&dn=TC&iso=0 Requested by Host: kinoxits.net URL: https://kinoxits.net/user/danielway48/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 208.100.17.182 , United States, ASN32748 (STEADFAST, US), Reverse DNS ip182.208-100-17.static.steadfastdns.net Software nginx/1.16.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/user/danielway48/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:34 GMT cache-control "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false" expires "Sat, 26 Jul 1997 05:00:00 GMT" server nginx/1.16.1 p3p CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	11 KB 8 KB	72ms 37ms	XHR application/json	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211007&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash 0bc0b85e218ba14e64eb5d4aa7a80c9a78e26c0f65d5a13f011fb24b76257c03 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Oct 2021 18:00:35 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8555 x-xss-protection 0
GET H2	200	optimus_rules.json Show response tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	28ms 11ms	XHR application/json	143.204.98.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-4.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28 Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 11 Oct 2021 18:25:14 GMT content-encoding gzip age 84921 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 16 Mar 2021 13:30:17 GMT server AmazonS3 etag W/"6db43f44304c37d76768275ee4f01ba4" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json via 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront) cache-control max-age: 86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id CuraNB7xLpRXB8DoUaS4roHdb8tXc_iCxKrVVZ3USJnLICohwlfECg==
POST H2	200	data Show response bcp.crwdcntrl.net/6/	605 B 1 KB	169ms 104ms	XHR application/json	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 0fe51af858774ac73624f062bb58de3dbdd80ea1a03e67c6ba0b0eeeb7550c7d Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://kinoxits.net cache-control no-cache x-server 10.45.19.67 access-control-allow-credentials true content-type application/json;charset=utf-8 content-length 605 expires 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	111ms 36ms	Script text/javascript	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8456985064256923&plah=kinoxits.net Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:35 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" expires Tue, 12 Oct 2021 18:00:35 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 33CE	12 KB 5 KB	56ms 23ms	Document text/html	142.250.181.225 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.225 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f1.1e100.net Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://kinoxits.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin cross-origin-opener-policy-report-only same-origin; report-to="adspam-signals-scs" report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-length 5029 date Tue, 12 Oct 2021 16:52:01 GMT expires Wed, 12 Oct 2022 16:52:01 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 4114 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame E9B9	783 B 536 B	84ms 33ms	Document text/html	142.250.185.228 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.228 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f4.1e100.net Software GSE / Resource Hash e57230bcd7bc4c311c17d1408327549c03293f1271cd240e880284bc83f02a98 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9Box4X8Nt7UZjkIoHdFGTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://kinoxits.net/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers cross-origin-resource-policy cross-origin cross-origin-embedder-policy-report-only require-corp; report-to="recaptcha" report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} expires Tue, 12 Oct 2021 18:00:35 GMT date Tue, 12 Oct 2021 18:00:35 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-9Box4X8Nt7UZjkIoHdFGTQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 514 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
