www.kinoafisha.info Open in urlscan Pro
2606:4700:10::6816:178e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kinoafisha.info/
Submission: On March 09 via manual (March 9th 2023, 8:23:45 am UTC) from LV — Scanned from DE

Summary HTTP 191 Redirects Links 235 Behaviour Indicators

Summary

This website contacted 51 IPs in 12 countries across 37 domains to perform 191 HTTP transactions. The main IP is 2606:4700:10::6816:178e, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kinoafisha.info. The Cisco Umbrella rank of the primary domain is 275291.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 26th 2022. Valid for: a year.

This is the only time www.kinoafisha.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:10:... 2606:4700:10::6816:178e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
1	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a06:98c1:312... 2a06:98c1:3122:e000::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
5 11	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
27	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
1	213.189.208.20 213.189.208.20	6903 (ZENON-AS ...) (ZENON-AS Moscow)
3	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1e0... 2400:52e0:1e00::723:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
6	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
4 9	185.83.142.19 185.83.142.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.156.241.175 35.156.241.175	16509 (AMAZON-02) (AMAZON-02)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	195.209.111.15 195.209.111.15	52007 (ADRIVER-AS) (ADRIVER-AS)
7	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:807::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7 9	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 14	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
30	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	52.30.84.16 52.30.84.16	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:238... 2600:9000:238d:e200:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:1f13:800... 2600:1f13:800:7780:c8d2:cc35:8371:b2d9	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	104.18.11.47 104.18.11.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	50.31.142.31 50.31.142.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 3	3.65.89.114 3.65.89.114	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.158.183 52.214.158.183	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	54.154.209.57 54.154.209.57	16509 (AMAZON-02) (AMAZON-02)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
191	51

19 2606:4700:10::6816:178e (United States)

ASN13335 (CLOUDFLARENET, US)

www.kinoafisha.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.kinoafisha.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

cdn-b.notsy.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3122:e000::c (United States)

ASN13335 (CLOUDFLARENET, US)

jsn.24smi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.189.208.20 (Russian Federation)

ASN6903 (ZENON-AS Moscow, Russia, RU)
PTR: unused.rusonyx.ru

widget.premieralight.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1e00::723:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.83.142.19 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.241.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-241-175.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.15 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:807::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.162 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.84.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-84-16.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:238d:e200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.31 (Itasca, United States) 1 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.65.89.114 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-89-114.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.158.183 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-158-183.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.209.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-209-57.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136	388 KB
30	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 277	300 KB
24	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 googleads.g.doubleclick.net — Cisco Umbrella Rank: 28 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321	225 KB
19	kinoafisha.info www.kinoafisha.info — Cisco Umbrella Rank: 275291 static.kinoafisha.info — Cisco Umbrella Rank: 361798	426 KB
15	casalemedia.com 4 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 469 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 519 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 423 dsum.casalemedia.com — Cisco Umbrella Rank: 1221	12 KB
11	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 208 acdn.adnxs.com — Cisco Umbrella Rank: 522 secure.adnxs.com — Cisco Umbrella Rank: 380	27 KB
10	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 723 static.adsafeprotected.com — Cisco Umbrella Rank: 538 dt.adsafeprotected.com — Cisco Umbrella Rank: 518	99 KB
8	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9434	3 KB
6	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 903	586 B
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 475 s.amazon-adsystem.com — Cisco Umbrella Rank: 270	60 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4223 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 65	2 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 707 gum.criteo.com — Cisco Umbrella Rank: 387 mug.criteo.com — Cisco Umbrella Rank: 2724	8 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6027 adservice.google.de — Cisco Umbrella Rank: 8682	1 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3716	58 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 186	125 KB
2	scoota.co 2 redirects r.scoota.co — Cisco Umbrella Rank: 31582	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 599 cdn.indexww.com — Cisco Umbrella Rank: 1412	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 626	58 KB
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 486 eb2.3lift.com — Cisco Umbrella Rank: 341	698 B
2	vk.com vk.com — Cisco Umbrella Rank: 6194	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	122 KB
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 501	433 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 753	757 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 517	309 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	265 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 863	469 B
1	adriver.ru pb.adriver.ru — Cisco Umbrella Rank: 41496	307 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5922	290 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6078	182 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4182	535 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	2 KB
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 49340	1 KB
1	premieralight.ru widget.premieralight.ru — Cisco Umbrella Rank: 434069	18 KB
1	24smi.net jsn.24smi.net — Cisco Umbrella Rank: 67716	29 KB
1	notsy.io cdn-b.notsy.io — Cisco Umbrella Rank: 128856	149 KB
191	37

