harry-potter-fan.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Submission: On January 14 via api (January 14th 2024, 5:01:03 pm UTC) from US — Scanned from NL

Summary HTTP 140 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 56 domains to perform 140 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is harry-potter-fan.ru.
TLS certificate: Issued by GTS CA 1P5 on December 21st 2023. Valid for: 3 months.

This is the only time harry-potter-fan.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 24	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3033::ac43:cc13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
10	45.95.201.19 45.95.201.19	205125 (IPV6-TUNN...) (IPV6-TUNNELBROKER-ASN)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
13 25	193.200.65.149 193.200.65.149	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	193.200.65.146 193.200.65.146	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3035::ac43:dada	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::6815:2921	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 23	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
3 3	193.232.150.68 193.232.150.68	48061 (UMA-TECH-AS) (UMA-TECH-AS)
3 4	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
2 2	167.235.14.51 167.235.14.51	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.3.184.213 193.3.184.213	50214 (QWARTA) (QWARTA)
2	37.230.131.21 37.230.131.21	200197 (HYBRID-PO...) (HYBRID-POLAND)
3 3	82.148.20.186 82.148.20.186	49505 (SELECTEL) (SELECTEL)
3 3	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
4 4	217.66.147.38 217.66.147.38	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
3 3	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
4 5	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
5 8	185.15.175.174 185.15.175.174	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3 3	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
2 3	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
2	194.55.244.178 194.55.244.178	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1	168.119.72.236 168.119.72.236	24940 (HETZNER-AS) (HETZNER-AS)
2 2	144.76.118.233 144.76.118.233	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:2d8:0:c0... 2a02:2d8:0:c00c::3	9002 (RETN-AS) (RETN-AS)
1	23.111.217.132 23.111.217.132	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 3	195.209.108.61 195.209.108.61	52007 (ADRIVER) (ADRIVER)
2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4ab4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	138.201.192.161 138.201.192.161	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.228.127.171 94.228.127.171	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	83.222.96.170 83.222.96.170	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	5.189.234.229 5.189.234.229	49505 (SELECTEL) (SELECTEL)
1 1	188.72.107.194 188.72.107.194	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 1	176.122.21.130 176.122.21.130	48096 (ITGRAD) (ITGRAD)
3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.23.99 65.109.23.99	24940 (HETZNER-AS) (HETZNER-AS)
1	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2 3	31.172.81.159 31.172.81.159	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
2 3	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	80.87.192.36 80.87.192.36	29182 (RU-JSCIOT) (RU-JSCIOT)
2 2	167.235.186.113 167.235.186.113	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
1	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.110.198 37.18.110.198	208677 (CLOUDRU-AS) (CLOUDRU-AS)
3 3	83.222.117.2 83.222.117.2	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	193.106.92.202 193.106.92.202	48614 (ITSOFT-AS) (ITSOFT-AS)
1 1	188.72.107.205 188.72.107.205	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 2	185.40.31.214 185.40.31.214	61400 (NETRACK-AS) (NETRACK-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	91.192.148.52 91.192.148.52	42481 (BEGUN-AS) (BEGUN-AS)
1 1	45.139.25.121 45.139.25.121	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
6	50.7.241.130 50.7.241.130	174 (COGENT-174) (COGENT-174)
1	185.40.155.13 185.40.155.13	21030 (CDNNOW-AS) (CDNNOW-AS)
2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
6	195.191.235.32 195.191.235.32	208566 (ROZETKA-AS) (ROZETKA-AS)
140	39

24 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

harry-potter-fan.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.videohead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:cc13 (United States)

ASN13335 (CLOUDFLARENET, US)

vak345.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 45.95.201.19 (Dubai, United Arab Emirates)

ASN205125 (IPV6-TUNNELBROKER-ASN, SC)

therapy.newplayjj.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 193.200.65.149 (Amsterdam, Netherlands) 13 redirects

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

code.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.200.65.146 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

logger.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:dada (United States)

ASN13335 (CLOUDFLARENET, US)

videotoday.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::6815:2921 (United States)

ASN13335 (CLOUDFLARENET, US)

static.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 193.3.184.137 (Russian Federation) 5 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.150.68 (Russian Federation) 3 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp2.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.34.64 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.14.51 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.51.14.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.213 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.230.131.21 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.148.20.186 (Moscow, Russian Federation) 3 redirects

ASN49505 (SELECTEL, RU)

sync.opendsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.66.147.33 (St Petersburg, Russian Federation) 3 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 217.66.147.38 (St Petersburg, Russian Federation) 4 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-38-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.87.44.187 (Russian Federation) 3 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.120.76 (Russian Federation) 4 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.15.175.174 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.199.220.44 (Russian Federation) 3 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 188.42.105.236 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.55.244.178 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.72.236 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.236.72.119.168.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.233 (Bad Bellingen, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2d8:0:c00c::3 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.217.132 (Russian Federation)

ASN39134 (UNITEDNET, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.61 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4ab4 (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.201.192.161 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-9.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.127.171 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21112.timeweb.ru

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.96.170 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.189.234.229 (Moscow, Russian Federation) 2 redirects

ASN49505 (SELECTEL, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.194 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr08.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.122.21.130 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.23.99 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.99.23.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.159 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 31.172.81.172 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.87.192.36 (Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync12.stbid.ru

7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.186.113 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.113.186.235.167.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.117.41 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.110.198 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)

dmp.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.117.2 (Russian Federation) 3 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.106.92.202 (Russian Federation)

ASN48614 (ITSOFT-AS, RU)
PTR: mail.proboard.ru

prodmp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.107.205 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr05.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.40.31.214 (Moscow, Russian Federation) 2 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.52 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.121 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 50.7.241.130 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)

9bc-a3e-2200g0.v.plground.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.40.155.13 (Russian Federation)

ASN21030 (CDNNOW-AS, RU)

user91471.clients-cdnnow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 195.191.235.32 (Warsaw, Poland)

ASN208566 (ROZETKA-AS, PL)
PTR: unallocated.giveme.network

static.filmskino.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	moviead55.ru 13 redirects code.moviead55.ru — Cisco Umbrella Rank: 60500 logger.moviead55.ru — Cisco Umbrella Rank: 71058 static.moviead55.ru — Cisco Umbrella Rank: 103830	131 KB
23	acint.net 5 redirects www.acint.net — Cisco Umbrella Rank: 25446 acint.net — Cisco Umbrella Rank: 20793	11 KB
23	harry-potter-fan.ru 1 redirects harry-potter-fan.ru	586 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	721 KB
10	mts.ru 10 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 34948 vma.mts.ru — Cisco Umbrella Rank: 37422 tech.rtb.mts.ru — Cisco Umbrella Rank: 42626	6 KB
10	newplayjj.com therapy.newplayjj.com	430 KB
8	digitaltarget.ru 5 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 21957 tag.digitaltarget.ru — Cisco Umbrella Rank: 124846	24 KB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 8747	4 KB
7	bumlam.com 5 redirects sync.bumlam.com — Cisco Umbrella Rank: 4420 pix.bumlam.com — Cisco Umbrella Rank: 97912 7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com	4 KB
7	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3982 an.yandex.ru — Cisco Umbrella Rank: 6258	142 KB
6	filmskino.site static.filmskino.site — Cisco Umbrella Rank: 361725	942 KB
6	plground.live 9bc-a3e-2200g0.v.plground.live — Cisco Umbrella Rank: 224389	3 KB
6	adriver.ru 2 redirects content.adriver.ru — Cisco Umbrella Rank: 31573 ev.adriver.ru — Cisco Umbrella Rank: 31767 ssp.adriver.ru — Cisco Umbrella Rank: 27660	16 KB
5	aidata.io 4 redirects x01.aidata.io — Cisco Umbrella Rank: 14168	3 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2	38 KB
4	betweendigital.com 3 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1908	3 KB
3	mail.ru ad.mail.ru — Cisco Umbrella Rank: 11254 top-fwz1.mail.ru — Cisco Umbrella Rank: 10239	2 KB
3	com.ru 3 redirects adx.com.ru — Cisco Umbrella Rank: 43147	866 B
3	gonet-ads.com 2 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 39250	857 B
3	kimberlite.io 3 redirects kimberlite.io — Cisco Umbrella Rank: 30029	2 KB
3	opendsp.ru 3 redirects sync.opendsp.ru — Cisco Umbrella Rank: 47339	713 B
3	adhigh.net 3 redirects px.adhigh.net — Cisco Umbrella Rank: 18494	1 KB
2	solta.io 2 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 38915	444 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 13701	715 B
2	programmatica.com 2 redirects sync.programmatica.com — Cisco Umbrella Rank: 57533	490 B
2	bidderstack.com 2 redirects nr.bidderstack.com — Cisco Umbrella Rank: 42708	890 B
2	rutarget.ru 2 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 138659 solta-sync.rutarget.ru — Cisco Umbrella Rank: 58572	824 B
2	adspend.space 2 redirects sync.adspend.space — Cisco Umbrella Rank: 46634	639 B
2	upravel.com 2 redirects sync.upravel.com — Cisco Umbrella Rank: 37153	1 KB
2	buzzoola.com 2 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 20936	363 B
2	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 23229	137 B
2	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 11851	567 B
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 25777	1 KB
2	ohmy.bid 2 redirects match.ohmy.bid — Cisco Umbrella Rank: 54128	581 B
2	videotoday.site videotoday.site — Cisco Umbrella Rank: 107207	23 KB
2	vak345.com vak345.com — Cisco Umbrella Rank: 99229	21 KB
1	clients-cdnnow.ru user91471.clients-cdnnow.ru — Cisco Umbrella Rank: 145759	95 KB
1	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 485
1	afp.ai 1 redirects ssp.afp.ai — Cisco Umbrella Rank: 30128	297 B
1	rambler.ru sync.rambler.ru — Cisco Umbrella Rank: 41171	172 B
1	prodmp.ru prodmp.ru — Cisco Umbrella Rank: 65667	229 B
1	sbermarketing.ru dmp.sbermarketing.ru — Cisco Umbrella Rank: 76381	665 B
1	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 1634	22 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 103318	753 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11938	287 B
1	new-programmatic.com match.new-programmatic.com — Cisco Umbrella Rank: 37636	215 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 35560	483 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10769	206 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 33704	302 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 51985	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 59714	199 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 41180	746 B
1	otclick-adv.ru 1 redirects otclick-adv.ru — Cisco Umbrella Rank: 81220	407 B
1	videohead.tech a.videohead.tech — Cisco Umbrella Rank: 97824	702 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 1717
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 6536	39 KB
140	56

	Domain	Requested by
25	code.moviead55.ru	13 redirects vak345.com harry-potter-fan.ru static.moviead55.ru
23	harry-potter-fan.ru	1 redirects harry-potter-fan.ru
17	www.acint.net	4 redirects videotoday.site www.acint.net
10	therapy.newplayjj.com	harry-potter-fan.ru therapy.newplayjj.com
9	www.gstatic.com	www.google.com www.gstatic.com harry-potter-fan.ru
8	mc.yandex.com	3 redirects harry-potter-fan.ru mc.yandex.ru
6	static.filmskino.site	user91471.clients-cdnnow.ru
6	9bc-a3e-2200g0.v.plground.live	therapy.newplayjj.com harry-potter-fan.ru
6	dmg.digitaltarget.ru	5 redirects harry-potter-fan.ru
6	acint.net	1 redirects www.acint.net
5	x01.aidata.io	4 redirects www.acint.net
5	www.google.com	harry-potter-fan.ru www.gstatic.com www.google.com
4	vma.mts.ru	4 redirects
4	ads.betweendigital.com	3 redirects harry-potter-fan.ru
4	logger.moviead55.ru	harry-potter-fan.ru
4	mc.yandex.ru	1 redirects harry-potter-fan.ru
3	adx.com.ru	3 redirects
3	pix.bumlam.com	2 redirects www.acint.net
3	sync.bumlam.com	2 redirects www.acint.net
3	an.yandex.ru	www.acint.net
3	ev.adriver.ru	2 redirects content.adriver.ru
3	sync.gonet-ads.com	2 redirects www.acint.net
3	kimberlite.io	3 redirects
3	tech.rtb.mts.ru	3 redirects
3	sm.rtb.mts.ru	3 redirects
3	sync.opendsp.ru	3 redirects
3	px.adhigh.net	3 redirects
2	top-fwz1.mail.ru	www.acint.net
2	sync.dsp.solta.io	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	sync.programmatica.com	2 redirects
2	nr.bidderstack.com	2 redirects
2	sync.adspend.space	2 redirects
2	sync.upravel.com	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	ssp.adriver.ru	www.acint.net
2	fonts.gstatic.com	www.google.com
2	exchange.buzzoola.com	2 redirects
2	sync.dmp.otm-r.com	harry-potter-fan.ru www.acint.net
2	dm-eu.hybrid.ai	harry-potter-fan.ru www.acint.net
2	ssp-rtb.sape.ru	2 redirects
2	match.ohmy.bid	2 redirects
2	videotoday.site	vak345.com static.moviead55.ru
2	vak345.com	harry-potter-fan.ru
1	user91471.clients-cdnnow.ru	videotoday.site
1	imasdk.googleapis.com	harry-potter-fan.ru
1	ssp.afp.ai	1 redirects
1	sync.rambler.ru	www.acint.net
1	ad.mail.ru	www.acint.net
1	solta-sync.rutarget.ru	1 redirects
1	prodmp.ru	www.acint.net
1	dmp.sbermarketing.ru	www.acint.net
1	sync.adkernel.com	www.acint.net
1	cs.agency2.ru	1 redirects
1	7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com	1 redirects
1	counter.yadro.ru	1 redirects
1	match.new-programmatic.com	www.acint.net
1	ssp.bidvol.com	1 redirects
1	s.uuidksinc.net	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	a.utraff.com	www.acint.net
1	content.adriver.ru	code.moviead55.ru
1	otclick-adv.ru	1 redirects
1	a.videohead.tech	harry-potter-fan.ru
1	sync.richaudience.com	harry-potter-fan.ru
1	static.moviead55.ru	harry-potter-fan.ru
1	yastatic.net	harry-potter-fan.ru
140	70

This site contains links to these domains. Also see Links.