POST H2	200	a a.dtssrv.com/	0 558 B	334ms 126ms	Ping text/html	172.67.220.51 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/a?i=51A016340616321770E8AFE5B5D1175E&k=lotpano&v=82fa6f3c738c3866171c02384e714945a7024215c9f22d1ede7e1b5fe6f9948b Requested by Host: t.dtscout.com URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 12 Oct 2021 18:00:35 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmEjgQKpbhLf3dewLuFR%2Bswlkb0rDh64%2BQp4HSS2C71vGEYkihHucrcJOFLIvLE6s6FdjoHBegdPYFILnPAaG7Dk0iOPOGz6N774wx%2BRfO7aFbCEs9%2BA1y0RHu9fr3s%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 69d23a8608085973-IAD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	lt.iframe.html Show response tags.crwdcntrl.net/lt/shared/2/ Frame E386	2 KB 1 KB	8ms 8ms	Document text/html	143.204.98.4 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.98.4 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-98-4.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372 Request headers :method GET :authority tags.crwdcntrl.net :scheme https :path /lt/shared/2/lt.iframe.html?c=3825 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://kinoxits.net/ accept-encoding gzip, deflate, br cookie _cc_dc=1; _cc_id=c7144935c0d3123ed4c8bc1c81bbbd67; _cc_cc="ACZ4XmNQSDY3NDGxNDZNNkgxNjQyTk0xSbZISjZMtjBMSkpKMTNnAILE1LPOIBoCeD5%2BtmT8KMvwn5GRYfmfQhjz78YpLDD28aOHmGHsS6cescHYu%2FddFoCxPzTch7MPL54D1zv9hDpMyccTpzRg7HdLEErWbHjKDRMHAB0QPmQ%3D"; _cc_aud="ABR4XmNgYGBITD3rDKQggJmBYVErmMk1A0QyPqwHkgBgqgUE" Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ Response headers content-type text/html last-modified Mon, 01 Feb 2021 20:35:17 GMT x-amz-server-side-encryption AES256 server AmazonS3 content-encoding gzip date Mon, 11 Oct 2021 22:18:20 GMT cache-control max-age: 86400 etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" vary Accept-Encoding x-cache Hit from cloudfront via 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id gQU8KZcQDw3smkksE5EcsfVJRoN3lyRZdOY9hzdSm4sgNT-8R8O55Q== age 70936
GET H2	200	pixels Show response bcp.crwdcntrl.net/ Frame A008	3 KB 3 KB	32ms 32ms	Document text/html	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 1eb2d03cd9d042dea0c384c0e7b5ddf1dc09002d1a39bd2cc23e2a69dcd3735a Request headers :method GET :authority bcp.crwdcntrl.net :scheme https :path /pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://tags.crwdcntrl.net/ accept-encoding gzip, deflate, br cookie _cc_dc=1; _cc_id=c7144935c0d3123ed4c8bc1c81bbbd67; _cc_cc="ACZ4XmNQSDY3NDGxNDZNNkgxNjQyTk0xSbZISjZMtjBMSkpKMTNnAILE1LPOIBoCeD5%2BtmT8KMvwn5GRYfmfQhjz78YpLDD28aOHmGHsS6cescHYu%2FddFoCxPzTch7MPL54D1zv9hDpMyccTpzRg7HdLEErWbHjKDRMHAB0QPmQ%3D"; _cc_aud="ABR4XmNgYGBITD3rDKQggJmBYVErmMk1A0QyPqwHkgBgqgUE" Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://tags.crwdcntrl.net/ Response headers date Tue, 12 Oct 2021 18:00:35 GMT content-type text/html content-length 3135 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV cache-control no-cache pragma no-cache expires 0 x-server 10.45.24.90 server Jetty(9.4.38.v20210224)
GET H3	200	pixel cm.g.doubleclick.net/ Frame A008 Redirect Chain https://id5-sync.com/s/19/9.gif?puid=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1 https://id5-sync.com/c/19/19/9/1.gif?puid=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&gdpr_consent= https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui... https://tags.bluekai.com/site/5907?limit=0&id=71e3a7bbd8e42c0490bdd4aeb52c9e56&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_... https://id5-sync.com/c/19/224/7/3.gif?puid=3589309544358786890&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK8... https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzcxNDQ5MzVjMGQzMTIzZWQ0YzhiYzFjODFiYmJkNjc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ	170 B 188 B	36ms 35ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzcxNDQ5MzVjMGQzMTIzZWQ0YzhiYzFjODFiYmJkNjc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YzcxNDQ5MzVjMGQzMTIzZWQ0YzhiYzFjODFiYmJkNjc&google_redir={xENCODEDURL}&id5id=ID5-ZHMOw6ZOhab9jtlqGgxU8W89qK87TUOBwG56lsZ1wQ cache-control no-cache x-server 10.45.31.219 content-length 0 expires 0
GET H2	200	generic match.adsrvr.org/track/cmf/ Frame A008	70 B 264 B	37ms 36ms	Image image/gif	76.223.111.131 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 76.223.111.131 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a97adde81b00f2ca4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif content-length 70 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	cm trc.taboola.com/sg/lotame/1/ Frame A008	43 B 238 B	52ms 16ms	Image image/gif	151.101.1.44 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://trc.taboola.com/sg/lotame/1/cm Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.1.44 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-vcl-time-ms 9 pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT via 1.1 varnish server nginx x-timer S1634061635.435073,VS0,VE9 x-served-by cache-hhn4024-HHN x-cache MISS cache-control no-cache, no-store accept-ranges bytes x-cache-hits 0