	Domain	Requested by
30	s0.2mdn.net	www.kinoafisha.info s0.2mdn.net 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
27	pagead2.googlesyndication.com	www.kinoafisha.info pagead2.googlesyndication.com 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
17	static.kinoafisha.info	www.kinoafisha.info static.kinoafisha.info
11	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
11	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
9	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
9	ib.adnxs.com	4 redirects cdn-b.notsy.io googleads.g.doubleclick.net acdn.adnxs.com
8	mc.yandex.com	3 redirects www.kinoafisha.info mc.yandex.ru
6	dt.adsafeprotected.com	06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
6	c2shb.pubgw.yahoo.com	cdn-b.notsy.io
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.kinoafisha.info
4	googleads4.g.doubleclick.net	www.kinoafisha.info
3	x.bidswitch.net	3 redirects
3	06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	cdn-b.notsy.io c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	mc.yandex.ru	2 redirects www.kinoafisha.info
3	www.googletagservices.com	www.kinoafisha.info 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
2	r.scoota.co	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	static.adsafeprotected.com	06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
2	fw.adsafeprotected.com	1 redirects www.kinoafisha.info
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn-b.notsy.io static.criteo.net
2	www.google.com	www.kinoafisha.info tpc.googlesyndication.com
2	www.google.de	www.kinoafisha.info
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	vk.com	www.kinoafisha.info
2	www.googletagmanager.com	www.kinoafisha.info www.googletagmanager.com
2	www.kinoafisha.info	www.kinoafisha.info
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	secure.adnxs.com	1 redirects
1	match.adsrvr.org	ssum-sec.casalemedia.com
1	eb2.3lift.com	cdn-b.notsy.io
1	js-sec.indexww.com	cdn-b.notsy.io
1	acdn.adnxs.com	cdn-b.notsy.io
1	mug.criteo.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	pb.adriver.ru	cdn-b.notsy.io
1	ghb.adtelligent.com	cdn-b.notsy.io
1	tlx.3lift.com	cdn-b.notsy.io
1	htlb.casalemedia.com	cdn-b.notsy.io
1	prebid-eu.creativecdn.com	cdn-b.notsy.io
1	bidder.criteo.com	cdn-b.notsy.io
1	adx.adform.net	cdn-b.notsy.io
1	cdn.jsdelivr.net	cdn-b.notsy.io
1	ym-tack.b-cdn.net	cdn-b.notsy.io
1	widget.premieralight.ru	www.kinoafisha.info
1	jsn.24smi.net	www.kinoafisha.info
1	cdn-b.notsy.io	www.kinoafisha.info
191	60

This site contains links to these domains. Also see Links.

Domain
msk.kinoafisha.info
krasnoznamensk.kinoafisha.info
balashikha.kinoafisha.info
pushkino.kinoafisha.info
krasnogorsk.kinoafisha.info
zhukovsky.kinoafisha.info
voskresensk.kinoafisha.info
podolsk.kinoafisha.info
stupino.kinoafisha.info
serpuhov.kinoafisha.info
domodedovo.kinoafisha.info
lyubertsy.kinoafisha.info
kubinka.kinoafisha.info
ivanteevka.kinoafisha.info
dolgoprudny.kinoafisha.info
fryazino.kinoafisha.info
elektrogorsk.kinoafisha.info
vidnoe.kinoafisha.info
lesnojgorodok.kinoafisha.info
reutov.kinoafisha.info
zelenograd.kinoafisha.info
odintsovo.kinoafisha.info
istra.kinoafisha.info
narofominsk.kinoafisha.info
sergiyev-posad.kinoafisha.info
korolev.kinoafisha.info
zvenigorod.kinoafisha.info
chehov.kinoafisha.info
dmitrov.kinoafisha.info
shchyolkovo.kinoafisha.info
solnechnogorsk.kinoafisha.info
himki.kinoafisha.info
noginsk.kinoafisha.info
lobna.kinoafisha.info
ramenskoye.kinoafisha.info
kinoafishainfo.page.link
vk.com
zen.yandex.ru
twitter.com
www.ok.ru
t.me
www.youtube.com
ru.kinoafisha.info
by.kinoafisha.info
uz.kinoafisha.info
kz.kinoafisha.info
md.kinoafisha.info
am.kinoafisha.info
az.kinoafisha.info
tj.kinoafisha.info
is.kinoafisha.info
ge.kinoafisha.info
fi.kinoafisha.info
lv.kinoafisha.info
lt.kinoafisha.info
kg.kinoafisha.info
ee.kinoafisha.info
allcafe.ru
pogoda1.ru
mobile.kinoafisha.info
wink.ru