Domain
lovedeathgeeks.t.me
t.me
vk.com
connect.ok.ru
twitter.com
api.whatsapp.com
connect.mail.ru
web.skype.com
megaseria.ru
animevost.tv
softbox.life

Subject Issuer	Validity	Valid
harry-potter-fan.ru GTS CA 1P5	`2023-12-21` - `2024-03-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
newplayjj.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
*.moviead55.ru R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
videotoday.site GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
moviead55.ru GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.acint.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.digitaltarget.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
new-programmatic.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.gonet-ads.com Sectigo RSA Organization Validation Secure Server CA	`2023-06-07` - `2024-06-11`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2024-01-12` - `2025-02-12`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sync.rambler.ru R3	`2024-01-12` - `2024-04-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
plground.live R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.clients-cdnnow.ru R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
static.filmskino.site R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Frame ID: D8036097B0A28E99CECFCF11D36B40CF
Requests: 42 HTTP requests in this frame

Frame: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
Frame ID: 54D23F8519A0B3F11F36758EE83F1848
Requests: 21 HTTP requests in this frame

Frame: https://harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 7BF7F83A292A9B58EFDD7F4A1AB6535B
Requests: 2 HTTP requests in this frame

Frame: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=3c5480d43feae2e8d24fa1a668a0be76&cb=248e01ea-47ec-4941-b230-571e966e2c05&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=124&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&frnd=true
Frame ID: 3675DE3C6B46D02EFE46453DDDF13792
Requests: 24 HTTP requests in this frame

Frame: https://code.moviead55.ru/go/bmap?v=3c5480d43feae2e8d24fa1a668a0be76&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut
Frame ID: D42D043F49E3EFE912F3F1150D2A9187
Requests: 3 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=167&tc=1
Frame ID: B0C79372990ABA27C0F9810EA53A242D
Requests: 40 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa&co=aHR0cHM6Ly9oYXJyeS1wb3R0ZXItZmFuLnJ1OjQ0Mw..&hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&cb=h6vyz1q5ko4r
Frame ID: 6EAA025028A9E2CF6AE466A634732ECC
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa
Frame ID: C43F0EF853D08B328EDBCFB76B308068
Requests: 3 HTTP requests in this frame

Frame: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
Frame ID: 994B501BE9CF38FB82D5131D875784B9
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Фантастические твари и где они обитают смотреть онлайн бесплатно

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

140
Requests

69 %
HTTPS

21 %
IPv6

56
Domains

70
Subdomains

39
IPs

9
Countries

3229 kB
Transfer

7239 kB
Size

119
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://lovedeathgeeks.t.me/
Title: Смотреть Фантастические твари и где они обитают в Telegram

Search URL Search Domain Scan URL

URL: https://t.me/ldgforum
Title: Обсудить Фантастические твари и где они обитают в нашем чате Telegram

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&title=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: ВКонтакте

Search URL Search Domain Scan URL

URL: https://connect.ok.ru/offer?url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&title=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&text=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE%20https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&utm_source=share2
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://connect.mail.ru/share?url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&title=%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&utm_source=share2
Title: Мой Мир

Search URL Search Domain Scan URL

URL: https://web.skype.com/share?url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&utm_source=share2
Title: Skype

Search URL Search Domain Scan URL

URL: https://megaseria.ru/
Title: Сериалы онлайн

Search URL Search Domain Scan URL

URL: https://animevost.tv/
Title: Аниме онлайн

Search URL Search Domain Scan URL

URL: https://softbox.life/
Title: Дорамы онлайн

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://harry-potter-fan.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 46

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10248.-b0YLo9BQqurHdsJ-aBMS6Zp7IoNWzouPsg7DfxWWOfkfeZ7hVeMvggKpRgGjhk5.toYkr0f2O3V1-K88p2mZY2y9nIA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10248.2qcLYatARRmeOEhap43A_87IROCRDYy5Ex9uqIaDUvpUmrdmmiP7Rf73yOtJmuu2L5g_VXY_SZgKBdwP4Pc7lYWBgJ_m--ye4YIjijXwoPzV0NtoxcrnQytv444Lbt-x4nJGEqDhF3-ToACxYxgvnaXG2cIKAHVjI1QU1eTlQgTroxTfcO7FO2rOoYVEQi2WPYvcxwvHNk_9XPd-i-maY2c6k0aRi2ROlLoFKYukYqM%2C.jdxNQY8N-J6dCZHWk7lgiGALoXE%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10248.WVIuOajDSL4NKrDEgIOD7ZYKwbbFXKnuA9MZOP52V3raiGxw6_IWf7zVIsTqIaVH_fKvSvqYdDOjsOGEP7p3r-8qMePtmRowe7pCRzzvm0C8T8jKjNS2N6mjGq1c7vcgB81w87PXyxgc3A8efGhmJb8_1WDtqIhedKSF2XZlLxjsK8deOblGyVUXr0MTpfo8cK2JZ-CRa7UkaQp1EYDfgg%2C%2C.ED-3jqq8E_wtCxO76rDMa5mxdCc%2C

Request Chain 51

https://www.acint.net/mc/?dp=167 HTTP 302
https://www.acint.net/mc/?dp=167&tc=1

Request Chain 53

https://code.moviead55.ru/go/cinit?cn=gtnt&rnd=1705251658 HTTP 301
https://px.adhigh.net/p/cm/skyadvert?u=85de381a-df48-09e8-f61d-a0ef6ff4b370 HTTP 302
https://px.adhigh.net/p/cm/skyadvert?u=85de381a-df48-09e8-f61d-a0ef6ff4b370&bounced=1 HTTP 302
https://code.moviead55.ru/go/csync?cn=gtnt&bid=e6CMMVeRKiQ.AikABlGNCOtbNA

Request Chain 54

https://code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1705251658 HTTP 301
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D&crf=1&rts=-5357012120971246959 HTTP 302
https://code.moviead55.ru/go/csync?cn=btwcookie&bid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf

Request Chain 55

https://code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1705251658 HTTP 301
https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=ohmybid&bid=72d2458b-50a1-42ed-9be4-f2edcda89c64

Request Chain 56

https://code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1705251658 HTTP 301
https://www.acint.net/rmatch?dp=167&euid=7a00cd94-4265-db51-81d9-438987fc7d38&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=7a00cd94-4265-db51-81d9-438987fc7d38 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=4F03420A4A13A4650E02DC5E0280D884&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F4A13A46577368E1302429429

Request Chain 57

https://code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1705251658 HTTP 301
https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

Request Chain 58

https://code.moviead55.ru/go/cinit?cn=dgm&rnd=1705251658 HTTP 301
https://sync.opendsp.ru/match/MovieAds?id=bb2914f7-7051-4251-1870-8417a58721c0 HTTP 302
https://sync.opendsp.ru/match/MovieAds?id=bb2914f7-7051-4251-1870-8417a58721c0&chk=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=MzBiYzk4OTRhN2I5Y2YwMQ HTTP 301
https://vma.mts.ru/match/second?ssp=67&exu=MzBiYzk4OTRhN2I5Y2YwMQ HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1 HTTP 302
https://vma.mts.ru/em?next=67&em=2&ssp=aidata&id=MjzkewxAMSyRj72E8oscuw HTTP 301
https://sync.opendsp.ru/match/mts_dsp?id=8b97018d-393d-439b-9f60-7f54d505098c HTTP 302
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7601/i/i?call_source=awg&ts=1705251659608&a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ

Request Chain 59

https://code.moviead55.ru/go/cinit?cn=solta&rnd=1705251658 HTTP 301
https://kimberlite.io/rtb/sync/skyadvert?u=c7ae3e43-82c8-9723-9c99-49d0c335229b HTTP 307
https://code.moviead55.ru/go/csync?cn=solta&bid=ZaQTSnwPV8w

Request Chain 60

https://code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1705251658 HTTP 301
https://sync.gonet-ads.com/match/SkyAdvert?id=5f42d5e6-0f9a-8dec-5dad-7a2a3f2543d9 HTTP 302
https://sync.gonet-ads.com/match/SkyAdvert?id=5f42d5e6-0f9a-8dec-5dad-7a2a3f2543d9&chk=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NzIyMmE4NWMwYTdmNWIxMw

Request Chain 61

https://code.moviead55.ru/go/cinit?cn=otmbid&rnd=1705251658 HTTP 301
https://sync.dmp.otm-r.com/match/skyadvert

Request Chain 62

https://code.moviead55.ru/go/cinit?cn=snmd&rnd=1705251658 HTTP 301
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D

Request Chain 63

https://code.moviead55.ru/go/cinit?cn=vhd&rnd=1705251658 HTTP 301
https://a.videohead.tech/sync?ssp=sky_new

Request Chain 64

https://code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1705251658 HTTP 301
https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D HTTP 301
https://code.moviead55.ru/go/csync?cn=bzcookie&bid=f911e732-a41d-4c7d-7200-e2851f869d3e

Request Chain 65

https://code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1705251658 HTTP 301
https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUARI75Zk9jlp2Z

Request Chain 69

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A965362601646%3Ahid%3A1015169519%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A646369271%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A948x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C0%2C0%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705251658101%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251658%3At%3Apl&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A965362601646%3Ahid%3A1015169519%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A646369271%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A948x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C0%2C0%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705251658101%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251658%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 82

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=4E03420A4A13A4651B023D5202609BEE

Request Chain 83

https://px.adhigh.net/p/cm/sape?u=0100007F4A13A4656636E715023D8B75 HTTP 302
https://acint.net/match?dp=17&euid=e6CMMVeRKiQ.AikABlGNCOtbNA

Request Chain 84

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4355368104 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=Ah4Ab_j2sgtkCXhNOsLIcrw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4A13A46577368E1302429429

Request Chain 89

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=1c3709ac-6932-4e90-b380-b8b84030dffe

Request Chain 90

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://acint.net/match?dp=80&euid=GPpOQtG6bN10OTHxOtYA

Request Chain 92

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=VOMKXTHU

Request Chain 93

https://sync.adspend.space/sape?uid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dc7b781e0-ce88-4ca1-9d3f-5f3b3817984b HTTP 302
https://www.acint.net/match?dp=98&euid=c7b781e0-ce88-4ca1-9d3f-5f3b3817984b

Request Chain 94

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=qg5yHNv9G6ug

Request Chain 95

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007F4A13A4656636E715023D8B75&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=107&euid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf

Request Chain 96

https://ads.adlook.me/csync?pid=sape&uid=0100007F4A13A4656636E715023D8B75&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=b92daa900c10428e98ceec0f3f2b8445

Request Chain 97

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F4A13A4656636E715023D8B75 HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0100007F4A13A4656636E715023D8B75 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fi5cBjTk9Q5ufYH9U1QUJjA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D0%26sign%3D2767030119 HTTP 302
https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2767030119

Request Chain 98

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=4142fb4b-256e-46be-6459-fe5475166156

Request Chain 99

https://s.uuidksinc.net/match/396/?remote_uid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://www.acint.net/match?dp=127&euid=C07hyvtauNacWUWp0Ugu

Request Chain 100

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=beshe8gpnf

Request Chain 102

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4A13A4656636E715023D8B75 HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4A13A4656636E715023D8B75&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 104

https://sync.bumlam.com/?src=sap1&uid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjLppCtBmIgMDEwMDAwN0Y0QTEzQTQ2NTY2MzZFNzE1MDIzRDhCNzWiARB9dY5Gsv4R7ruxACWQyCQ2

Request Chain 105

https://pix.bumlam.com/sync/sape/check?sspuid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=7d758e46-b2fe-11ee-bbb1-002590c82436 HTTP 302
https://7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 107

https://nr.bidderstack.com/sape/cm?user_id=0100007F4A13A4656636E715023D8B75 HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=0100007F4A13A4656636E715023D8B75&pupa=1 HTTP 302
https://www.acint.net/match?dp=251&euid=39837bf5-1d59-2924-3bc4-609c8db35de3

Request Chain 108

https://cs.agency2.ru/p?ssp=sp&uid=0100007F4A13A4656636E715023D8B75 HTTP 301
https://www.acint.net/match?dp=186&euid=52c0d759-892b-4ef1-97fa-a8bfc863d17e

Request Chain 109

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=2885f33a-a168-4975-9267-ff9c68435f29

Request Chain 111

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjYwYzdkZjVhYWQ0NzBhZA

Request Chain 112

https://adx.com.ru/sape-sync?uid=0100007F4A13A4656636E715023D8B75 HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F4A13A4656636E715023D8B75 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a4134b7011cb0001b318ea%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a4134b7011cb0001b318ea%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=1459624348 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a4134b7011cb0001b318ea%26r%3D&webouid=8s32iYpLECLcnMwJI1ivze HTTP 302
https://prodmp.ru/yabbi.gif?uid=65a4134b7011cb0001b318ea&r=

Request Chain 113

https://kimberlite.io/rtb/sync/sape2?u=0100007F4A13A4656636E715023D8B75 HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=qg5yHNv9G6ug HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaQTSnwPV8w HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZaQTSnwPV8w HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fi5cBjTk9Q5ufYH9U1QUJjA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1750518075 HTTP 302
https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1750518075

Request Chain 114

https://sync.dsp.solta.io/match/sape?id=0100007F4A13A4656636E715023D8B75 HTTP 302
https://sync.dsp.solta.io/match/sape?id=0100007F4A13A4656636E715023D8B75&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=NzA0ODQzNGE1MGY0ZTI0Ng

Request Chain 117

https://ssp.afp.ai/api/sync/sape HTTP 302
https://www.acint.net/match?dp=261&euid=324de6b5-ecee-4030-bf88-6f4952ef0d21

Request Chain 147

https://dmg.digitaltarget.ru/1/1093/i/i?i=651473157314001.91753991098271&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c=ss:77.up:0100007F4A13A4656636E715023D8B75.sync:up.xdua:duszHtRZwh9IRi5MtqJMQMl1.xps:xpsP3rDPMhE26X1XOnsUHagUk.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705251659668&i=651473157314001.91753991098271&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c=ss:77.up:0100007F4A13A4656636E715023D8B75.sync:up.xdua:duszHtRZwh9IRi5MtqJMQMl1.xps:xpsP3rDPMhE26X1XOnsUHagUk.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=Rj.mah-kkYiP2ynFfQOm

Request Chain 148

https://dmg.digitaltarget.ru/1/1093/i/i?i=651473157314001.408891920392900&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c=ss:77.up:0100007F4A13A4656636E715023D8B75.sync:up.xdua:duszHtRZwh9IRi5MtqJMQMl1.xps:xpsP3rDPMhE26X1XOnsUHagUk.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705251659727&i=651473157314001.408891920392900&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c=ss:77.up:0100007F4A13A4656636E715023D8B75.sync:up.xdua:duszHtRZwh9IRi5MtqJMQMl1.xps:xpsP3rDPMhE26X1XOnsUHagUk.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=XPPYdISkbYr4S37FU8RA

140 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request fantasticheskie-tvari-i-gde-oni-obitajut Show response
harry-potter-fan.ru/ 57 KB
17 KB 209ms
141ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee36db6a84eef6884bffafa5d5865ee6a8a2b7fc5142aebf76835eaa24325662

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8457702c6cac0b5a-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 14 Jan 2024 17:00:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i9hwX35shdd4vRIXL%2FNN9EgTWcxhz8DbjX5ZD4%2BPz4LUfiBdD4xdfQxREighbN%2FIRLSjKvwL6PXT7hExQw7LShaFzxM1lFNDHz7tg9HYGciB8anxBHKumAz1JWka2CVWNkDLMf4b8sNSw%2Blu26MdL%2Fq"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 index.php
harry-potter-fan.ru/engine/classes/min/ 144 KB
28 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/engine/classes/min/index.php?f=engine/editor/jscripts/froala/fonts/font-awesome.css,engine/editor/jscripts/froala/css/editor.css,engine/editor/css/default.css&v=d4d80
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d37eb638eb16c0bb7d39e4c2c6465ad2d4c8e070cf893a2724e068074dfe5b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1677630519;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4zrNd1TwISNHKUZiOdTDveNBfnlwnkJMWyJYpSJ%2Fq4xY249Ie0BQ6NIy2qT37sBO4sq%2Bg9uu9pg4FGqdWjj%2FAX3KQa5SpMCr2iKYjVcNbTZI4BxoKZiDh9brQIVZyM%2BI135GM6cQE8TEjpEzM1u65BG"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8457702d5e4d0b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 17:00:57 GMT

GET
H2 200 index.php Show response
harry-potter-fan.ru/engine/classes/min/ 84 KB
31 KB 94ms
93ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/engine/classes/min/index.php?g=general&v=d4d80
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1677630519;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3XGwoGEelxMNmJLFSybj%2Bh8Zm4qiILQz%2FtJY3cP3FVRQLZjfsGla7mSKoXxcJE8rmn0GGG2JPc183cMYbfTUKEf78dJFZvAV5U%2FQ7vlOkACWjeYTR5PE%2F34GYcCAlz0JP3lrYM15iTZaArBv%2FjlGpGo"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8457702d5e520b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 17:00:57 GMT