GET H2	200	tpid=4c032d48-a017-486b-9df7-029ac29cb4da sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame A008 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=c7144935c0d3123ed4c8bc1c81bbbd67&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4c032d48-a017-486b-9df7-029ac29cb4da	49 B 264 B	38ms 37ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4c032d48-a017-486b-9df7-029ac29cb4da Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.19.67 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=4c032d48-a017-486b-9df7-029ac29cb4da date Tue, 12 Oct 2021 18:00:35 GMT via 1.1 google alt-svc clear content-length 0 strict-transport-security max-age=31536000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
GET H2	204	/ loadm.exelator.com/load/ Frame A008 Redirect Chain https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0 https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0&xl8blockcheck=1	0 751 B	16ms 15ms	Image text/plain	18.198.126.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0&xl8blockcheck=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-198-126-47.eu-central-1.compute.amazonaws.com Software nginx / Undertow/1 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:35 GMT cache-control no-cache access-control-allow-credentials true server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA Redirect headers date Tue, 12 Oct 2021 18:00:35 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://loadm.exelator.com/load/?p=204&g=260&buid=c7144935c0d3123ed4c8bc1c81bbbd67&j=0&xl8blockcheck=1 cache-control no-cache access-control-allow-credentials true content-type image/gif content-length 0
GET		t px.surveywall-api.survata.com/ Frame A008	0 0
GET H2	200	tpid=13400507587440989861429058917784392112 sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame A008 Redirect Chain https://dpm.demdex.net/ibs:dpid=121998&dpuuid=c7144935c0d3123ed4c8bc1c81bbbd67&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=c7144935c0d3123ed4c8bc1c81bbbd67&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13400507587440989861429058917784392112	49 B 264 B	34ms 33ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13400507587440989861429058917784392112 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.11.95 content-type image/gif content-length 49 expires 0 Redirect headers DCS dcs-prod-irl1-1-v018-012e7a688.edge-irl1.demdex.com UNKNOWN Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID HJiK9X1wQg8= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=13400507587440989861429058917784392112 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	identity c.cintnetworks.com/ Frame A008	0 328 B	197ms 16ms	Image text/plain	51.144.7.192 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.cintnetworks.com/identity?a=5461&id=Lotame:c7144935c0d3123ed4c8bc1c81bbbd67 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:35 GMT Vary Origin P3P CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info." Arr-Disable-Session-Affinity true Cache-Control max-age=60, private, must-revalidate Access-Control-Allow-Credentials true Keep-Alive timeout=5 Content-Length 0
GET		sync sync.tag.clrstm.com/lotame/ Frame A008	0 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame A008	0 338 B	121ms 31ms	Image text/plain	34.241.214.49 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=c7144935c0d3123ed4c8bc1c81bbbd67 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.241.214.49 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-241-214-49.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 18:00:35 GMT cache-control private, no-cache, no-store x-request-time D=34 t=1634061635 x-served-by beacon-n019-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	image.sbxx ib.mookie1.com/ Frame A008 Redirect Chain https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67 https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67	120 B 992 B	893ms 160ms	Image image/png	64.58.232.180 ASN-VINS