Subject Issuer	Validity	Valid
*.kinoafisha.info GlobalSign GCC R3 DV TLS CA 2020	`2022-10-26` - `2023-11-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
cdn-b.notsy.io R3	`2023-01-29` - `2023-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-09-12` - `2023-09-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
widget.premieralight.ru R3	`2023-02-18` - `2023-05-19`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M01	`2023-02-10` - `2023-06-11`	4 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-02-01` - `2023-05-02`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-02-10` - `2023-05-27`	4 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-09` - `2023-12-03`	10 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.match.prod.bidr.io Amazon RSA 2048 M02	`2023-02-09` - `2024-01-26`	a year	crt.sh

This page contains 20 frames:

Primary Page: https://www.kinoafisha.info/
Frame ID: 8273878AF2E6A67B566471D2AF28EE67
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html
Frame ID: 09E954C440731371BE8DF28B98980974
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1644183505536739&output=html&adk=1812271804&adf=3025194257&lmt=1678350218&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kinoafisha.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678350218457&bpp=3&bdt=523&idt=254&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6648358162429&frm=20&pv=2&ga_vid=167482201.1678350219&ga_sid=1678350219&ga_hid=1318471940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31072926%2C31071262&oid=2&pvsid=694650881434157&tmod=1844845108&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322
Frame ID: 7AC3F043549E27625748766A448C6770
Requests: 1 HTTP requests in this frame

Frame: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AAD1E7C425E50E01EF9573DFE0DBB2F9
Requests: 1 HTTP requests in this frame

Frame: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04387E44BEBA0D14819D425C03F13C92
Requests: 19 HTTP requests in this frame

Frame: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64A3C432EDF9E0278966C169912705F3
Requests: 26 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 499D2B6685691F94AF56B80230DE72B7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 77638ED5429EF5ED960AA3C034864EB4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnR0-gDEMTh6uwDGLzSuOIBMAE&v=APEucNW6ysG_Q5qIk0vvAeum-kJF48FMHSdKRDPhO8iZU8gZdR_rnlNOF74mw_JhzDCCmBohqS9DRqaDZ59Xksb5dsv13LRTktOejn8jdGJ5a9bcIzjPIxNmlO6CzFSaWjbO47uZVy5g-kcjTK1jp2ZG0wM9qZZK1uCBYcfLkEoRw5UHLNNMowo
Frame ID: F92265C0D9A8B1D52E5EF002362EBDE2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYipL9xAEwAQ&v=APEucNVA1no5i6tzOR1WrKtQ8mYzGsTBElcq8vtuI4EF5UydjK_lHKGdtYYTRqyVgskQjL988lAJM8quyP61vmvJM6ecN0AtkA6Q7rYnCkG1z663ARKLs8sRae9b2FpM0ehESprnJApN2g7h7XSthBq_0VfT8ARbms7mJHrMpjfUvZHfY6gCVPU
Frame ID: CC04BBC0A0FF267594F349C6565E09AC
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kinoafisha.info
Frame ID: 87F9B8E76A5469C7CF60E0180514FB67
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 371B4D7030507A04E618E65755F8E7E7
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html
Frame ID: 0B75A1041E793955A3F584477CB85984
Requests: 20 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
Frame ID: 324629AF0725E57236EB7415C6405532
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F475840BEB7B98296C09227CAF01F2A9
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: AD62617FCB920B9B2BA323BAC7486276
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 719291461A043C9DBBBCEA4A04085176
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3878A731B65063C42163BCB27C561243
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 6F6722FF16975B4346A355C468597D16
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F090CF8A38936CB8DA7D1FD4B8ADB5DB
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Киноафиша – все о кино и кинотеатрах, афиша кинотеатров