GET
H3 200 index.php Show response
harry-potter-fan.ru/engine/classes/min/ 1004 KB
287 KB 75ms
74ms Script
application/x-javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/engine/classes/min/index.php?f=engine/classes/js/jqueryui.js,engine/classes/js/dle_js.js,engine/classes/highslide/highslide.js,engine/skins/codemirror/js/code.js,engine/editor/jscripts/froala/editor.js,engine/editor/jscripts/froala/languages/ru.js&v=d4d80
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98b86d2c9f0a5380bf3531cdc0576d9857841f8a4ee90683fa59fccac1b44857

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"pub1677630519;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2CAgoMV6hcxIPHcw8LdJB2QnqjOVYY62j6Wp7n%2BDo%2FM5GDiimt6KzVnw19fmR1QHfeTsozWMDrRU6tDjWSXfIAktEyeCcLMDCqhhbgD%2BjnxoeQ%2BR1MB99%2BXyLisKzvwAfKW6Lennlu2a9rpl2uqB82CD"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript; charset=utf-8
cache-control: max-age=31536000
cf-ray: 8457702dea9a66bc-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 13 Jan 2025 17:00:57 GMT

GET
H2 200 styles.css
harry-potter-fan.ru/templates/Animevost/css/ 6 KB
2 KB 49ms
49ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8d00c67dc127c731b49339b3b7fc09cb1c34336f48cb3ed069f066e65c7ecc1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 02 Mar 2023 05:22:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64003278-1658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgfHwcTG4HuNbvpdHZkbG9f5VM2ArSNmOj9mZ29vCjVEIGC2eC4y8hrJpnf7BTYXYG8O5pqaksblW3Ne0%2B6jXfM4RBEbA89Y%2Bnddsu%2B%2F1Sj5%2FUmIzuUGLeoYI6oqKZRtAbWV89Yazuk5dFWy7vOiPmud"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8457702d5e4f0b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jan 2024 17:00:57 GMT

GET
H2 200 lib.js Show response
harry-potter-fan.ru/templates/Animevost/js/ 41 KB
13 KB 33ms
32ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/js/lib.js
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3da8f64c4974bb6e34358245267ffa96d2cab88942732554c14dc59ea7a33661

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65576
etag: W/"63fe9c37-a369"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4UA9gysXd9JBcK0GO8QS%2BycGzB57dGB3yaSD3VkfnZT95Rf86xsWtNWom6zPD8M%2BEIP3Wzzb9IRskeYkttGPNmppEil3YwBzn8J2iCSPGOmi6OT90IjMP9pRV4fgc9SUrpzyt1YEcQ9%2FePDzs6Yllckk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 8457702d5e540b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Jan 2024 22:48:01 GMT

GET
H2 200 style.css
harry-potter-fan.ru/templates/Animevost/playlists/ 4 KB
2 KB 66ms
66ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/playlists/style.css?v4
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b477a4b0677dda90b28f2d36b3f06e6e2b9ed8b9aec828940ce9687790ba3db8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63fe9c37-f13"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aGOjcqZPMRfx%2Bmsx86eorsxC0yRgNjoKvZAc7SFI7BehW391mRA6tVkKuBPOrb3wMCY8UkCd5KzG1rDEaeG7WgF7ul5nmeMzN29mp2nzO%2FdMRE4DIM3A%2BMbCJ0A9c2Ie8kI7o5VSy9VNzByE6v3lY2L8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8457702d5e510b5a-AMS
alt-svc: h3=":443"; ma=86400
expires: Mon, 15 Jan 2024 17:00:57 GMT

GET
H2 200 s.js Show response
vak345.com/ 4 KB
2 KB 77ms
39ms Script
text/javascript 2606:4700:3033::ac43:cc13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/s.js?v=3c5480d43feae2e8d24fa1a668a0be76
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cc13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9c9a7f14b6e1fd7abcd3a40300fc54612d8624cfb2796ca6e672206aada69a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BqB%2Bhb40VGn5UDtIHDw4WyQJK3PrkerE%2FqVFaRYYzo6YCUi4atl%2B9QZxJA2ZMXkenVUfbIE9ZUSbI%2F1cKvbQ16ph0tnLb49sNAt6OqritH%2FqOlGMpcMqkfDEOqqUmCS6QMyAz1TVju2d"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-movieads-country: NL
cf-ray: 8457702e3fa365f0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 1677636506_004.jpg
harry-potter-fan.ru/uploads/posts/2023-03/thumbs/ 14 KB
14 KB 26ms
26ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/uploads/posts/2023-03/thumbs/1677636506_004.jpg
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497fac9e37409dc1973db0bd76bf0b00841df9d5e13bd14aa4b6e132c4f02918

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65575
alt-svc: h3=":443"; ma=86400
content-length: 14219
last-modified: Wed, 01 Mar 2023 02:08:14 GMT
server: cloudflare
etag: "63feb38e-378b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9kpmAbT8KOhwGBd7ITMd5HPgWiPydO1TqT5S8qiZdRyezkQ48xeEf9WP3Ur%2BESV2lGRcRhOb6IzHdX0tXQRL0T0HJrpKs94OH0%2F6ljrZtGwcEyj4K6YKSy2vJKCyZ%2FTpACZfzhd9DISjSQUHWkq69Mj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702d5e570b5a-AMS
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H2 200 1677636590_001.jpg
harry-potter-fan.ru/uploads/posts/2023-03/thumbs/ 7 KB
8 KB 28ms
27ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/uploads/posts/2023-03/thumbs/1677636590_001.jpg
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87256cc56e6827a0bb31127b2eb6f8f94bcd96c481cfd4c6fea4e10be549d3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12214
alt-svc: h3=":443"; ma=86400
content-length: 7360
last-modified: Wed, 01 Mar 2023 02:08:49 GMT
server: cloudflare
etag: "63feb3b1-1cc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuwhxRUmpga%2B7PE3aVOp8sMFv%2FCAUeNsKmdg9Wu6Orm2AY9VSKUXlLrTKhaaAsmdWvL7ZVGuV%2Bkj4kddwff%2BiSaH6viOYk%2FcE%2BPybcu4dzPRc9A4uUuQbHhN6lAivzlwkG2dV5ST8%2Bzpyi855cv9PbEH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702d5e590b5a-AMS
expires: Mon, 15 Jan 2024 13:37:23 GMT

GET
H2 200 1677636546_002.jpg
harry-potter-fan.ru/uploads/posts/2023-03/thumbs/ 7 KB
7 KB 30ms
30ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/uploads/posts/2023-03/thumbs/1677636546_002.jpg
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6419481b0628be0ac764935223befd367b8dac934af19e3cec763acfc7170d54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12214
alt-svc: h3=":443"; ma=86400
content-length: 7104
last-modified: Wed, 01 Mar 2023 02:08:51 GMT
server: cloudflare
etag: "63feb3b3-1bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2S8wH4Dy8Tcs3503EF5lL6L4uDlQi27mp%2FIDDwp%2F79uR3Z%2FbZVXSO7NXXISUDo%2B0T%2BWGCS22lOPZ4SXA3mrl%2FO01qkIR%2FZv0Q14NEQV3foMVtIVeh8d11XtPX4oEz8ULY0kewExp5bIhG8DKHA3F1N4"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702d7eaf0b5a-AMS
expires: Mon, 15 Jan 2024 13:37:23 GMT

GET
H2 200 1677636590_003.jpg
harry-potter-fan.ru/uploads/posts/2023-03/thumbs/ 7 KB
7 KB 43ms
43ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/uploads/posts/2023-03/thumbs/1677636590_003.jpg
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f97104ac6050773fc17f08c753d8ef55fe48d6b66022a2411a193347f33a26

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 01 Mar 2023 02:08:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "63feb3b4-1a99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMImMnsWcnoSy1Vdg4z88dUdO%2BRmPA8oDfkGCYUk4l29j%2F%2FzVZqTezuACxnMpMPBtE9NaWugr8Nh1gFTrYIkbm6jzqmrmZ3Hf6E3GSoJcUcFBqC8ia6Qxp8NPNwXDm8PvJVRIYBIddx1kQ%2BVWU6oiDv9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702d7eb20b5a-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6809
expires: Mon, 15 Jan 2024 17:00:57 GMT

GET
H2 200 share.js Show response
yastatic.net/share2/ 142 KB
39 KB 171ms
55ms Script
application/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

838439f7800886796f6c8dd2b1bb6eeebfccdc9b05f89c489140c10edff3ab28

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Nov 2023 15:06:40 GMT
server: nginx/1.17.9
etag: W/"72e199079b77250d47f2f9c379273c4c"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 17 Jan 2024 04:58:43 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 178ms
62ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=ru

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4a75f2d9b7a5079b6a32dab1dc586296843441c38671e87a545d16e778cb373d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:00:58 GMT

GET
H3 200 noavatar.png
harry-potter-fan.ru/templates/Animevost/dleimages/ 26 KB
27 KB 26ms
26ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/templates/Animevost/dleimages/noavatar.png
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da0a0585780a4f972eefaef4cd3c845caa591c3df5d8c3f1c24fc2f55565ab6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65571
alt-svc: h3=":443"; ma=86400
content-length: 26879
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-68ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMP3SMDhqe%2FNRze%2F%2FLdIoa2GdDpn1JAkk8P3Kh%2BDe1j7SQ6vHyjvqQrNRwgxsjzs012vTBKL7x4bIAXgxVFuruxwE7a2V8IXlkfFtuAtRUIo7GklRZSrpskwcrziM3QToy%2BbF%2BkENTvzmjvAqbxEQ3Dx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702da9e866bc-AMS
expires: Sun, 14 Jan 2024 22:48:06 GMT

GET
H3 200 thumbu2_.png
harry-potter-fan.ru/templates/Animevost/images/ 200 B
697 B 69ms
68ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/templates/Animevost/images/thumbu2_.png
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 631351c46214f59ec4af48f9fcccecfbe1209b76265900431ba1c7a74acb92ec

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65571
alt-svc: h3=":443"; ma=86400
content-length: 200
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LP7eCAVowd8TlRKJews9JoO1OAs3yvvxBPGnV8%2FsRPBVIdrkE3FvSV8NT40UmgEeuVRcLHx7pvFL5rhhPk9dTnt4ZmfqXG0l%2FEpZxU2l5mQ3Fb4E%2BJsUlt2xml6%2F4D6PBH0kvnLlBjN4tl%2FFXqjsM05a"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702e4b4b66bc-AMS
expires: Sun, 14 Jan 2024 22:48:06 GMT

GET
H3 200 thumbd2_.png
harry-potter-fan.ru/templates/Animevost/images/ 212 B
714 B 70ms
70ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/templates/Animevost/images/thumbd2_.png
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92b935b6112c66bdeb8051cc585d945fe8e3fd9e470300720d12821a4617fc86

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65571
alt-svc: h3=":443"; ma=86400
content-length: 212
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FS1HNen4Gz2ydYQMFblDMERvbpDA8colQD6QnPkiKquX%2FZA1GVGhaEI%2BXz3OsYpw5U8ljSqyWosVnG%2F15H%2BgK1ojtbyRE5wkSjoFLCUPOy%2B48biVRwM%2BKe7BFmChjjoNJEaz2RPcoCRFgDQ%2BRWLVqBr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702e4b4c66bc-AMS
expires: Sun, 14 Jan 2024 22:48:06 GMT

GET
H3 200 libstyle.css
harry-potter-fan.ru/templates/Animevost/css/ 95 KB
28 KB 46ms
45ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/css/libstyle.css?v=8.0
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b9964c5282527bef1638313e4760770d2b65d814a7c067827cb194fc104e3ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65575
etag: W/"63fe9c37-17d2c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0F0B0%2FyDyU71DBhp5jR8Fh7btH0q4oICQMtqJMcWZt0CTrY8u1JAdf%2Bb08mJpKGZdk8ljOJzTziztEPjiQO68Qlaa2bJHEekixZy%2BOjVTZpfwBCj9uLjGBFxx0ls%2F%2F34GFUaz6QdGUaDOgDI2bPsHXcc"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8457702dfaad66bc-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H3 200 main.css
harry-potter-fan.ru/templates/Animevost/css/ 50 KB
11 KB 29ms
29ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/css/main.css?v=9.0
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9b6a37cbe882441a7de4e1a5c32a84cd100ddefd008ccbe17a35d73d5d0e3b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 05:20:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65575
etag: W/"6400322d-c793"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FuGJ5BZ4NyN5QI%2FtVHIeDHB%2Bmp%2B93z%2BaRNBBaHXnfW59aFX1AMMPPO9BR56DZNnLBRhfNmpaV%2BqeHlXv7uSJXKRzSdw%2FVG9aYurSTuiNtgklndLIFYi%2F6IP2UIC2bI3p3hgcXXmg5tnSCjFQfwmF8tQ9"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8457702dfab066bc-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H3 200 engine.css
harry-potter-fan.ru/templates/Animevost/css/ 62 KB
23 KB 31ms
31ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/css/engine.css?v=8.0
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 933881d68749635974292cfd80a4ec47d24a009399aafdc5f341b52a21d6b60a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 65575
etag: W/"63fe9c37-f953"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S77ZKPtpXj%2FCW8Q9Ys9Jr3JAi9%2FFeox%2BQAlKXKZI%2B5rQVp5SAklcEk6hpEWySa%2FV4mfgY%2BDoZ%2Fy%2BMzpf9NWuqgwdX7y8EBZlH18Ym2rbP2YWNmKv%2Bxg9yRUu34ymEEC035cFQqyHZzLS1rgWxdeJKCJa"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 8457702dfab566bc-AMS
alt-svc: h3=":443"; ma=86400
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H2 200 / Show response
therapy.newplayjj.com/ Frame 54D2 16 KB
9 KB 278ms
142ms Document
text/html 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx / PHP/8.0.27

Resource Hash

656ff503a9b7ae16ef69aba3629e104b822d306049e07e65c2ab12af188e1bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; max-age=31536000;

Request headers

Referer: https://harry-potter-fan.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
strict-transport-security: max-age=31536000; max-age=31536000;
x-powered-by: PHP/8.0.27

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 235ms
117ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Sun, 14 Jan 2024 18:00:58 GMT

GET
H3 200 body.png
harry-potter-fan.ru/templates/Animevost/images/ 7 KB
8 KB 67ms
67ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/templates/Animevost/images/body.png
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f3ca87e3830cc9ce5dc9608af4c9b1eaa81730a918c134c971d305d11d5f6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/templates/Animevost/css/styles.css?v4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65575
alt-svc: h3=":443"; ma=86400
content-length: 7555
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-1d83"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qkohOZOTuuT4VVTlb6e0lZDG79kRZyccyUGgeokhXYsRDisjwapKz31XUUmaAoKlnpM90qO%2Bxj8u4HPXQne6kb07EC%2Fw1SuusIsonNVj%2BRg47rael0kFEf1JGrXkfD3h30j%2FxyArCXBRgZ0JquadyQx"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702e5b5566bc-AMS
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H3 200 superrating.png
harry-potter-fan.ru/templates/Animevost/images/ 2 KB
3 KB 68ms
68ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://harry-potter-fan.ru/templates/Animevost/images/superrating.png
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/engine.css?v=8.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 948c8b553836da9049e55404d6f16dd981b1dc20d841f148d5a884e713b10997