General Check archive.org Show headers Download Go to Show image Full URL https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 64.58.232.180 , United States, ASN13649 (ASN-VINS, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:36 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET p3p CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR" Access-Control-Allow-Origin * Cache-Control no-cache X-Server LAS13 Content-Type image/png Content-Length 120 Expires -1 Redirect headers Date Tue, 12 Oct 2021 18:00:35 GMT Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Location https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=c7144935c0d3123ed4c8bc1c81bbbd67 p3p CP="DSP COR ADM DEV PSA PSD OUR" Access-Control-Allow-Origin * Cache-Control private X-Server LAS11 Content-Type text/html; charset=utf-8 Content-Length 217
GET H2	200	tpid=164871103937000336482 bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame A008 Redirect Chain https://aa.agkn.com/adscores/g.pixel?sid=9202276048 https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164871103937000336482	49 B 367 B	47ms 46ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164871103937000336482 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.28.182 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server AAWebServer p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" location https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164871103937000336482 cache-control no-cache, no-store, must-revalidate content-length 0 expires 0
GET H2	200	tpid=5ee89fd7-848d-4ba9-be20-a3da501db8fa bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame A008 Redirect Chain https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5ee89fd7-848d-4ba9-be20-a3da501db8fa?gdpr=1&gdpr_consent=	49 B 264 B	36ms 35ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5ee89fd7-848d-4ba9-be20-a3da501db8fa?gdpr=1&gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.7.206 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Apache-Coyote/1.1 location https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5ee89fd7-848d-4ba9-be20-a3da501db8fa?gdpr=1&gdpr_consent= cache-control no-cache, no-store, max-age=0, must-revalidate content-length 0 x-xss-protection 1; mode=block expires 0
GET H/1.1	200 OK	match ps.eyeota.net/ Frame A008 Redirect Chain https://ps.eyeota.net/match?bid=51mdg9u&uid=c7144935c0d3123ed4c8bc1c81bbbd67 https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=c7144935c0d3123ed4c8bc1c81bbbd67 https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MlVkTHd0THNDUE96OHRnUDN1ZGdyWDRGSWwxZG9PdjFBTEtONlVjd1NaSXM&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&... https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESENMuH36Wag11XwbF08Q4Q9I&google_cver=1 https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=3589309544358786890&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://ps.eyeota.net/match?bid=7vi0rg0&uid=9f0a6165-cd43-4600-b18a-6c5045e9a864&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YWXNQw... https://ps.eyeota.net/match?uid=YWXNQwAImLamVwAT&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YWXNQwAImLamVwAT https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 https://ps.eyeota.net/match?uid=26b2340d-7f7a-445d-990a-ec7ef1176a2d&bid=1e2n4ou	70 B 440 B	9ms 9ms	Image image/gif	3.127.178.105 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=26b2340d-7f7a-445d-990a-ec7ef1176a2d&bid=1e2n4ou Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-178-105.eu-central-1.compute.amazonaws.com Software / Resource Hash de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:35 GMT Content-Type image/gif Content-Length 70 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://ps.eyeota.net/match?uid=26b2340d-7f7a-445d-990a-ec7ef1176a2d&bid=1e2n4ou cache-control private,no-cache, must-revalidate content-type text/html content-length 191
GET H2	200	tpid=CI-5e244004851ef9f4ac730f44b4e2acf3 bcp.crwdcntrl.net/map/c=6220/tp=TRMR/ Frame A008 Redirect Chain https://dt-secure.videohub.tv/v1/usync/lo https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5e244004851ef9f4ac730f44b4e2acf3	49 B 264 B	37ms 36ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5e244004851ef9f4ac730f44b4e2acf3 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.30.99 content-type image/gif content-length 49 expires 0 Redirect headers Location https://bcp.crwdcntrl.net/map/c=6220/tp=TRMR/tpid=CI-5e244004851ef9f4ac730f44b4e2acf3 Date Tue, 12 Oct 2021 18:00:35 GMT useSecure true Server nginx/1.20.1 Connection keep-alive Content-Length 43 Content-Type image/gif