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

191
Requests

90 %
HTTPS

47 %
IPv6

37
Domains

60
Subdomains

51
IPs

12
Countries

2150 kB
Transfer

6374 kB
Size

39
Cookies

235 Outgoing links

These are links going to different origins than the main page.

URL: https://msk.kinoafisha.info/movies/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/
Title: Кинотеатры

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/near/
Title: Рядом

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/map/
Title: Карта

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/discounts/
Title: Скидки

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/rating/
Title: Рейтинги

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/networks/
Title: Сети

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/clubs/
Title: Клубы

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/776797/

Search URL Search Domain Scan URL

URL: https://krasnoznamensk.kinoafisha.info/cinema/8320223/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327298/

Search URL Search Domain Scan URL

URL: https://balashikha.kinoafisha.info/cinema/8327205/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327138/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327068/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320170/

Search URL Search Domain Scan URL

URL: https://pushkino.kinoafisha.info/cinema/8327224/

Search URL Search Domain Scan URL

URL: https://krasnogorsk.kinoafisha.info/cinema/8320163/

Search URL Search Domain Scan URL

URL: https://zhukovsky.kinoafisha.info/cinema/8327076/

Search URL Search Domain Scan URL

URL: https://balashikha.kinoafisha.info/cinema/8326891/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327392/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320228/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326887/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8178573/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326194/

Search URL Search Domain Scan URL

URL: https://voskresensk.kinoafisha.info/cinema/8326880/

Search URL Search Domain Scan URL

URL: https://podolsk.kinoafisha.info/cinema/8327243/

Search URL Search Domain Scan URL

URL: https://stupino.kinoafisha.info/cinema/8320147/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327770/

Search URL Search Domain Scan URL

URL: https://serpuhov.kinoafisha.info/cinema/8320149/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/4221235/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8328049/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327258/

Search URL Search Domain Scan URL

URL: https://domodedovo.kinoafisha.info/cinema/8327880/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8168846/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8137262/

Search URL Search Domain Scan URL

URL: https://lyubertsy.kinoafisha.info/cinema/8322037/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327263/

Search URL Search Domain Scan URL

URL: https://kubinka.kinoafisha.info/cinema/8325430/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/4619152/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327625/

Search URL Search Domain Scan URL

URL: https://ivanteevka.kinoafisha.info/cinema/8168950/

Search URL Search Domain Scan URL

URL: https://dolgoprudny.kinoafisha.info/cinema/8168849/

Search URL Search Domain Scan URL

URL: https://fryazino.kinoafisha.info/cinema/8168948/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327257/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325980/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320224/

Search URL Search Domain Scan URL

URL: https://elektrogorsk.kinoafisha.info/cinema/8325407/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7923818/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327777/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/4281244/

Search URL Search Domain Scan URL

URL: https://vidnoe.kinoafisha.info/cinema/8325519/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/776795/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8126725/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325669/

Search URL Search Domain Scan URL

URL: https://lesnojgorodok.kinoafisha.info/cinema/8107118/

Search URL Search Domain Scan URL

URL: https://reutov.kinoafisha.info/cinema/8166273/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327432/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772571/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326031/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327150/

Search URL Search Domain Scan URL

URL: https://zelenograd.kinoafisha.info/cinema/5996508/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327428/

Search URL Search Domain Scan URL

URL: https://podolsk.kinoafisha.info/cinema/799348/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327429/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327427/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327431/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/3188104/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1879036/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772591/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1751846/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327162/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8130927/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327088/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8170604/

Search URL Search Domain Scan URL

URL: https://krasnogorsk.kinoafisha.info/cinema/8166461/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327220/

Search URL Search Domain Scan URL

URL: https://odintsovo.kinoafisha.info/cinema/8178374/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327961/