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/templates/Animevost/css/engine.css?v=8.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65575
alt-svc: h3=":443"; ma=86400
content-length: 2545
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-9f1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTAWwSbHJHsWEkAb84%2BO5lFaSiztWwE9ocmy7m6QWtOsX%2F%2BkI98aMFi45dvyF0jZlYhOT%2FuSwnjU%2BGJhCwc3LiXvcF0%2F%2BjuVR2%2B2%2FTE28I2jKMUzfp37VTL%2BqW2tWmMFa4JaHo1X4FbBLWupB82Rwr7C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702e5b5c66bc-AMS
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H2 200 202401142000.js Show response
vak345.com/cs/ 65 KB
19 KB 40ms
40ms Script
application/javascript 2606:4700:3033::ac43:cc13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/cs/202401142000.js?v=3c5480d43feae2e8d24fa1a668a0be76&_t=1705251657985.985
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cc13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64c38ea9e73076748e55f288670ffb306dbff7521988f317e6ace3f1ac0371ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-movieads-udata: cache
x-movieads-country: NL
x-yac-source: Yac
alt-svc: h3=":443"; ma=86400
x-movieads-setup: combo
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWxywWhUQiocgUizVcWhvKIg611WhLmdkQgtDhnkQmOq%2BNn3yj7qbXjHu%2BA0lr1La7MCNiMlFXuUw2CdHwEmbwPXL5U5zd%2BC%2FUnAOy%2BwdzppdkKsDyV4WmrJBYfXn911qCxJ91eBhvMH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 8457702e782965f0-AMS

GET
H2 200 madstyle.css
code.moviead55.ru/ 209 B
494 B 138ms
75ms Stylesheet
text/css 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/madstyle.css
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401142000.js?v=3c5480d43feae2e8d24fa1a668a0be76&_t=1705251657985.985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: d32e09545bb97202e2509b841fb02ea0570257f333d4eafc3830e3eb19390185

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
server: nginx
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-movieads-country: NL
cross-origin-resource-policy: cross-origin

GET
H2 200 logger.php
logger.moviead55.ru/ 70 B
214 B 70ms
18ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=target_country_load&c=248e01ea-47ec-4941-b230-571e966e2c05&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22chrome%5C%22%2C%5C%22version%5C%22%3A%5C%22120%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=3c5480d43feae2e8d24fa1a668a0be76&o=%7B%7D
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c1242d3a4b3afa310339e66b9fee5119376acdc1c77f1e99fc17d504bc05c1cc

Request headers

Referer
Origin: https://harry-potter-fan.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 fontawesome-webfont.woff2
harry-potter-fan.ru/templates/Animevost/fonts/ 63 KB
63 KB 27ms
26ms Font
application/octet-stream 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/templates/Animevost/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/templates/Animevost/css/libstyle.css?v=8.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

Referer: https://harry-potter-fan.ru/templates/Animevost/css/libstyle.css?v=8.0
Origin: https://harry-potter-fan.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 65576
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Wed, 01 Mar 2023 00:28:39 GMT
server: cloudflare
etag: "63fe9c37-fbd0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2auNaRHBSUCbK4s%2BpI5EptXE0HP%2FpAlqKWHoc3b%2B9hFHM%2BD5fOLeibtBTnx1IV3PzdWSw%2FPhYizA8bJ90kSOhDf5gEv8i05kS0kmXp67PwLwqFvLxx4iNxKhADv9jcM%2B4g8ZrxAbvu%2BQa4gNxFbeOcY"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 8457702f1ccd66bc-AMS
expires: Sun, 14 Jan 2024 22:48:02 GMT

GET
H3

200

main.js Show response
harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 7BF7
Redirect Chain

https://harry-potter-fan.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

24ms
23ms

Script
application/javascript

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27dbb199eb070f0ff40aa6de874f207a379dd1b547d2f196150ec7d271b48182

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdC1GDl6spheHnAf4Jk5C8yFNGbtdFab2LW8qRftVZgNNbeA71cASLY1xDHr0sQCe41h8tM%2BwDp%2BRHrPfeSxPB7aCudaz%2BmZ2Gidl10tI2kYyGTRws2Xd47pVnyiterhIDBAqWjf5zRLXffboE3nkGnD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8457702f5d3566bc-AMS
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sun, 14 Jan 2024 17:00:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvKG1GG0LCFUHMpwTfhJE4W1qdQzW%2BseqQTToQlTdSMFjrZggVngqJsCUjZbjFRchiy94OF%2FLch2Hew5GTW64HD2l43xi5C7H7e6YkmvuLD1z7WMm4kkDt8HOW3Zy%2FU%2F7zG0ZAghObvh%2BpmHujUoW7x7"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 8457702f2ced66bc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ 538 KB
206 KB 83ms
26ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd89e670cae9029861321158f28c879ca49336dd2d587c25fe2c9bc9d3e56145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Origin: https://harry-potter-fan.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210508
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 14:30:21 GMT

POST
H3 200 8457702c6cac0b5a Show response
harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 7BF7 0
569 B 44ms
44ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://harry-potter-fan.ru/cdn-cgi/challenge-platform/h/b/jsd/r/8457702c6cac0b5a
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dOSSsjqG612Rxki7WhLzgM5gF17IbZZXkkYhvKgIGFuLsE%2Fi5SlUB2xX2%2B8c4bWmK%2Ba1E418nwdWKBeYdg%2Bm8xIr%2BRrbaCbr%2BNHHX6xjz0bdzZKAYo%2F4ev1DWwtGndtDb7dLAj94%2BXugZWaBLvfKHj1U"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8457702fee4666bc-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 frndnp.php Show response
videotoday.site/ Frame 3675 41 KB
19 KB 81ms
42ms Script
text/html 2606:4700:3035::ac43:dada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=3c5480d43feae2e8d24fa1a668a0be76&cb=248e01ea-47ec-4941-b230-571e966e2c05&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=124&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&frnd=true
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401142000.js?v=3c5480d43feae2e8d24fa1a668a0be76&_t=1705251657985.985
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56bdd401d3d4873c1af775fea4c9619a526a7ba6cdcc20a2dae958ac495b967

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqBh%2F3P1APqq9k7rKmWGLzTZ7wAvdz2PW7FC7Kj7doR4Ug0cFxTqPdtnJlA9G2p94x8DkL7LUOLGM0F6nOp55bMHx5n7EvRBLfpOQ%2Bb6tUAozwosxNxBzzfCJC6ETWU3au1CfHGZvPu%2Bq5ChI5s%3D"}],"group":"cf-nel","max_age":604800}
x-cache: Yac
content-type: text/html; charset=UTF-8
x-movieads-country: NL
cf-ray: 845770302b916724-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 bmap Show response
code.moviead55.ru/go/ Frame D42D 161 KB
64 KB 100ms
100ms Script
text/javascript 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/go/bmap?v=3c5480d43feae2e8d24fa1a668a0be76&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401142000.js?v=3c5480d43feae2e8d24fa1a668a0be76&_t=1705251657985.985
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6e5e6fe525a6d40850c185e82c64bf8da82f39de7789c0e187ef6e27decb5067

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
x-movieads-udata: cache,parsed,3573
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 391 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 723aa7e4d231c81a010c84b8703f0078c2510814c5da2e9ee4d2949c7e48e747

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 603 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae28c4fad713f0365941038ab14753a9488e4c5b31ce36cdc48d8048907e62b0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 style.css
therapy.newplayjj.com/style/ Frame 54D2 9 KB
2 KB 57ms
55ms Stylesheet
text/css 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/style/style.css?v=1.791

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

6c7c893770a3929ede5214839cc14701f15075eb4bc099f3a6021fa5c3aa4bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 22 Dec 2023 09:43:11 GMT
server: nginx
etag: W/"65855a2f-2332"
content-type: text/css

GET
H2 200 jquery.min.js Show response
therapy.newplayjj.com/js/ Frame 54D2 87 KB
30 KB 83ms
81ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-15d9d"
content-type: application/javascript

GET
H2 200 baron.min.js Show response
therapy.newplayjj.com/js/ Frame 54D2 27 KB
10 KB 121ms
120ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/baron.min.js?v=2.23

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

84f887baec9d4b92266392f60fbab0c1086f665b11d3e5a7005dc681d62fb062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Sun, 07 Jan 2024 21:22:24 GMT
server: nginx
etag: W/"659b1610-6d7b"
content-type: application/javascript

GET
H2 200 player.min.js Show response
therapy.newplayjj.com/js/ Frame 54D2 78 KB
29 KB 143ms
142ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/player.min.js?v=1.467

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

5bfbf77283bca4e1efc1b5d65ff5a4488dfc6b794d07392f9f55e3faf8b5044c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Sun, 14 Jan 2024 14:01:56 GMT
server: nginx
etag: W/"65a3e954-13820"
content-type: application/javascript

GET
H2 200 playerjs-alloha-new-19.5.1.js Show response
therapy.newplayjj.com/js/ Frame 54D2 815 KB
283 KB 162ms
161ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/playerjs-alloha-new-19.5.1.js

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

89cd5e4ef6fcbb24fd971b1ec551d5dccbd4b3f3ec1e900f00c2eeafc62da42c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 12 Jan 2024 20:40:24 GMT
server: nginx
etag: W/"65a1a3b8-cbc61"
content-type: application/javascript

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10248.-b0YLo9BQqurHdsJ-aBMS6Zp7IoNWzouPsg7DfxWWOfkfeZ7hVeMvggKpRgGjhk5.toYkr0f2O3V1-K88p2mZY2y9nIA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10248.2qcLYatARRmeOEhap43A_87IROCRDYy5Ex9uqIaDUvpUmrdmmiP7Rf73yOtJmuu2L5g_VXY_SZgKBdwP4Pc7lYWBgJ_m--ye4YIjijXwoPzV0NtoxcrnQytv444Lbt-x4nJGEqDhF3...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10248.WVIuOajDSL4NKrDEgIOD7ZYKwbbFXKnuA9MZOP52V3raiGxw6_IWf7zVIsTqIaVH_fKvSvqYdDOjsOGEP7p3r-8qMePtmRowe7pCRzzvm0C8T...

43 B
620 B

64ms
64ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10248.WVIuOajDSL4NKrDEgIOD7ZYKwbbFXKnuA9MZOP52V3raiGxw6_IWf7zVIsTqIaVH_fKvSvqYdDOjsOGEP7p3r-8qMePtmRowe7pCRzzvm0C8T8jKjNS2N6mjGq1c7vcgB81w87PXyxgc3A8efGhmJb8_1WDtqIhedKSF2XZlLxjsK8deOblGyVUXr0MTpfo8cK2JZ-CRa7UkaQp1EYDfgg%2C%2C.ED-3jqq8E_wtCxO76rDMa5mxdCc%2C

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10248.WVIuOajDSL4NKrDEgIOD7ZYKwbbFXKnuA9MZOP52V3raiGxw6_IWf7zVIsTqIaVH_fKvSvqYdDOjsOGEP7p3r-8qMePtmRowe7pCRzzvm0C8T8jKjNS2N6mjGq1c7vcgB81w87PXyxgc3A8efGhmJb8_1WDtqIhedKSF2XZlLxjsK8deOblGyVUXr0MTpfo8cK2JZ-CRa7UkaQp1EYDfgg%2C%2C.ED-3jqq8E_wtCxO76rDMa5mxdCc%2C
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
501 B 63ms
62ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sun, 14 Jan 2024 18:00:58 GMT

GET
DATA 200
OK truncated Show response
/ Frame 3675 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b96aba049c7bf3c05364405b705811df4578a1c05d8fb30e410886b165b14d92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 3675 202 KB
70 KB 62ms
61ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Sun, 14 Jan 2024 18:00:58 GMT

GET
H2 200 mstream2.js Show response
static.moviead55.ru/mp_dist/ Frame 3675 168 KB
58 KB 79ms
35ms Script
application/javascript 2606:4700:3030::6815:2921
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:2921 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e15daeab4a730d740ffc972b487b46eff6b7d37e0a9707335f4ff1a2242aed5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3712
x-movieads-country: RU
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 Jan 2024 13:58:39 GMT
server: cloudflare
etag: W/"65a1458f-2a1fb"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4KUVWlsnV%2FgyKifM6mH2cYVIc9GCHwTkPQCIgHE3wd3RlrxBNB3zRJSebutLDf9iV7YFyl%2FxkkC3XW%2BO%2FmsW%2BtYuNqgHAofFo2isOnnyoMwHVHVnjlgdbbonyGwZ%2Fbrb%2BSS0bi5ICg9%2BJSuT8X0TPqO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
access-control-allow-credentials: true
cf-ray: 84577030b953b902-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2

200

/ Show response
www.acint.net/mc/ Frame B0C7
Redirect Chain

https://www.acint.net/mc/?dp=167
https://www.acint.net/mc/?dp=167&tc=1

5 KB
5 KB

79ms
78ms

Document
text/html

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=167&tc=1
Requested by: Host: videotoday.site
URL: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=3c5480d43feae2e8d24fa1a668a0be76&cb=248e01ea-47ec-4941-b230-571e966e2c05&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=124&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&frnd=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: 1a6d6fb6a65e3343fca17d730fa60ac55931863d8efb2231ee7f1d9138ceeeb3

Request headers

Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 14 Jan 2024 17:00:58 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Sun, 14 Jan 2024 17:00:58 GMT
location: /mc/?dp=167&tc=1
server: openresty

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 3675 70 B
213 B 23ms
18ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=cdiv&c=248e01ea-47ec-4941-b230-571e966e2c05&a=&m=124&v=3c5480d43feae2e8d24fa1a668a0be76&o=%7B%220%22%3A%22https%3A%2F%2Fharry-potter-fan.ru%22%7D
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=gtnt&rnd=1705251658
https://px.adhigh.net/p/cm/skyadvert?u=85de381a-df48-09e8-f61d-a0ef6ff4b370
https://px.adhigh.net/p/cm/skyadvert?u=85de381a-df48-09e8-f61d-a0ef6ff4b370&bounced=1
https://code.moviead55.ru/go/csync?cn=gtnt&bid=e6CMMVeRKiQ.AikABlGNCOtbNA

0
147 B

49ms
48ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=gtnt&bid=e6CMMVeRKiQ.AikABlGNCOtbNA
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=gtnt&bid=e6CMMVeRKiQ.AikABlGNCOtbNA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1705251658
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D&crf=1&rts=-5357012120971246959
https://code.moviead55.ru/go/csync?cn=btwcookie&bid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf

0
156 B

32ms
32ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1705251658
https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D
https://code.moviead55.ru/go/csync?cn=ohmybid&bid=72d2458b-50a1-42ed-9be4-f2edcda89c64

0
154 B

17ms
17ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=72d2458b-50a1-42ed-9be4-f2edcda89c64
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:01:01 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=72d2458b-50a1-42ed-9be4-f2edcda89c64
date: Sun, 14 Jan 2024 17:01:01 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-04 1.1376.f4afd3f
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1705251658
https://www.acint.net/rmatch?dp=167&euid=7a00cd94-4265-db51-81d9-438987fc7d38&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=7a00cd94-4265-db51-81d9-438987fc7d38
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%...
https://acint.net/rmatch?dp=14&euid=4F03420A4A13A4650E02DC5E0280D884&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F4A13A46577368E1302429429

0
153 B

34ms
34ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F4A13A46577368E1302429429
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

date: Sun, 14 Jan 2024 17:00:59 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007F4A13A46577368E1302429429
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

204

match
dm-eu.hybrid.ai/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1705251658
https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

0
286 B

63ms
20ms

Image
text/plain

37.230.131.21
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 530
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

location: https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/awg/custom/7601/i/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=dgm&rnd=1705251658
https://sync.opendsp.ru/match/MovieAds?id=bb2914f7-7051-4251-1870-8417a58721c0
https://sync.opendsp.ru/match/MovieAds?id=bb2914f7-7051-4251-1870-8417a58721c0&chk=1
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=MzBiYzk4OTRhN2I5Y2YwMQ
https://vma.mts.ru/match/second?ssp=67&exu=MzBiYzk4OTRhN2I5Y2YwMQ
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D2%26ssp%3Daidata%26id%3D%24UID&bounce=1
https://vma.mts.ru/em?next=67&em=2&ssp=aidata&id=MjzkewxAMSyRj72E8oscuw
https://sync.opendsp.ru/match/mts_dsp?id=8b97018d-393d-439b-9f60-7f54d505098c
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ
https://dmg.digitaltarget.ru/awg/custom/7601/i/i?call_source=awg&ts=1705251659608&a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ

49 B
555 B

165ms
57ms

Image
image/gif

185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/awg/custom/7601/i/i?call_source=awg&ts=1705251659608&a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

HTTP/1.1

Server

185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://dmg.digitaltarget.ru/awg/custom/7601/i/i?call_source=awg&ts=1705251659608&a=2121&i=1l87e54rpinz1&e=MzBiYzk4OTRhN2I5Y2YwMQ
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=solta&rnd=1705251658
https://kimberlite.io/rtb/sync/skyadvert?u=c7ae3e43-82c8-9723-9c99-49d0c335229b
https://code.moviead55.ru/go/csync?cn=solta&bid=ZaQTSnwPV8w

0
136 B

21ms
21ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=solta&bid=ZaQTSnwPV8w
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

Date: Sun, 14 Jan 2024 17:00:58 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=solta&bid=ZaQTSnwPV8w
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=9;dur=0.0003
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1705251658
https://sync.gonet-ads.com/match/SkyAdvert?id=5f42d5e6-0f9a-8dec-5dad-7a2a3f2543d9
https://sync.gonet-ads.com/match/SkyAdvert?id=5f42d5e6-0f9a-8dec-5dad-7a2a3f2543d9&chk=1
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NzIyMmE4NWMwYTdmNWIxMw

68 B
598 B

30ms
30ms

Image
image/png

188.42.34.64
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NzIyMmE4NWMwYTdmNWIxMw
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NzIyMmE4NWMwYTdmNWIxMw
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

204

skyadvert
sync.dmp.otm-r.com/match/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otmbid&rnd=1705251658
https://sync.dmp.otm-r.com/match/skyadvert

0
68 B

666ms
529ms

Image
text/plain

194.55.244.178
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/skyadvert
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 194.55.244.178 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Jan 2024 17:00:59 GMT
server: nginx/1.23.2

Redirect headers

location: https://sync.dmp.otm-r.com/match/skyadvert
date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

400

/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=snmd&rnd=1705251658
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D

0
0

127ms
34ms

Image
text/html

168.119.72.236
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.236.72.119.168.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

location: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D
date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

204

sync
a.videohead.tech/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=vhd&rnd=1705251658
https://a.videohead.tech/sync?ssp=sky_new

0
702 B

87ms
37ms

Image
text/plain

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.videohead.tech/sync?ssp=sky_new
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiNyjegt2OPU%2BPhiZTeZ6EYvgI5icVLqFt7x2GxEx%2FCjPLS%2FEQ2x3uv%2FAV1PpXAfy0RQy6VomVnDDRz133gZRSI8%2FcZ6Doo3ISUvJlJu0GuTqFpbVQi6i2j%2FUFo0ICgDmx9hMpDAhUx9gWvVC2Lk"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 845770314dd3668e-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

Redirect headers

location: http://a.videohead.tech/sync?ssp=sky_new
date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1705251658
https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
https://code.moviead55.ru/go/csync?cn=bzcookie&bid=f911e732-a41d-4c7d-7200-e2851f869d3e

0
155 B

23ms
23ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=f911e732-a41d-4c7d-7200-e2851f869d3e
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=f911e732-a41d-4c7d-7200-e2851f869d3e
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
content-length: 126
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

csync
code.moviead55.ru/go/ Frame 3675
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1705251658
https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUARI75Zk9jlp2Z

0
142 B

22ms
22ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUARI75Zk9jlp2Z
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx/1.24.0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUARI75Zk9jlp2Z
cache-control: no-cache, max-age=0, must-revalidate, no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 124
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 3675 70 B
213 B 20ms
17ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=player_frame_loaded_new&c=248e01ea-47ec-4941-b230-571e966e2c05&a=&m=0&v=3c5480d43feae2e8d24fa1a668a0be76&o=%7B%220%22%3A%22https%3A%2F%2Fharry-potter-fan.ru%22%7D
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6EAA 45 KB
28 KB 81ms
80ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa&co=aHR0cHM6Ly9oYXJyeS1wb3R0ZXItZmFuLnJ1OjQ0Mw..&hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&cb=h6vyz1q5ko4r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

82b5fb33c0961bdacef02b1a7310832b757149027469eed202474459a1f257d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-bB52LqEWh0TQB2Ykip3F-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-bB52LqEWh0TQB2Ykip3F-g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:00:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ Frame D42D 13 KB
13 KB 235ms
62ms Script
application/x-javascript 23.111.217.132
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: code.moviead55.ru
URL: https://code.moviead55.ru/go/bmap?v=3c5480d43feae2e8d24fa1a668a0be76&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.217.132 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 269de31f460024d676a203b8b6f232ca209a16d4fffc3cd052883cf30bb05615

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Thu, 21 Dec 2023 13:04:03 GMT
server: nginx
etag: "658437c3-3459"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13401
expires: Sun, 14 Jan 2024 18:00:58 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/53399341/ Frame 3675
Redirect Chain

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhf...
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6u...

439 B
531 B

62ms
62ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A965362601646%3Ahid%3A1015169519%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A646369271%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A948x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C0%2C0%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705251658101%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251658%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

fc3220dddba2d509f7cf17fe1fad9d695524ff97cadc1d14da9f9c6d1b30715f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 14-Jan-2024 17:00:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Sun, 14-Jan-2024 17:00:58 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-Jan-2024 17:00:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53399341/1?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A965362601646%3Ahid%3A1015169519%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A646369271%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A948x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C0%2C0%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705251658101%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251658%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 14-Jan-2024 17:00:58 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6EAA 55 KB
24 KB 70ms
23ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa&co=aHR0cHM6Ly9oYXJyeS1wb3R0ZXItZmFuLnJ1OjQ0Mw..&hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&cb=h6vyz1q5ko4r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 11:14:32 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame 6EAA 538 KB
206 KB 82ms
35ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd89e670cae9029861321158f28c879ca49336dd2d587c25fe2c9bc9d3e56145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210508
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H2 200 ch.js Show response
therapy.newplayjj.com/js/ Frame 54D2 208 KB
51 KB 55ms
55ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/ch.js?v=1.31

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/player.min.js?v=1.467

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

68625452ebd67986faa4feadbeb94a5011996d4cc7bfd33c626da6fd13d88803

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20&uid_q=65a4134a2d3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-33fdd"
content-type: application/javascript

GET
H2 200 26812653 Show response
mc.yandex.com/watch/ 427 B
459 B 63ms
63ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22c%2Fn%2Fo%2Fj%2Fk%2Fl%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A1096115079248%3Ahid%3A660341379%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A110224607%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C39%2C142%2C1%2C0%2C0%2C%2C176%2C31%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1705251657588%3Afp%3A401%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251659%3At%3A%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)lt(11400)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7ee89d46d109d2ee1a56f5c358e003be3b9b489634d052032f12a075e40e17ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 14-Jan-2024 17:00:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 14-Jan-2024 17:00:58 GMT

GET
H2 200 92653030 Show response
mc.yandex.com/watch/ 427 B
463 B 63ms
62ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/92653030?wmode=7&page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1614163278323%3Ahid%3A660341379%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251658%3Ac%3A1%3Arn%3A466538274%3Arqn%3A1%3Au%3A1705251658846775638%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C39%2C142%2C1%2C0%2C0%2C%2C176%2C31%2C%2C%2C%2C481%3Aco%3A0%3Acpf%3A1%3Ans%3A1705251657588%3Afp%3A401%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251659%3At%3A%D0%A4%D0%B0%D0%BD%D1%82%D0%B0%D1%81%D1%82%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%B8%D0%B5%20%D1%82%D0%B2%D0%B0%D1%80%D0%B8%20%D0%B8%20%D0%B3%D0%B4%D0%B5%20%D0%BE%D0%BD%D0%B8%20%D0%BE%D0%B1%D0%B8%D1%82%D0%B0%D1%8E%D1%82%20%D1%81%D0%BC%D0%BE%D1%82%D1%80%D0%B5%D1%82%D1%8C%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D0%BE&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bff3758060caf5aee4f2d925d429fda5a0e4121011d6165a5799a14e708e7594

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sun, 14-Jan-2024 17:00:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Sun, 14-Jan-2024 17:00:58 GMT

GET
DATA 200
OK truncated
/ Frame 6EAA 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6EAA 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6EAA 2 KB
2 KB 23ms
23ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 19:56:54 GMT
x-content-type-options: nosniff
age: 507844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 15 Jan 2024 19:56:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6EAA 10 KB
10 KB 86ms
31ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 15:06:35 GMT
x-content-type-options: nosniff
age: 179663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 15:06:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6EAA 15 KB
16 KB 80ms
25ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 05:31:50 GMT
x-content-type-options: nosniff
age: 559748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Jan 2025 05:31:50 GMT

GET
H3 200 SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js Show response
www.google.com/js/bg/ Frame 6EAA 17 KB
7 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/SHUkEiphQuZqXyLzDNA1LcOjIY5P93oSbI0OKMKltYY.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa&co=aHR0cHM6Ly9oYXJyeS1wb3R0ZXItZmFuLnJ1OjQ0Mw..&hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&cb=h6vyz1q5ko4r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 13:38:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6849
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 13:38:40 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6EAA 102 B
135 B 34ms
34ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec0b41f334ec5b6d295f4c226c4dcf4f5efff437fe7d5ed93995b94c421dbb74

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa&co=aHR0cHM6Ly9oYXJyeS1wb3R0ZXItZmFuLnJ1OjQ0Mw..&hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&theme=light&size=normal&cb=h6vyz1q5ko4r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:00:58 GMT

GET
H2

200

match
acint.net/ Frame B0C7
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=4E03420A4A13A4651B023D5202609BEE

43 B
269 B

188ms
188ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=4E03420A4A13A4651B023D5202609BEE
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sun, 14 Jan 2024 17:00:58 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=4E03420A4A13A4651B023D5202609BEE
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame B0C7
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007F4A13A4656636E715023D8B75
https://acint.net/match?dp=17&euid=e6CMMVeRKiQ.AikABlGNCOtbNA

43 B
269 B

327ms
262ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=e6CMMVeRKiQ.AikABlGNCOtbNA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
x-backend-id: f12-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=e6CMMVeRKiQ.AikABlGNCOtbNA
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame B0C7
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-4355368104
https://www.acint.net/rmatch?dp=45&euid=Ah4Ab_j2sgtkCXhNOsLIcrw&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4A13A46577368E1302429429

42 B
201 B

69ms
69ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4A13A46577368E1302429429
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Sun, 14 Jan 2024 17:00:59 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007F4A13A46577368E1302429429
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame B0C7 0
746 B 82ms
42ms Image
text/plain 2606:4700:20::ac43:4ab4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0100007F4A13A4656636E715023D8B75
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4ab4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebcUG4pwforKjGzNzKnDahZPebJlNy4VpTyzLcmg4EtF51QnUyg6f%2BwtELhsTqNBo6NE2DXKP%2F7XWBOy2n2XttSNMeQkCWnDDxRPP2U9cqBYGn4gfwBCIaf0gm%2BGQph06djFCIbwGpLFUA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 84577032bce6b728-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 204 match
dm-eu.hybrid.ai/ Frame B0C7 0
281 B 28ms
26ms Image
text/plain 37.230.131.21
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007F4A13A4656636E715023D8B75

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.21 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 536
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame B0C7 3 KB
3 KB 222ms
72ms Script
application/javascript 185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:58 GMT
Last-Modified: Sun, 14 Jan 2024 16:34:29 GMT
Server: nginx
ETag: "65a40d15-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame B0C7 0
69 B 60ms
58ms Image
text/plain 194.55.244.178
PROCLOUD PROCLOUD...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007F4A13A4656636E715023D8B75
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.55.244.178 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software: nginx/1.23.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx/1.23.2

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=1c3709ac-6932-4e90-b380-b8b84030dffe

43 B
269 B

255ms
255ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=1c3709ac-6932-4e90-b380-b8b84030dffe
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=1c3709ac-6932-4e90-b380-b8b84030dffe
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
acint.net/ Frame B0C7
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007F4A13A4656636E715023D8B75
https://acint.net/match?dp=80&euid=GPpOQtG6bN10OTHxOtYA

43 B
269 B

144ms
144ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=80&euid=GPpOQtG6bN10OTHxOtYA
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=80&euid=GPpOQtG6bN10OTHxOtYA
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame B0C7 42 B
201 B 285ms
69ms Image
image/gif 81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007F4A13A4656636E715023D8B75
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:58 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=VOMKXTHU

43 B
269 B

100ms
100ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=VOMKXTHU
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=VOMKXTHU
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx/1.22.0
content-length: 74
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://sync.adspend.space/sape?uid=0100007F4A13A4656636E715023D8B75
https://sync.adspend.space/check?r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D98%26euid%3Dc7b781e0-ce88-4ca1-9d3f-5f3b3817984b
https://www.acint.net/match?dp=98&euid=c7b781e0-ce88-4ca1-9d3f-5f3b3817984b

43 B
269 B

155ms
153ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=98&euid=c7b781e0-ce88-4ca1-9d3f-5f3b3817984b
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
server: nginx/1.22.1
access-control-max-age: 1728000
access-control-allow-methods: PUT, GET, POST, OPTIONS
content-type: text/html; charset=utf-8
location: https://www.acint.net/match?dp=98&euid=c7b781e0-ce88-4ca1-9d3f-5f3b3817984b
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, authorization
content-length: 102

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=qg5yHNv9G6ug

43 B
269 B

205ms
205ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=qg5yHNv9G6ug
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=qg5yHNv9G6ug
Date: Sun, 14 Jan 2024 17:00:58 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame B0C7
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007F4A13A4656636E715023D8B75&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=107&euid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf

43 B
269 B

328ms
263ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=844b2d05-7bb8-520e-a275-1cf5c7d10fbf
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame B0C7
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0100007F4A13A4656636E715023D8B75&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=b92daa900c10428e98ceec0f3f2b8445

43 B
269 B

156ms
156ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=b92daa900c10428e98ceec0f3f2b8445
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=b92daa900c10428e98ceec0f3f2b8445
date: Sun, 14 Jan 2024 17:00:58 GMT
server: Microsoft-IIS/10.0

GET
H2

404

i5cBjTk9Q5ufYH9U1QUJjA
an.yandex.ru/setud/mts_banner/ Frame B0C7
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007F4A13A4656636E715023D8B75
https://vma.mts.ru/match/second?ssp=30&exu=0100007F4A13A4656636E715023D8B75
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fi5cBjTk9Q5ufYH9U1QUJjA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2767030119

43 B
104 B

76ms
76ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2767030119

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 14 Jan 2024 17:00:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:00:59 GMT

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2767030119
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=4142fb4b-256e-46be-6459-fe5475166156

43 B
269 B

94ms
94ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=4142fb4b-256e-46be-6459-fe5475166156
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=4142fb4b-256e-46be-6459-fe5475166156
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007F4A13A4656636E715023D8B75
https://www.acint.net/match?dp=127&euid=C07hyvtauNacWUWp0Ugu

43 B
269 B

151ms
151ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=C07hyvtauNacWUWp0Ugu
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=C07hyvtauNacWUWp0Ugu
date: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=beshe8gpnf

43 B
269 B

60ms
59ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=beshe8gpnf
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:59 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=beshe8gpnf
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: c4009249-993c-4b3d-8937-0ca16e2bf622
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame B0C7 0
215 B 191ms
63ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007F4A13A4656636E715023D8B75
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Jan 2024 17:00:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame B0C7
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4A13A4656636E715023D8B75
https://x01.aidata.io/0.gif?pid=9401454&id=0100007F4A13A4656636E715023D8B75&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
432 B