GET H/1.1	200 OK	bridge cm.adgrx.com/ Frame A008	43 B 408 B	116ms 28ms	Image image/gif	72.251.241.206 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__ Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software Cowboy / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:35 GMT server Cowboy P3P CP="NOI OTC OTP OUR NOR" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate, proxy-revalidate Connection keep-alive Content-Type image/gif X-RealServer-NX ams-delivery-4 Content-Length 43 Expires Thu, 23 Sep 2004 17:42:04 GMT
GET H2	200	qmap sync.crwdcntrl.net/ Frame A008 Redirect Chain https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=9f0a6165-cd43-4600-b18a-6c5045e9a864	49 B 265 B	36ms 36ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=9f0a6165-cd43-4600-b18a-6c5045e9a864 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.14.246 content-type image/gif content-length 49 expires 0 Redirect headers Date Tue, 12 Oct 2021 18:00:35 GMT Server MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=9f0a6165-cd43-4600-b18a-6c5045e9a864 Cache-Control no-cache Connection keep-alive Content-Type image/gif Keep-Alive timeout=360 Content-Length 0 Expires Tue, 12 Oct 2021 18:00:34 GMT
GET H2	200	tpid=42bf55b2-f093-40b3-90f6-155ce23caf2d-6165cd43-5553 sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame A008 Redirect Chain https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=42bf55b2-f093-40b3-90f6-155ce23caf2d-6165cd43-5553	49 B 265 B	36ms 35ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=42bf55b2-f093-40b3-90f6-155ce23caf2d-6165cd43-5553 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.13.179 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=42bf55b2-f093-40b3-90f6-155ce23caf2d-6165cd43-5553 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H2	200	tpid=tuCtMv4b1MAm4P5 sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame A008 Redirect Chain https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=tuCtMv4b1MAm4P5	49 B 264 B	34ms 34ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=tuCtMv4b1MAm4P5 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.2.65 content-type image/gif content-length 49 expires 0 Redirect headers Pragma no-cache Date Tue, 12 Oct 2021 18:00:35 GMT Server PingMatch/8a430fa#rel-ec2-master i-0d1d523a9a3a6e567@eu-central-1a@dxedge-app-eu-central-1-prod-asg Strict-Transport-Security max-age=2592000; includeSubDomains P3P policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI" Location https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=tuCtMv4b1MAm4P5 Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tpid=YWXNQwAAAEZNXgA6&_test=YWXNQwAAAEZNXgA6 sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame A008 Redirect Chain https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YWXNQwAAAEZNXgA6 https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YWXNQwAAAEZNXgA6&_test=YWXNQwAAAEZNXgA6	49 B 265 B	34ms 34ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YWXNQwAAAEZNXgA6&_test=YWXNQwAAAEZNXgA6 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.13.241 content-type image/gif content-length 49 expires 0 Redirect headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT via 1.1 varnish server Varnish x-timer S1634061636.798548,VS0,VE0 x-served-by cache-hhn4069-HHN x-cache HIT location https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YWXNQwAAAEZNXgA6&_test=YWXNQwAAAEZNXgA6 cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame A008	170 B 188 B	79ms 35ms	Image image/png	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	5907 tags.bluekai.com/site/ Frame A008	62 B 304 B	171ms 143ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=71e3a7bbd8e42c0490bdd4aeb52c9e56 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Tue, 12 Oct 2021 18:00:35 GMT Connection keep-alive P3P CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" Content-Length 62 Content-Type image/gif
GET H2	200	tpid=7624534810482751306 sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame A008 Redirect Chain https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/c7144935c0d3123ed4c8bc1c81bbbd67/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7624534810482751306	49 B 264 B	36ms 35ms	Image image/gif	52.30.140.199 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7624534810482751306 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C100%2C95%2C94%2C92%2C90%2C80%2C78%2C65%2C50%2C49%2C45%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C3&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-30-140-199.eu-west-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers Accept-Language