Search URL Search Domain Scan URL

URL: https://vidnoe.kinoafisha.info/cinema/8327281/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8132706/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325965/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8322208/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1214671/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808322/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/792708/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8178919/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326603/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8178907/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8178908/

Search URL Search Domain Scan URL

URL: https://pushkino.kinoafisha.info/cinema/8327003/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325485/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/776805/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326894/

Search URL Search Domain Scan URL

URL: https://istra.kinoafisha.info/cinema/8320167/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772611/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327218/

Search URL Search Domain Scan URL

URL: https://balashikha.kinoafisha.info/cinema/8123679/

Search URL Search Domain Scan URL

URL: https://domodedovo.kinoafisha.info/cinema/8327069/

Search URL Search Domain Scan URL

URL: https://narofominsk.kinoafisha.info/cinema/8168944/

Search URL Search Domain Scan URL

URL: https://serpuhov.kinoafisha.info/cinema/8320151/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8328076/

Search URL Search Domain Scan URL

URL: https://sergiyev-posad.kinoafisha.info/cinema/8326988/

Search URL Search Domain Scan URL

URL: https://sergiyev-posad.kinoafisha.info/cinema/8322199/

Search URL Search Domain Scan URL

URL: https://korolev.kinoafisha.info/cinema/808335/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808329/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/4833829/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8130926/

Search URL Search Domain Scan URL

URL: https://zvenigorod.kinoafisha.info/cinema/8325405/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320225/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327537/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327014/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8319799/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8163512/

Search URL Search Domain Scan URL

URL: https://zhukovsky.kinoafisha.info/cinema/8327342/

Search URL Search Domain Scan URL

URL: https://domodedovo.kinoafisha.info/cinema/8320169/

Search URL Search Domain Scan URL

URL: https://chehov.kinoafisha.info/cinema/8320144/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7735779/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808316/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8177988/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327159/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327536/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8171004/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8155010/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1554393/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7758735/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320222/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7558264/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1657061/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8097136/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325961/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327758/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327759/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327760/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326883/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327012/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325535/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327074/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326896/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327210/

Search URL Search Domain Scan URL

URL: https://pushkino.kinoafisha.info/cinema/8326601/

Search URL Search Domain Scan URL

URL: https://lyubertsy.kinoafisha.info/cinema/8319802/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326991/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808337/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8135318/

Search URL Search Domain Scan URL

URL: https://dmitrov.kinoafisha.info/cinema/8320742/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808336/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327627/

Search URL Search Domain Scan URL

URL: https://korolev.kinoafisha.info/cinema/8170626/

Search URL Search Domain Scan URL

URL: https://shchyolkovo.kinoafisha.info/cinema/1387510/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772603/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772602/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327433/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8110019/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8320227/

Search URL Search Domain Scan URL

URL: https://zelenograd.kinoafisha.info/cinema/8327212/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808330/

Search URL Search Domain Scan URL

URL: https://serpuhov.kinoafisha.info/cinema/8320153/

Search URL Search Domain Scan URL

URL: https://lyubertsy.kinoafisha.info/cinema/8121164/

Search URL Search Domain Scan URL

URL: https://solnechnogorsk.kinoafisha.info/cinema/8168945/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7649584/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772601/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326530/

Search URL Search Domain Scan URL

URL: https://zelenograd.kinoafisha.info/cinema/8325716/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325229/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7727404/

Search URL Search Domain Scan URL

URL: https://himki.kinoafisha.info/cinema/772609/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1870919/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772600/

Search URL Search Domain Scan URL

URL: https://noginsk.kinoafisha.info/cinema/8325675/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327202/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1387516/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325664/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8168848/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8166653/

Search URL Search Domain Scan URL

URL: https://reutov.kinoafisha.info/cinema/8098563/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/7604274/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8322202/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1077820/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8168847/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8322201/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/5239074/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772608/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327772/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327774/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8327211/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1275323/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8091131/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8319939/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8130936/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325449/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8325508/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772614/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772615/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772622/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/772623/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/808339/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8328042/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8168937/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8326848/

Search URL Search Domain Scan URL

URL: https://lobna.kinoafisha.info/cinema/8320162/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/1434318/