61ms
61ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Sun, 14 Jan 2024 17:00:58 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Sun, 14 Jan 2024 17:00:58 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Sun, 14 Jan 2024 17:00:59 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sape.js
sync.gonet-ads.com/match/ Frame B0C7 241 B
241 B 22ms
21ms Image
application/javascript 188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007F4A13A4656636E715023D8B75

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame B0C7
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007F4A13A4656636E715023D8B75
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjLppCtBmIgMDEwMDAwN0Y0QTEzQTQ2NTY2MzZFNzE1MDIzRDhCNzWiARB9dY5Gsv4R7ruxACWQyCQ2

0
523 B

24ms
24ms

Image
text/html

31.172.81.159
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjLppCtBmIgMDEwMDAwN0Y0QTEzQTQ2NTY2MzZFNzE1MDIzRDhCNzWiARB9dY5Gsv4R7ruxACWQyCQ2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.159 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Sun, 14 Jan 2024 17:00:59 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx
ETag: 7d758e46-b2fe-11ee-bbb1-002590c82436
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjLppCtBmIgMDEwMDAwN0Y0QTEzQTQ2NTY2MzZFNzE1MDIzRDhCNzWiARB9dY5Gsv4R7ruxACWQyCQ2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame B0C7
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007F4A13A4656636E715023D8B75
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=7d758e46-b2fe-11ee-bbb1-002590c82436
https://7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

24ms
24ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

HTTP/1.1

Server

31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Sun, 14 Jan 2024 17:00:59 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 0100007F4A13A4656636E715023D8B75
an.yandex.ru/mapuid/sapeis/ Frame B0C7 43 B
387 B 183ms
64ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007F4A13A4656636E715023D8B75

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 14 Jan 2024 17:00:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:00:59 GMT

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=0100007F4A13A4656636E715023D8B75
https://nr.bidderstack.com/sape/cm?user_id=0100007F4A13A4656636E715023D8B75&pupa=1
https://www.acint.net/match?dp=251&euid=39837bf5-1d59-2924-3bc4-609c8db35de3

43 B
269 B

62ms
62ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=251&euid=39837bf5-1d59-2924-3bc4-609c8db35de3
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=251&euid=39837bf5-1d59-2924-3bc4-609c8db35de3
Access-Control-Allow-Origin: *
Date: Sun, 14 Jan 2024 17:00:59 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007F4A13A4656636E715023D8B75
https://www.acint.net/match?dp=186&euid=52c0d759-892b-4ef1-97fa-a8bfc863d17e

43 B
269 B

63ms
63ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=52c0d759-892b-4ef1-97fa-a8bfc863d17e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=52c0d759-892b-4ef1-97fa-a8bfc863d17e
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=2885f33a-a168-4975-9267-ff9c68435f29

43 B
269 B

63ms
62ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=2885f33a-a168-4975-9267-ff9c68435f29
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:01:01 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=217&euid=2885f33a-a168-4975-9267-ff9c68435f29
date: Sun, 14 Jan 2024 17:01:01 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-10 1.1376.f4afd3f
content-length: 0

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame B0C7 22 B
22 B 63ms
21ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 22

GET
H2

200

/
dmp.sbermarketing.ru/ Frame B0C7
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjYwYzdkZjVhYWQ0NzBhZA

35 B
665 B

264ms
70ms

Image
image/gif

37.18.110.198
CLOUDRU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjYwYzdkZjVhYWQ0NzBhZA

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

37.18.110.198 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:56 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjYwYzdkZjVhYWQ0NzBhZA
date: Sun, 14 Jan 2024 17:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

200

yabbi.gif
prodmp.ru/ Frame B0C7
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007F4A13A4656636E715023D8B75
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007F4A13A4656636E715023D8B75
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a4134b7011cb0001b318ea%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a4134b7011cb0001b318ea%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a4134b7011cb0001b318ea%26r%3D&webouid=8s32iYpLECLcnMwJI1ivze
https://prodmp.ru/yabbi.gif?uid=65a4134b7011cb0001b318ea&r=

0
229 B

176ms
56ms

Image
text/html

193.106.92.202
ITSOFT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prodmp.ru/yabbi.gif?uid=65a4134b7011cb0001b318ea&r=
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.106.92.202 , Russian Federation, ASN48614 (ITSOFT-AS, RU),
Reverse DNS: mail.proboard.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-type: text/html;charset=utf-8
date: Sun, 14 Jan 2024 17:01:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://prodmp.ru/yabbi.gif?uid=65a4134b7011cb0001b318ea&r=
date: Sun, 14 Jan 2024 17:00:59 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
content-type: text/html; charset=utf-8
server: nginx/1.22.0
content-length: 86
p3p: CP="adx.com.ru does not have a P3P policy"

GET
H2

404

i5cBjTk9Q5ufYH9U1QUJjA
an.yandex.ru/setud/mts_banner/ Frame B0C7
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0100007F4A13A4656636E715023D8B75
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=qg5yHNv9G6ug
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaQTSnwPV8w
https://vma.mts.ru/match/second?ssp=59&exu=ZaQTSnwPV8w
https://tech.rtb.mts.ru/?dsp_uid=8b97018d-393d-439b-9f60-7f54d505098c&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2Fi5cBjTk9Q5ufYH9U1QUJjA%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1750518075

43 B
80 B

69ms
69ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1750518075

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 14 Jan 2024 17:00:59 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 17:00:59 GMT

Redirect headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1750518075
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=0100007F4A13A4656636E715023D8B75
https://sync.dsp.solta.io/match/sape?id=0100007F4A13A4656636E715023D8B75&chk=1
https://www.acint.net/match?dp=260&euid=NzA0ODQzNGE1MGY0ZTI0Ng

43 B
269 B

76ms
76ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=NzA0ODQzNGE1MGY0ZTI0Ng
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=NzA0ODQzNGE1MGY0ZTI0Ng
date: Sun, 14 Jan 2024 17:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame B0C7 43 B
766 B 199ms
62ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007F4A13A4656636E715023D8B75
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Last-Modified: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Sun, 14 Jan 2024 23:00:59 GMT

GET
H2 200 set
sync.rambler.ru/ Frame B0C7 0
172 B 265ms
149ms Image
text/plain 91.192.148.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0100007F4A13A4656636E715023D8B75

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
strict-transport-security: max-age=0
x-passed: 2bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

match
www.acint.net/ Frame B0C7
Redirect Chain

https://ssp.afp.ai/api/sync/sape
https://www.acint.net/match?dp=261&euid=324de6b5-ecee-4030-bf88-6f4952ef0d21

43 B
269 B

61ms
60ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=261&euid=324de6b5-ecee-4030-bf88-6f4952ef0d21
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx/1.20.1
Vary: Origin
Access-Control-Allow-Origin
Location: https://www.acint.net/match?dp=261&euid=324de6b5-ecee-4030-bf88-6f4952ef0d21
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

HEAD
H2 404 oh48e
imasdk.googleapis.com/ Frame 54D2 0
0 85ms
32ms Fetch
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imasdk.googleapis.com/oh48e
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

POST
H2 200 / Show response
therapy.newplayjj.com/ Frame 54D2 30 B
251 B 120ms
120ms XHR
text/html 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/?chupachups=1Yur2LJovPJxmfvgpXnTNw

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx / PHP/8.0.28

Resource Hash

ee2c40f72383396343e664c402c9ae882bd1319415ab72bc5461a582bbb5f401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20&uid_q=65a4134a2d3bd
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
cache-control: max-age=60
content-encoding: gzip
strict-transport-security: max-age=31536000;, max-age=31536000;
server: nginx
x-powered-by: PHP/8.0.28
content-type: text/html; charset=UTF-8

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 54D2 4 KB
2 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 17:00:58 GMT

GET
DATA 200
OK truncated
/ Frame 54D2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iife.min.js Show response
therapy.newplayjj.com/js/ Frame 54D2 38 KB
14 KB 56ms
56ms Script
application/javascript 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/js/iife.min.js?v=1

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/player.min.js?v=1.467

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx /

Resource Hash

5f8559f0a5f46220bb385ea7ab9468090aa99b4134f887655ea75d91a9fc2f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20&uid_q=65a4134a2d3bd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000;, max-age=31536000;
content-encoding: gzip
last-modified: Fri, 01 Dec 2023 21:40:14 GMT
server: nginx
etag: W/"656a52be-974f"
content-type: application/javascript

POST
H2 200 1
mc.yandex.com/watch/26812653/ 43 B
74 B 62ms
62ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&charset=utf-8&uah=chm%0A%3F0&hittoken=1705251658_c621df7a7f9fd65d4bb6171e42f4d3cc3c3532472e0884c4aaa3d174bc972a78&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A1096115079248%3Ahid%3A660341379%3Az%3A60%3Ai%3A20240114180058%3Aet%3A1705251659%3Ac%3A1%3Arn%3A802216469%3Arqn%3A2%3Au%3A1705251658846775638%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705251657588%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705251659&t=gdpr(14)mc(p-1)clc(0-0-0)rqnt(2)lt(11400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22services%22%3A%22vkontakte%2Codnoklassniki%2Ctelegram%2Ctwitter%2Cviber%2Cwhatsapp%2Cmoimir%2Cskype%22%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 17:00:58 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 14-Jan-2024 17:00:58 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://harry-potter-fan.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sun, 14-Jan-2024 17:00:58 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 54D2 35 KB
12 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12197
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 23:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="chrome-dongle"
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
expires: Sun, 14 Jan 2024 17:00:58 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 54D2 50 KB
14 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 13:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 15 Jan 2024 13:20:07 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame C43F 7 KB
1 KB 40ms
40ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

192bef0edf52cecc89f3b098353b7a247a59a462f5da910b41028e7964e2402f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tSXLtgyBz5AILPCRHqt_dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-tSXLtgyBz5AILPCRHqt_dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 17:00:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK json.cgi Show response
ev.adriver.ru/cgi-bin/ Frame D42D 490 B
1 KB 229ms
134ms Fetch
application/json 195.209.108.61
ADRIVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ev.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&cid=0&custom=301=0;302=0;304=0;308=1705251658846775638;309=0
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/AdRiverFPS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.61 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: /
Resource Hash: 8e0a7e6dddf51ef4d320e8e534e30090f3b96a99213a1835874e045982961433

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Jan 2024 17:00:59 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://harry-potter-fan.ru
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame C43F 55 KB
24 KB 23ms
23ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20786
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jan 2025 11:14:32 GMT

GET
H3 200 recaptcha__ru.js Show response
www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/ Frame C43F 538 KB
206 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Ya-Cd6PbRI5ktAHEhm9JuKEu/recaptcha__ru.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=ru&v=Ya-Cd6PbRI5ktAHEhm9JuKEu&k=6Lcg1OgaAAAAAPRD3fLxNyfeU_KObYj676SSdAPa

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd89e670cae9029861321158f28c879ca49336dd2d587c25fe2c9bc9d3e56145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 14:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210508
x-xss-protection: 0
last-modified: Mon, 08 Jan 2024 05:00:33 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Jan 2025 14:30:21 GMT

GET
H/1.1 200
OK master.m3u8 Show response
9bc-a3e-2200g0.v.plground.live/ha/55/1705273258/XRMxfDcJdvV6xThc0XkXvA/907/840907/6/ Frame 54D2 959 B
1 KB 1080ms
326ms XHR
application/vnd.apple.mpegurl 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/ha/55/1705273258/XRMxfDcJdvV6xThc0XkXvA/907/840907/6/master.m3u8
Requested by: Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/ch.js?v=1.31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: f90077553de357610c6de2316f9d498c3bc0be4d64407f10cd4b092ad96433d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Server: nginx/1.24.0
ETag: "-1-3bf"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 959

POST
H2 200 / Show response
therapy.newplayjj.com/ Frame 54D2 30 B
251 B 121ms
121ms XHR
text/html 45.95.201.19
IPV6-TUNNELBROKER...

General

Check archive.org

Show headers Download Go to

Full URL

https://therapy.newplayjj.com/?chupachups=1Yur2LJovPJxmfvgpXnTNw

Requested by

Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

45.95.201.19 Dubai, United Arab Emirates, ASN205125 (IPV6-TUNNELBROKER-ASN, SC),

Reverse DNS

Software

nginx / PHP/8.0.28

Resource Hash

ee2c40f72383396343e664c402c9ae882bd1319415ab72bc5461a582bbb5f401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;, max-age=31536000;

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/?token_movie=49d9097fb5d2699db8da758f7d9686&token=dd04704e1a13e780de505738b5ed20&uid_q=65a4134a2d3bd
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
cache-control: max-age=60
content-encoding: gzip
strict-transport-security: max-age=31536000;, max-age=31536000;
server: nginx
x-powered-by: PHP/8.0.28
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame B0C7 16 KB
16 KB 144ms
144ms Script
application/javascript 185.15.175.174
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=632672300461657
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.174 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Last-Modified: Sun, 14 Jan 2024 16:34:30 GMT
Server: nginx
ETag: "65a40d16-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 3675 70 B
213 B 16ms
16ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?v=3c5480d43feae2e8d24fa1a668a0be76&c=248e01ea-47ec-4941-b230-571e966e2c05&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.596%2C%22version%22%3A%221705067907442%22%2C%22vt%22%3A100%2C%22dh%22%3Afalse%2C%22l%22%3A%22https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut%22%2C%22scr%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22c%22%3A24%2C%22iw%22%3A948%2C%22ih%22%3A330%7D%7D&o=%7B%220%22%3A%22https%3A%2F%2Fharry-potter-fan.ru%22%7D
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:58 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H/1.1 502
Bad Gateway index.php Show response
9bc-a3e-2200g0.v.plground.live/subs/55/1705273258/XRMxfDcJdvV6xThc0XkXvA/907/840907/ Frame 54D2 559 B
762 B 1239ms
292ms XHR
text/html 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/subs/55/1705273258/XRMxfDcJdvV6xThc0XkXvA/907/840907/index.php
Requested by: Host: harry-potter-fan.ru
URL: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://therapy.newplayjj.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 14 Jan 2024 17:01:00 GMT
Server: nginx/1.24.0
Connection: keep-alive
Content-Length: 559
Content-Type: text/html; charset=utf8

GET
H2 200 jmap Show response
code.moviead55.ru/go/ Frame 3675 13 KB
2 KB 27ms
27ms Fetch
application/json 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/go/jmap?v=3c5480d43feae2e8d24fa1a668a0be76&sid=ap&cp.referer=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&it=1&tq=2&cp.cb=c0447b41-d818-b3a6-94ad-33d87e294a8b&session=248e01ea-47ec-4941-b230-571e966e2c05&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&rnd=1705251659197&raw=yes&tanc=https%3A%2F%2Fharry-potter-fan.ru&ancs=[%22https://harry-potter-fan.ru%22]
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: f960fced43f3caca5bd99a53c039e8358274a0c399588ee34888f411fdb61e05

Request headers

Accept: application/json
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
x-movieads-path: /fantasticheskie-tvari-i-gde-oni-obitajut
x-movieads-udata: cache,parsed,3574
x-movieads-country: NL
x-go-country: NL
server-timing: uData;dur=0.0000, range_links;dur=0.0000, validations_606;dur=0.0000, corsParams;dur=0.0000, initBuilder;dur=0.0000, getAnyQueue;dur=0.0000, validations_703;dur=0.0000, queueSort;dur=0.0000, getJson;dur=0.0000, attachTracking;dur=0.0000, keyValidation;dur=0.0000, wmData;dur=0.0000, optProc;dur=0.0000, buildTagsQueue;dur=0.0000, getLinks;dur=0.0000, queuesMerge;dur=0.0000, jmapParams;dur=0.0000, qManager;dur=0.0000
x-movieads-plc: 1
x-movieads-cors-qex: Referer
x-movieads-qmc: NL
x-movieads-ctvs: 2
server: nginx
vary: Accept-Encoding
x-movieads-ark: true
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://harry-potter-fan.ru
x-movieads-alc: 1
access-control-allow-credentials: true