de-DE,de;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.45.4.85 content-type image/gif content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7624534810482751306 pragma no-cache date Tue, 12 Oct 2021 18:00:34 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame E9B9	0 0	82ms 81ms	Image text/html	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211007&jk=3310936222821050&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H3	200	164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Show response pagead2.googlesyndication.com/bg/ Frame 33CE	35 KB 13 KB	28ms 28ms	Script text/javascript	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/164xWCSuMRCufBnFuK3WuMS10bt2HArdrnuZlqXsEzU.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software sffe / Resource Hash d7ae315824ae3110ae7c19c5b8add6b8c4b5d1bb761c0addae7b9996a5ec1335 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 12 Oct 2021 14:41:27 GMT content-encoding br x-content-type-options nosniff age 11948 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13308 x-xss-protection 0 last-modified Tue, 05 Oct 2021 11:38:00 GMT server sffe vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="botguard-scs" expires Wed, 12 Oct 2022 14:41:27 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/	0 20 B	61ms 61ms	Image image/gif	142.250.186.66 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211007&jk=3310936222821050&bg=!6Oul66_NAAbGFvHlxhY7ACkAdvg8Wnk1uIbPX6601_UHbQPKJWGXfM3d-zGrem8fDL_6rOzmBkhUVQIAAADqUgAAAA1oAQeZAnnx3zQsF_pOqZ1EPedHumndGXQdmTiLPghP5qD6tOjZGXANxXd2QAeMnrJWIOpuK6bTLWjHac5OqycqaGAiWwapBgIykI9O0eGvHnP-faXfnxt60w3aFHTgAMMqhwNe6HIonOudY8e3xw63Tr5rszpYQwZ77FNLjwEwmi9itfpAQElUwXGaMtDJXef_D0-smL00z0204dVGGY-iSsIqpAaJQ-Mk7tItbxP4VSSvFjX_dWHvY3TAf2BcIlQ3y8XzeoLF_hLGG8WMDUxmOAQURVFqe0MaRvApUkJJLpOapEw2U-78Av4UmsM_mHuj2eBHNLm7q7LUbHE4oWN_yMg_wsO355_b3n4LnFsYaYNB4vVH82p0wKTwfpUeLNPoelPmDC4Z6EnUZA6RoWIs17wHjZR_Hbm0-EG6Ebn_yDqq3jeT1CXsDjnSASC_ARKByODhdb2qCrLus2i5WmisUhH5wFRsCCOmBTtUEq2oznck-Ul55Y1YFF0TLiCr6EZQHFvtGe8qxj_QSsSR2yrSmx75D5fgkR-ILHdEaYYlu57nLqCN5xomM6EwsEdvV0Fn_86NMr9JiD5_Iz6F5FqP0GaIjLYSUVJszWWGkfCOkaqDt7VVyr3cjqHUgzEWqeirw1hniBGzekCZNtAKkbCnz2N-Crap882ZGpItUDaYYFW2CfkvtR-mUWWGlVYdnOS8LOqABKIniD5odJCFQKPed8TgayQKqFBjHT0cbG6xBhYs0S6bvnGFL2rFrFxUYNwhJK7wKfru4XGtPXJqfVZo9_fpI5DE49mTusHtbqbdaUyokdUgdqg72oD7wI5ZsgHJPaIelDnZrYt6Ph7itMQ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s05-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://kinoxits.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	71378167 Show response mc.yandex.com/webvisor/	43 B 145 B	32ms 32ms	XHR image/gif	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71378167?wmode=0&wv-part=1&wv-hit=200108393&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&rn=109550171&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1634061636%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101012180035%3Au%3A1634061633647687361%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1634061636 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:35 GMT last-modified Tue, 12-Oct-2021 18:00:35 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://kinoxits.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 12-Oct-2021 18:00:35 GMT
POST H2	200	71378167 Show response mc.yandex.com/webvisor/	43 B 157 B	166ms 103ms	XHR image/gif	87.250.250.119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/webvisor/71378167?wmode=0&wv-part=1&wv-hit=200108393&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fdanielway48%2F&rn=950398962&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1634061636%3Aw%3A1600x1200%3Av%3A660%3Az%3A0%3Ai%3A202101012180036%3Au%3A1634061633647687361%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1634061636 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.250.250.119 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS mc.yandex.ru Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://kinoxits.net/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 12 Oct 2021 18:00:36 GMT last-modified Tue, 12-Oct-2021 18:00:36 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://kinoxits.net cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Tue, 12-Oct-2021 18:00:36 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

px.surveywall-api.survata.com

URL

https://px.surveywall-api.survata.com/t

Domain

sync.tag.clrstm.com

URL

https://sync.tag.clrstm.com/lotame/sync?uid=c7144935c0d3123ed4c8bc1c81bbbd67