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/cinema/8168855/

Search URL Search Domain Scan URL

URL: https://shchyolkovo.kinoafisha.info/cinema/776796/

Search URL Search Domain Scan URL

URL: https://ramenskoye.kinoafisha.info/cinema/8320156/

Search URL Search Domain Scan URL

URL: https://odintsovo.kinoafisha.info/cinema/8320219/

Search URL Search Domain Scan URL

URL: https://stupino.kinoafisha.info/cinema/8320146/

Search URL Search Domain Scan URL

URL: https://kinoafishainfo.page.link/footer

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/afisha/
Title: Подборки

Search URL Search Domain Scan URL

URL: https://vk.com/kinoafishainfo
Title: Вконтакте

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/kinoafisha.info
Title: Яндекс Дзен

Search URL Search Domain Scan URL

URL: https://twitter.com/kinoafisha_info
Title: Твиттер

Search URL Search Domain Scan URL

URL: https://www.ok.ru/group/52346916896917
Title: Одноклассники

Search URL Search Domain Scan URL

URL: https://t.me/kinoafishainfo
Title: Новости кино

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNuQyDGBj28VwMRhCy_hTOw
Title: Новые трейлеры на Ютубе

Search URL Search Domain Scan URL

URL: https://t.me/kinoboltaem
Title: Чат про кино

Search URL Search Domain Scan URL

URL: https://ru.kinoafisha.info/
Title: 🇷🇺 Россия

Search URL Search Domain Scan URL

URL: https://by.kinoafisha.info/
Title: 🇧🇾 Беларусь

Search URL Search Domain Scan URL

URL: https://uz.kinoafisha.info/
Title: 🇺🇿 Узбекистан

Search URL Search Domain Scan URL

URL: https://kz.kinoafisha.info/
Title: 🇰🇿 Казахстан

Search URL Search Domain Scan URL

URL: https://md.kinoafisha.info/
Title: 🇲🇩 Молдавия

Search URL Search Domain Scan URL

URL: https://am.kinoafisha.info/
Title: 🇦🇲 Армения

Search URL Search Domain Scan URL

URL: https://az.kinoafisha.info/
Title: 🇦🇿 Азербайджан

Search URL Search Domain Scan URL

URL: https://tj.kinoafisha.info/
Title: 🇹🇯 Таджикистан

Search URL Search Domain Scan URL

URL: https://is.kinoafisha.info/
Title: 🇮🇸 Исландия

Search URL Search Domain Scan URL

URL: https://ge.kinoafisha.info/
Title: 🇬🇪 Грузия

Search URL Search Domain Scan URL

URL: https://fi.kinoafisha.info/
Title: 🇫🇮 Финляндия

Search URL Search Domain Scan URL

URL: https://lv.kinoafisha.info/
Title: 🇱🇻 Латвия

Search URL Search Domain Scan URL

URL: https://lt.kinoafisha.info/
Title: 🇱🇹 Литва

Search URL Search Domain Scan URL

URL: https://kg.kinoafisha.info/
Title: 🇰🇬 Киргизия

Search URL Search Domain Scan URL

URL: https://ee.kinoafisha.info/
Title: 🇪🇪 Эстония

Search URL Search Domain Scan URL

URL: https://allcafe.ru/
Title: Все рестораны и кафе России

Search URL Search Domain Scan URL

URL: https://pogoda1.ru/
Title: Прогноз погоды в мире

Search URL Search Domain Scan URL

URL: https://msk.kinoafisha.info/
Title: Киноафиша Москвы

Search URL Search Domain Scan URL

URL: https://mobile.kinoafisha.info/
Title: Скачай приложение

Search URL Search Domain Scan URL

URL: https://wink.ru/promo?utm_source=media_kinoafisha.info&utm_medium=display&utm_campaign=system:banner.name:10004_b2c_wink_kinoafisha_knopki&utm_content=fix_sticky_button_desktop_mobile_all&utm_term=1_2
Title: Смотрите фильмы бесплатно на