GET
H2 200 vast2 Show response
code.moviead55.ru/ Frame 3675 25 B
675 B 147ms
146ms XHR
text/xml 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/vast2?key=3c5480d43feae2e8d24fa1a668a0be76&sid=autoplay&cp.adsource=ED_out&cp.adtype=pre&vt=100&fp=[fp]&w=948&h=330&vid=&fpro=&tanc=https%3A%2F%2Fharry-potter-fan.ru&suri=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&rdd1=true&cp.referer=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&cp.cb=c0447b41-d818-b3a6-94ad-33d87e294a8b
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
x-movieads-path: /fantasticheskie-tvari-i-gde-oni-obitajut
server: nginx
x-movieads-udata: cache,parsed,332873
x-movieads-mrc: no
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://harry-potter-fan.ru
x-cache-source: Yac
x-movieads-referrer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
access-control-allow-credentials: true
x-movieads-country: NL
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"harry-potter-fan.ru","Path":"/fantasticheskie-tvari-i-gde-oni-obitajut","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-cors-qex: Referer

GET
H2 200 vast2 Show response
code.moviead55.ru/ Frame 3675 25 B
674 B 132ms
132ms XHR
text/xml 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/vast2?key=3c5480d43feae2e8d24fa1a668a0be76&sid=autoplay&cp.adsource=Dhs_out_gam&cp.adtype=pre&vt=100&fp=[fp]&w=948&h=330&vid=&fpro=&tanc=https%3A%2F%2Fharry-potter-fan.ru&suri=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&rdd1=true&cp.referer=https%253A%252F%252Fharry-potter-fan.ru%252Ffantasticheskie-tvari-i-gde-oni-obitajut&cp.cb=c0447b41-d818-b3a6-94ad-33d87e294a8b
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
x-movieads-path: /fantasticheskie-tvari-i-gde-oni-obitajut
server: nginx
x-movieads-udata: cache,parsed,29264
x-movieads-mrc: no
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://harry-potter-fan.ru
x-cache-source: Yac
x-movieads-referrer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
access-control-allow-credentials: true
x-movieads-country: NL
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"harry-potter-fan.ru","Path":"/fantasticheskie-tvari-i-gde-oni-obitajut","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-cors-qex: Referer

GET
H2 200 trhls.html Show response
videotoday.site/mp_dist/td/ Frame 994B 9 KB
4 KB 29ms
29ms Document
text/html 2606:4700:3035::ac43:dada
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dada , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c7a7de5284db19e9613efd7a96e0fb08e473b2253bc3cca50c41002bcbe395

Request headers

Referer: https://harry-potter-fan.ru/fantasticheskie-tvari-i-gde-oni-obitajut
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 845770372a856724-AMS
content-encoding: br
content-type: text/html
date: Sun, 14 Jan 2024 17:00:59 GMT
last-modified: Fri, 12 Jan 2024 13:58:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nvGgR4v192S52sE5Oshtyjtwo11FS0Q%2FBuWm73s0XxLmdK8rVjyeuhj0nv4pZZ8KiOPELli3pNEjrNCSK460sJe8ErsJnC1RCgIueYcdPkTLDocYs2KcpDs3eZ3rQNvufpXaBr1AM1ScScskncs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-movieads-country: NL

GET
DATA 200
OK truncated
/ Frame 994B 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 994B 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 994B 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 994B 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 994B 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 994B 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK 4Em7.txt Show response
9bc-a3e-2200g0.v.plground.live/ Frame 54D2 14 B
273 B 1012ms
438ms XHR
text/plain 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/4Em7.txt
Requested by: Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 691d36d8c1c1473bab129532484199f83e48bae8d839862929921da6df23b667

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 hls.js Show response
user91471.clients-cdnnow.ru/vp_dist/ Frame 994B 329 KB
95 KB 75ms
23ms Script
application/javascript 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Requested by: Host: videotoday.site
URL: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 930118cf0cbea4fd3f9d87ea40c49272e91cee257433df70c8f9426a218fa750

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 08:10:38 GMT
server: nginx
etag: W/"63eb41fe-52302"
x-edge-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
x-movieads-country: GB
x-edge-ip: 172.19.25.31

GET
H2

200

counter
top-fwz1.mail.ru/ Frame B0C7
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=651473157314001.91753991098271&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c=...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705251659668&i=651473157314001.91753991098271&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ff...
https://top-fwz1.mail.ru/counter?id=3210372;pid=Rj.mah-kkYiP2ynFfQOm

43 B
874 B

186ms
59ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=Rj.mah-kkYiP2ynFfQOm

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=Rj.mah-kkYiP2ynFfQOm
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

counter
top-fwz1.mail.ru/ Frame B0C7
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=651473157314001.408891920392900&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2Ffantasticheskie-tvari-i-gde-oni-obitajut&c...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705251659727&i=651473157314001.408891920392900&a=77&e=0100007F4A13A4656636E715023D8B75&pref=https%3A%2F%2Fharry-potter-fan.ru%2F...
https://top-fwz1.mail.ru/counter?id=3210372;pid=XPPYdISkbYr4S37FU8RA

43 B
877 B

180ms
56ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3210372;pid=XPPYdISkbYr4S37FU8RA

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 17:00:59 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://top-fwz1.mail.ru/counter?id=3210372;pid=XPPYdISkbYr4S37FU8RA
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK index.m3u8 Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 4 KB
890 B 132ms
41ms XHR
application/vnd.apple.mpegurl 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/index.m3u8
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: b29e9c84fa439611d4c43e5ec7ece7a388cc138b267b54e3127f489fd574bd18

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: W/"3a1794b0-ff7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Access-Control-Allow-Headers: *
Expires: Tue, 23 Apr 2024 17:00:59 GMT

GET
DATA 200
OK truncated
/ Frame 994B 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 247 KB
248 KB 47ms
47ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/seg-1-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 015aaa253600c0e04367b423aee6ec852a0c517df912a74e9c4c91fbdbbf77e6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:00:59 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-3dc78"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 253048
Expires: Tue, 23 Apr 2024 17:00:59 GMT

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 103 KB
104 KB 54ms
53ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/seg-2-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: dd8a89b5062b6fd0588f3013b71a7d651fdca4636c26b6dc28a2dfe6da0a6409

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-19cb8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 105656
Expires: Tue, 23 Apr 2024 17:01:00 GMT

GET
H/1.1 200
OK seg-3-v1-a1.ts Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 130 KB
130 KB 41ms
40ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/seg-3-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 4c4aab096e4d144d4e58c630e859b142066ac84ec90759b15d4e7859d1ad0a12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-20678"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 132728
Expires: Tue, 23 Apr 2024 17:01:00 GMT

GET
H/1.1 200
OK seg-4-v1-a1.ts Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 265 KB
265 KB 40ms
40ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/seg-4-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 3d017b5c414837fac034b9646aea3a79862682cac1c16ebc49173772de5e35eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-422f8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 271096
Expires: Tue, 23 Apr 2024 17:01:00 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
9bc-a3e-2200g0.v.plground.live/ Frame 54D2 14 B
273 B 66ms
66ms XHR
text/plain 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/4Em7.txt
Requested by: Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 691d36d8c1c1473bab129532484199f83e48bae8d839862929921da6df23b667

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:00 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
9bc-a3e-2200g0.v.plground.live/ Frame 54D2 14 B
273 B 333ms
333ms XHR
text/plain 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/4Em7.txt
Requested by: Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 691d36d8c1c1473bab129532484199f83e48bae8d839862929921da6df23b667

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:01 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK seg-5-v1-a1.ts Show response
static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/ Frame 994B 194 KB
195 KB 41ms
41ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/dyuBBSxDsrA.mp4/seg-5-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: d320eeb8b4fc284a46f3d131ebba5d08c9f7f55224a73a75d3f6b1dcc4239e45

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5919349835
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:02 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-308f8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 198904
Expires: Tue, 23 Apr 2024 17:01:02 GMT

GET
H/1.1 200
OK 4Em7.txt Show response
9bc-a3e-2200g0.v.plground.live/ Frame 54D2 14 B
273 B 494ms
494ms XHR
text/plain 50.7.241.130
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://9bc-a3e-2200g0.v.plground.live:10402/4Em7.txt
Requested by: Host: therapy.newplayjj.com
URL: https://therapy.newplayjj.com/js/jquery.min.js?v=3.6.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 50.7.241.130 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx/1.24.0 /
Resource Hash: 691d36d8c1c1473bab129532484199f83e48bae8d839862929921da6df23b667

Request headers

Accept: */*
Referer: https://therapy.newplayjj.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 17:01:03 GMT
Server: nginx/1.24.0
Content-Type: text/plain; charset=utf8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 14
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Verdicts & Comments Add Verdict or Comment

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

119 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kimberlite.io/rtb/sync	1970-01-20 17:40:51	Name: f Value: https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZaQTSnwPV8w
kimberlite.io/rtb/sync	1970-01-20 17:50:56	Name: as Value: OFrH4WWkE0v5atR4ZaQTSw
kimberlite.io/rtb/sync	1970-01-20 17:40:51	Name: n Value: 2
.otclick-adv.ru/core	1970-01-21 03:16:51	Name: idntfy Value: VUARI75Zk9jlp2Z
harry-potter-fan.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: l41nrlvc8s37i0lgr9jslrmgn1
vak345.com/	1970-01-21 02:26:27	Name: sky_uuid Value: 64f038e3-217d-4042-ada8-e718f43175f9
harry-potter-fan.ru/	1970-01-21 02:26:27	Name: _ma Value: c295813d-5fb7-4faf-a559-1661a07fe93d
.harry-potter-fan.ru/	1970-01-21 02:26:27	Name: cf_clearance Value: qhIeyFsAb2ULhe_gcoPY6vGVGk.unQdFy2ErQ5wbIjg-1705251658-0-2-d1e22883.6f6effb9.f0baec80-0.2.1705251658
.harry-potter-fan.ru/	1970-01-21 02:26:27	Name: _ym_uid Value: 1705251658846775638
.harry-potter-fan.ru/	1970-01-21 02:26:27	Name: _ym_d Value: 1705251658
.yandex.com/	1970-01-21 03:16:51	Name: i Value: 9yaQtrIGUda46jV0Bd2nlHDS3EOpHDNZyJB8PbjVCRieLhsRRSI8/N4nwDe5M5ITJa45bjHM8XbXCYfQjGLj4HvBkwE=
.yandex.com/	1970-01-21 02:26:27	Name: yandexuid Value: 2712294141705251658
.mc.yandex.com/	1970-01-20 17:40:52	Name: sync_cookie_csrf Value: 29802794fake
.harry-potter-fan.ru/	1970-01-20 17:42:03	Name: _ym_isad Value: 2
code.moviead55.ru/	1970-01-21 03:16:51	Name: sky_uuid Value: a467551c-9a69-b0b6-c081-b64ebb7594c2
.mc.yandex.ru/	1970-01-20 17:40:52	Name: sync_cookie_csrf Value: 2841500523fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2017252841705251658
.yandex.com/	1970-01-21 02:26:27	Name: yuidss Value: 2712294141705251658
.yandex.com/	1970-01-21 02:26:27	Name: ymex Value: 1736787658.yrts.1705251658
.yandex.com/	1970-01-21 02:26:27	Name: bh Value: KgI/MA==
.betweendigital.com/	1970-01-21 02:26:27	Name: dc Value: lux1
.betweendigital.com/	1970-01-21 02:26:27	Name: tuuid Value: 844b2d05-7bb8-520e-a275-1cf5c7d10fbf
.betweendigital.com/	1970-01-21 02:26:27	Name: ss Value: 1
.videohead.tech/	1970-01-20 18:24:03	Name: prevhead Value: 1
.mc.yandex.com/	1970-01-20 17:42:18	Name: sync_cookie_ok Value: synced
code.moviead55.ru/	1970-01-20 17:42:18	Name: bzcookie Value: f911e732-a41d-4c7d-7200-e2851f869d3e
code.moviead55.ru/	1970-01-20 17:42:18	Name: btwcookie Value: 844b2d05-7bb8-520e-a275-1cf5c7d10fbf
.acint.net/	1970-01-20 17:40:52	Name: test_cookie Value: CheckForPermission
.yandex.ru/	1970-01-21 03:16:51	Name: yandexuid Value: 2712294141705251658
.yandex.ru/	1970-01-21 03:16:51	Name: yuidss Value: 2712294141705251658
.yandex.ru/	1970-01-21 03:16:51	Name: i Value: 9yaQtrIGUda46jV0Bd2nlHDS3EOpHDNZyJB8PbjVCRieLhsRRSI8/N4nwDe5M5ITJa45bjHM8XbXCYfQjGLj4HvBkwE=
.yandex.ru/	1970-01-21 03:16:51	Name: yp Value: 1705338058.yu.6402871791705251658
.yandex.ru/	1970-01-21 02:26:27	Name: ymex Value: 1707843658.oyu.6402871791705251658
.acint.net/	1970-01-21 03:16:51	Name: aid Value: fwAAAWWkE0oTjjZ3KZRCAjXM+Y+gguSBO911wSNrFSyjxFVA
kimberlite.io/	1970-01-20 19:50:27	Name: u Value: ZaQTSnwPV8w~ASZpZayDw__yMc4RM_o7NULE90w
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
code.moviead55.ru/	1970-01-20 17:42:18	Name: otclkbid Value: VUARI75Zk9jlp2Z
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.adhigh.net/	1970-01-21 02:26:27	Name: gi_u Value: e6CMMVeRKiQ.AikABlGNCOtbNA
code.moviead55.ru/	1970-01-20 17:42:18	Name: solta Value: ZaQTSnwPV8w
.gonet-ads.com/	1970-01-21 02:27:54	Name: pid Value: NzIyMmE4NWMwYTdmNWIxMw
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp14v6 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp17v2 Value: 1705251658
.acint.net/	1970-01-20 17:42:18	Name: cSyncDp45v5 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp53v5 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp62v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp67v3 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp68v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp71v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp80v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp85v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp95v4 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp98v3 Value: 1705251658
.acint.net/	1970-01-20 18:01:01	Name: cSyncDp104v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp107v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp110v3 Value: 1705251658
.acint.net/	1970-01-20 18:02:27	Name: cSyncDp125v4 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp126v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp127v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp129v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp136v3 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp146v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp148v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp149v3 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp151v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp251v1 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp186v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp217v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp221v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp235v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp239v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp243v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp260v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp244v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp248v2 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp261v1 Value: 1705251658
.acint.net/	1970-01-20 18:24:03	Name: cSyncDp14v4 Value: 1705251658
.opendsp.ru/	1970-01-21 03:16:51	Name: pid Value: MzBiYzk4OTRhN2I5Y2YwMQ
.adhigh.net/	1970-01-21 02:26:27	Name: skyadvert_sync Value: L7Cy
.betweendigital.com/	1970-01-21 02:26:27	Name: ut Value: ZaQTSgAJ23BOzhwpBM3OlJzQ-DnLMaeiQnnYXw==
.adhigh.net/	1970-01-21 02:26:27	Name: sape_sync Value: L7Cy
.utraff.com/	1970-01-20 18:24:14	Name: preutid Value: 1
.upravel.com/	1970-01-20 17:40:51	Name: session_tptc Value: 1705251658728
code.moviead55.ru/	1970-01-20 17:42:18	Name: gtnt Value: e6CMMVeRKiQ.AikABlGNCOtbNA
.upravel.com/	1970-01-21 03:16:51	Name: user_id Value: 1c3709ac-6932-4e90-b380-b8b84030dffe
.mts.ru/	1970-01-21 02:13:30	Name: dspid Value: 8b97018d-393d-439b-9f60-7f54d505098c
sync.adspend.space/	1970-01-21 02:26:27	Name: as-user Value: c7b781e0-ce88-4ca1-9d3f-5f3b3817984b
.rutarget.ru/	1970-01-20 22:00:03	Name: userId Value: qg5yHNv9G6ug
ads.adlook.me/	1970-01-21 02:25:15	Name: adlm_userId Value: b92daa900c10428e98ceec0f3f2b8445
ads.adlook.me/	1970-01-21 03:16:51	Name: adlk_cmatch Value: sape%3A0100007F4A13A4656636E715023D8B75
.ssp-rtb.sape.ru/	1970-01-21 03:16:51	Name: sspuid Value: CkIDT2WkE0pe3AIOhNiAAkEVxbgL2goKv9uszQP17Re5ZalL
.ccsyncuuid.net/	1970-01-21 02:26:27	Name: jcsuuid Value: GPpOQtG6bN10OTHxOtYA
.uuidksinc.net/	1970-01-21 02:26:27	Name: jcsuuid Value: C07hyvtauNacWUWp0Ugu
.adriver.ru/	1970-01-21 03:16:51	Name: cid Value: A861TSOKsFitEA1KfntYt8A
.harry-potter-fan.ru/	1970-01-20 17:41:34	Name: adrdel Value: 1
.harry-potter-fan.ru/	1970-01-21 03:16:51	Name: adrcid Value: A861TSOKsFitEA1KfntYt8A
code.moviead55.ru/	1970-01-20 17:42:18	Name: sapecookie Value: 0100007F4A13A46577368E1302429429
.bumlam.com/	1970-01-21 03:16:51	Name: suuid3 Value: IiQ3ZDc1OGU0Ni1iMmZlLTExZWUtYmJiMS0wMDI1OTBjODI0MzY*
.mts.ru/	1970-01-21 03:16:51	Name: mts_id_last_sync Value: 1705251659
.mts.ru/	1970-01-21 03:16:51	Name: mts_id Value: db71c4ea-67c5-42da-9b16-c2538e578a7f
.aidata.io/	1970-01-21 03:16:51	Name: __upints Value: 1705251659
.bidvol.com/	1970-01-21 03:16:51	Name: bvuid Value: beshe8gpnf
x01.aidata.io/	1970-01-20 17:45:10	Name: livin Value: 1
.aidata.io/	1970-01-21 03:16:51	Name: __upin Value: MjzkewxAMSyRj72E8oscuw
.agency2.ru/	1970-01-21 02:13:30	Name: uuid Value: 52c0d759-892b-4ef1-97fa-a8bfc863d17e
code.moviead55.ru/	1970-01-21 02:26:27	Name: 680rmads Value: 1705251659
code.moviead55.ru/	1970-01-21 02:26:27	Name: 581rmads Value: 1705251659
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.programmatica.com/	1970-01-21 03:16:51	Name: pid Value: MjYwYzdkZjVhYWQ0NzBhZA
.dsp.solta.io/	1970-01-21 03:16:51	Name: pid Value: NzA0ODQzNGE1MGY0ZTI0Ng
.adx.com.ru/	1970-01-21 02:26:27	Name: user Value: 65a4134b7011cb0001b318ea
.sbermarketing.ru/	1970-01-21 02:26:27	Name: dmpuid Value: s1_aB1TUR_mtwiNHb_FK-Q
.dmg.digitaltarget.ru/	1970-01-21 03:16:51	Name: viuserid Value: XPPYdISkbYr4S37FU8RA
.weborama.fr/	1970-01-21 03:06:46	Name: AFFICHE_W Value: RI123-JIyZpE35
.mail.ru/	1970-01-21 02:27:54	Name: VID Value: 0f0r3P2sjE2M0028yr1Ya3IM:::0-0-0-abe6c0b-0:CAASEN6SnFoYUmhW5xg7CfE2XoUaYCZrMwF30wq8o2TBIit_KQSxFCSnq1EDKR3K3eGdArrWCI7j1t9AAaHw3dhjkAXtkKkKvIl06IfhdVTs0k2coYPmUNC-1zgdnGWfUOlNonlBJobtudY-GRCPMoLVeimGBw
prodmp.ru/	1970-01-20 19:07:15	Name: rai Value: 48dd1cc7b19623d2f02137d2df5a00ea
.ohmy.bid/	1970-01-20 18:24:03	Name: uid Value: 72d2458b-50a1-42ed-9be4-f2edcda89c64.65a4134d.40c7f1d3082db519
code.moviead55.ru/	1970-01-20 17:42:18	Name: ohmybid Value: 72d2458b-50a1-42ed-9be4-f2edcda89c64