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9937.zDKEchPJ9EWzsONsGZtT9_rtxvp_DLvpR51t0ZLYESqvS-PmxJTnD5ixhEYFjl9G.AjhlNFotw0OXWfb-oTN5a1-0_Vs%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9937.O64I97znjw_S7GQYhDW66Aw7FBHYs9lBbOx34vr1711eEmXliBruVEQVBHPRcAEPqS-x8EoyPvzVUYWTzPklXEmQnYnVYYS2mi6FAIhgJmc%2C.uRgtuwP2h--VBCsh0-ntinz5uEQ%2C

Request Chain 67

https://mc.yandex.com/watch/28763351?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A34958924401%3Ahid%3A749924939%3Az%3A0%3Ai%3A20230309082338%3Aet%3A1678350218%3Ac%3A1%3Arn%3A763377665%3Arqn%3A1%3Au%3A1678350218838470480%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A56%2C19%2C202%2C113%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678350217654%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678350219%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A34958924401%3Ahid%3A749924939%3Az%3A0%3Ai%3A20230309082338%3Aet%3A1678350218%3Ac%3A1%3Arn%3A763377665%3Arqn%3A1%3Au%3A1678350218838470480%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A56%2C19%2C202%2C113%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678350217654%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678350219%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 72

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9937.CBsa8aTdtyGQuvkt_m_VGOQKzjTGxujXeXDzaIYmQHrZBhHCAJiCJaXfXEiLPzes.K06vSU5qZFlkkZv3i4yB9eAtfJM%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9937.d3j5mvHaYCoLlKTmjgjauyFizg-JvwaK6EXg1ynDlSZHlRNvRGEBEYmUXd-lc5rqbA3DVzAe1NR7J22EoaRQf1xNtt4WxVjPnjPfKcBjrkU%2C.94sL-3O3FcuUKr9pW5BZ1yeZrag%2C

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

Request Chain 105

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

Request Chain 106

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

Request Chain 107

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NjkyNzgzMzcyNDUwNzM3NA%3D%3D

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3Mjg2ODcxMzI1Mjg0NjE2Mw%3D%3D

Request Chain 112

https://gum.criteo.com/sid/json?origin=publishertag&domain=kinoafisha.info&sn=ChromeSyncframe&so=0&topUrl=www.kinoafisha.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zHsxFnxJdlhLL3ZwcEpaM3BJb0NoNStVbWZHemNzNXZnK2RocDRGbEZlQ3B3OUZyTU5DMVczT2hLR1I5MHFQSjA0ZFpGN1lNUkxUZnpxRnAzZVFOejhheTNpdG9nMC8rbTlYS0p4aTFJUmxHUjBGZzUvSU5IMHJUbEdjMUYyUlA2ays2WHAyU1BPaFVHRG01TW5qOHN4VUJlSFowdkRyYStudHpReDdHRVN6MVdQcjg5WnBrMXlHckVRem1GOWV6S1JtUXNrcGdZNjAyM3dzSk1qczBDUDFFckI2WjR1YmNBWnFkRVFGZlpVV2pNbzdza09HQTdROEh5eTFBU3VRMFVXS3QvcFlNcERKNzZwSmp0OGdwdlNXaHNXdDdwWnJHeWdhNWM4ZTF6KzFDWU9rbz18&cppv=2

Request Chain 167

https://fw.adsafeprotected.com/rfw/st/987057/61527016/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2276134140992200&ias_chanId=1&ias_placementId=19429848476&bidurl=https://www.kinoafisha.info/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jZtEM9djUZD7dAIu88lPIV&adContainerId=brand_safety_i5cJZJfJKqCmx_AP0OKX8A4&cbFunctionName=goog_wrapCb_i5cJZJfJKqCmx_AP0OKX8A4&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_970x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.kinoafisha.info&adsafe_type=y&adsafe_url=https%3A%2F%2Fwww.kinoafisha.info%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:56e7e796-cf70-7067-b084-1d051ba8f40a,c:6lO0W6,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-65fb65bbbb-pswd5,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:5,mot:0,app:0,maw:0,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:27,oid:b2286d14-be53-11ed-b709-e65eaf572be8,v:19.8.397,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 187

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid=&dcc=t

Request Chain 188

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDj4W8K7Mcq3aaAqUnk7D0Y&google_cver=1