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://imasdk.googleapis.com/oh48e Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D0&sign=2767030119 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5919349835 Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://an.yandex.ru/setud/mts_banner/i5cBjTk9Q5ufYH9U1QUJjA?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1750518075 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://9bc-a3e-2200g0.v.plground.live:10402/subs/55/1705273258/XRMxfDcJdvV6xThc0XkXvA/907/840907/index.php Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7d758e46-b2fe-11ee-bbb1-002590c82436.n5.sync.bumlam.com
9bc-a3e-2200g0.v.plground.live
a.utraff.com
a.videohead.tech
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adx.com.ru
an.yandex.ru
code.moviead55.ru
content.adriver.ru
counter.yadro.ru
cs.agency2.ru
dm-eu.hybrid.ai
dmg.digitaltarget.ru
dmp.sbermarketing.ru
ev.adriver.ru
exchange.buzzoola.com
fonts.gstatic.com
harry-potter-fan.ru
imasdk.googleapis.com
kimberlite.io
logger.moviead55.ru
match.new-programmatic.com
match.ohmy.bid
mc.yandex.com
mc.yandex.ru
nr.bidderstack.com
otclick-adv.ru
pix.bumlam.com
prodmp.ru
px.adhigh.net
redirect.frontend.weborama.fr
s.ccsyncuuid.net
s.uuidksinc.net
sape-sync.rutarget.ru
sm.rtb.mts.ru
solta-sync.rutarget.ru
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.afp.ai
ssp.bestssp.com
ssp.bidvol.com
static.filmskino.site
static.moviead55.ru
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.programmatica.com
sync.rambler.ru
sync.richaudience.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
therapy.newplayjj.com
top-fwz1.mail.ru
user91471.clients-cdnnow.ru
vak345.com
videotoday.site
vma.mts.ru
www.acint.net
www.google.com
www.gstatic.com
x01.aidata.io
yastatic.net
138.201.192.161
144.76.118.233
167.235.117.41
167.235.14.51
167.235.186.113
168.119.72.236
176.122.21.130
185.15.175.174
185.40.155.13
185.40.31.214
188.42.105.236
188.42.34.64
188.72.107.194
188.72.107.205
193.106.92.202
193.200.65.146
193.200.65.149
193.232.150.68
193.3.184.137
193.3.184.213
194.55.244.178
195.191.235.32
195.209.108.61
213.87.44.187
217.199.220.44
217.65.2.150
217.66.147.33
217.66.147.38
23.111.107.44
23.111.217.132
2606:4700:20::ac43:4ab4
2606:4700:3030::6815:2921
2606:4700:3033::ac43:cc13
2606:4700:3035::ac43:dada
2a00:1148:db00::17
2a00:1450:4001:801::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:831::2003
2a02:2d8:0:c00c::3
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::90
2a06:98c1:3120::3
31.172.81.159
31.172.81.172
31.220.27.134
35.190.24.218
37.18.110.198
37.230.131.21
45.139.25.121
45.95.201.19
5.189.234.229
50.7.241.130
65.109.23.99
77.245.57.72
80.87.192.36
81.222.128.215
82.148.20.186
83.222.117.2
83.222.96.170
88.212.202.52
89.108.120.76
91.192.148.52
94.228.127.171
95.163.52.67
015aaa253600c0e04367b423aee6ec852a0c517df912a74e9c4c91fbdbbf77e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
192bef0edf52cecc89f3b098353b7a247a59a462f5da910b41028e7964e2402f
1a6d6fb6a65e3343fca17d730fa60ac55931863d8efb2231ee7f1d9138ceeeb3
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20f2d6255fe749341e6543047782811c5977380c562e7163efa64594d88c6b3d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
269de31f460024d676a203b8b6f232ca209a16d4fffc3cd052883cf30bb05615
27dbb199eb070f0ff40aa6de874f207a379dd1b547d2f196150ec7d271b48182
27f3ca87e3830cc9ce5dc9608af4c9b1eaa81730a918c134c971d305d11d5f6a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
32f9c09189248fc7081865c0e1b536205384f9d96c5a75e0ccb484e2a74a6f6a
33c7a7de5284db19e9613efd7a96e0fb08e473b2253bc3cca50c41002bcbe395
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d017b5c414837fac034b9646aea3a79862682cac1c16ebc49173772de5e35eb
3da8f64c4974bb6e34358245267ffa96d2cab88942732554c14dc59ea7a33661
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
487524122a6142e66a5f22f30cd0352dc3a3218e4ff77a126c8d0e28c2a5b586
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
497fac9e37409dc1973db0bd76bf0b00841df9d5e13bd14aa4b6e132c4f02918
4a75f2d9b7a5079b6a32dab1dc586296843441c38671e87a545d16e778cb373d
4b9964c5282527bef1638313e4760770d2b65d814a7c067827cb194fc104e3ab
4c4aab096e4d144d4e58c630e859b142066ac84ec90759b15d4e7859d1ad0a12
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
5307f101ffa74d83e44ccc5cbaa1193577fe0c9c659fb40fedb9d403acbb186a
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57df901ddd718ea67fc2c55f827e20fef7a5fae5145e9149e79eb065f9a097b9
5bfbf77283bca4e1efc1b5d65ff5a4488dfc6b794d07392f9f55e3faf8b5044c
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
5f8559f0a5f46220bb385ea7ab9468090aa99b4134f887655ea75d91a9fc2f19
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
631351c46214f59ec4af48f9fcccecfbe1209b76265900431ba1c7a74acb92ec
6419481b0628be0ac764935223befd367b8dac934af19e3cec763acfc7170d54
64c38ea9e73076748e55f288670ffb306dbff7521988f317e6ace3f1ac0371ae
656ff503a9b7ae16ef69aba3629e104b822d306049e07e65c2ab12af188e1bd8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68625452ebd67986faa4feadbeb94a5011996d4cc7bfd33c626da6fd13d88803
691d36d8c1c1473bab129532484199f83e48bae8d839862929921da6df23b667
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583
6c7c893770a3929ede5214839cc14701f15075eb4bc099f3a6021fa5c3aa4bfd
6d9b6a37cbe882441a7de4e1a5c32a84cd100ddefd008ccbe17a35d73d5d0e3b
6e15daeab4a730d740ffc972b487b46eff6b7d37e0a9707335f4ff1a2242aed5
6e5e6fe525a6d40850c185e82c64bf8da82f39de7789c0e187ef6e27decb5067
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
723aa7e4d231c81a010c84b8703f0078c2510814c5da2e9ee4d2949c7e48e747
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7a24b36a457f3a757a3ae6de36c80fe23c86eab7c7429d48c459b5e6eff19004
7ee89d46d109d2ee1a56f5c358e003be3b9b489634d052032f12a075e40e17ce
82b5fb33c0961bdacef02b1a7310832b757149027469eed202474459a1f257d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838439f7800886796f6c8dd2b1bb6eeebfccdc9b05f89c489140c10edff3ab28
84f887baec9d4b92266392f60fbab0c1086f665b11d3e5a7005dc681d62fb062
89cd5e4ef6fcbb24fd971b1ec551d5dccbd4b3f3ec1e900f00c2eeafc62da42c
8e0a7e6dddf51ef4d320e8e534e30090f3b96a99213a1835874e045982961433
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
92b935b6112c66bdeb8051cc585d945fe8e3fd9e470300720d12821a4617fc86
930118cf0cbea4fd3f9d87ea40c49272e91cee257433df70c8f9426a218fa750
933881d68749635974292cfd80a4ec47d24a009399aafdc5f341b52a21d6b60a
948c8b553836da9049e55404d6f16dd981b1dc20d841f148d5a884e713b10997
98b86d2c9f0a5380bf3531cdc0576d9857841f8a4ee90683fa59fccac1b44857
9be7e931e5978b27a1428050d2045f7759ae34424b2a60a021d57a7af6d981f6
9d37eb638eb16c0bb7d39e4c2c6465ad2d4c8e070cf893a2724e068074dfe5b6
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
ae28c4fad713f0365941038ab14753a9488e4c5b31ce36cdc48d8048907e62b0
b29e9c84fa439611d4c43e5ec7ece7a388cc138b267b54e3127f489fd574bd18
b409c14a10b4caad6b54844aa63a5faf748b83eecc2dd0d4fb1d913f8de55365
b477a4b0677dda90b28f2d36b3f06e6e2b9ed8b9aec828940ce9687790ba3db8
b96aba049c7bf3c05364405b705811df4578a1c05d8fb30e410886b165b14d92
bff3758060caf5aee4f2d925d429fda5a0e4121011d6165a5799a14e708e7594
c1242d3a4b3afa310339e66b9fee5119376acdc1c77f1e99fc17d504bc05c1cc
c87256cc56e6827a0bb31127b2eb6f8f94bcd96c481cfd4c6fea4e10be549d3a
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cd89e670cae9029861321158f28c879ca49336dd2d587c25fe2c9bc9d3e56145
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d320eeb8b4fc284a46f3d131ebba5d08c9f7f55224a73a75d3f6b1dcc4239e45
d32e09545bb97202e2509b841fb02ea0570257f333d4eafc3830e3eb19390185
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7f97104ac6050773fc17f08c753d8ef55fe48d6b66022a2411a193347f33a26
da0a0585780a4f972eefaef4cd3c845caa591c3df5d8c3f1c24fc2f55565ab6c
dd8a89b5062b6fd0588f3013b71a7d651fdca4636c26b6dc28a2dfe6da0a6409
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56bdd401d3d4873c1af775fea4c9619a526a7ba6cdcc20a2dae958ac495b967
e8d00c67dc127c731b49339b3b7fc09cb1c34336f48cb3ed069f066e65c7ecc1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ec0b41f334ec5b6d295f4c226c4dcf4f5efff437fe7d5ed93995b94c421dbb74
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2c40f72383396343e664c402c9ae882bd1319415ab72bc5461a582bbb5f401
ee36db6a84eef6884bffafa5d5865ee6a8a2b7fc5142aebf76835eaa24325662
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f88bb57db2810d820bcc9b1e24a9cbb036c1a8d64268f53243f78dc2c40b3525
f90077553de357610c6de2316f9d498c3bc0be4d64407f10cd4b092ad96433d6
f960fced43f3caca5bd99a53c039e8358274a0c399588ee34888f411fdb61e05
f9c9a7f14b6e1fd7abcd3a40300fc54612d8624cfb2796ca6e672206aada69a0
fc3220dddba2d509f7cf17fe1fad9d695524ff97cadc1d14da9f9c6d1b30715f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

harry-potter-fan.ru Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

140 Requests

69 %HTTPS

21 %IPv6

56 Domains

70 Subdomains

39 IPs

9 Countries

3229 kBTransfer

7239 kBSize

119 Cookies

12 Outgoing links

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

harry-potter-fan.ru Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

69 %
HTTPS

21 %
IPv6

56
Domains

70
Subdomains

39
IPs

9
Countries

3229 kB
Transfer

7239 kB
Size

119
Cookies

140 HTTP transactions
20 data transactions