Request Chain 190

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7872868713252846163

Request Chain 191

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

Request Chain 192

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=f92122d2-2592-4c65-8c36-e30fa13a86c0&ssp=index HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=eae6f90e-50e1-453c-bc28-9dd014e77c46&gdpr=&gdpr_consent=&us_privacy=

Request Chain 193

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685626532041971

191 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kinoafisha.info/ 522 KB
87 KB 277ms
202ms Document
text/html 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33d3105f647956d7fcdbf1834bebb5d37ea66545a133bfe8ae370ed230bc90f9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7a51eabcdb188ff8-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 08:23:37 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
vary: Accept-Encoding User-Agent

GET
H2 200 base.css
static.kinoafisha.info/static/assets/css/ 477 KB
85 KB 42ms
16ms Stylesheet
text/css 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/css/base.css?20230307150221d7caee256ad4265f25996a8bf31f326e
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b54085bfd350fea76bee85aebe19330ca0c10dbe5aa67578bbfffe2f110dc99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Mar 2023 12:02:21 GMT
server: cloudflare
age: 159657
etag: W/"640727cd-773e7"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eabe8cc98ff8-FRA
expires: Wed, 06 Mar 2024 12:02:41 GMT

GET
H2 200 base.js Show response
static.kinoafisha.info/static/assets/js/ 110 KB
29 KB 61ms
17ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/base.js?20230306115603deb837bc1065772f3c610d9a9fa92e4f
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67535afebe43178333e9b0482a2611b058f9f1cfb733b8b4d54dbfc91c3d04b

Request headers

Referer: https://www.kinoafisha.info/
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 08:56:03 GMT
server: cloudflare
age: 257239
etag: W/"6405aaa3-1b6a0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eabea8b7bbbb-FRA
expires: Tue, 05 Mar 2024 08:56:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 140ms
62ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd8d9108d0310c609bc603d72db751fbee61125d9cee2a760650f7699b86a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27453
x-xss-protection: 0
server: sffe
etag: "1505 / 425 of 1000 / last-modified: 1678317114"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 ym.js Show response
cdn-b.notsy.io/kaf/ 461 KB
149 KB 148ms
31ms Script
application/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-b.notsy.io/kaf/ym.js
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-731.bunnyinfra.net
Software: BunnyCDN-AT1-731 /
Resource Hash: d2aee40a90fc7bb865be856546c276ec7cfee3a1a52d772449f9b0a78fbc57ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
cdn-edgestorageid: 731
cdn-storageserver: DE-199
cdn-cachedat: 02/24/2023 16:26:24
cdn-pullzone: 139012
last-modified: Fri, 24 Feb 2023 15:12:27 GMT
server: BunnyCDN-AT1-731
cdn-fileserver: 332
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"63f8d3db-73522"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 0d2987ccba752f1380b3cc62f087e13f
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 smi.js Show response
jsn.24smi.net/ 93 KB
29 KB 46ms
15ms Script
application/javascript 2a06:98c1:3122:e000::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jsn.24smi.net/smi.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3122:e000::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5eb3dbf6094861db4230debabbf2fa752dab94c4981e6d4d99f6562b49c5e4af

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=0
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 17 Jan 2023 14:32:34 GMT
server: cloudflare
age: 90
etag: W/"63c6b182-17428"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 7a51eabe9c873a76-FRA
expires: Thu, 09 Mar 2023 08:30:05 GMT

GET
DATA 200
OK truncated
/ 812 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0977d027e31c96ac0ebe97ffc9c8821047dc6c26c6dd7ad623b102ab59c0aada

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 115 KB
45 KB 57ms
22ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21667993-5

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

809d5e6ffe4af97ac006f280567b58e81299449c3572fc52dcf7f6d47a7f4274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 162 KB
58 KB 197ms
100ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-e3bd"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58301
expires: Thu, 09 Mar 2023 09:23:38 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 163ms
36ms Script
application/x-javascript 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv164-137-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
x-frontend: front512005
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: "6389a5e0-5b16"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23318
expires: Mon, 13 Mar 2023 08:23:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 326 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9798cea005aac4333203616f34c5eb42c280d1964703c9bac73e84013cdd9125

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 176 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb7d191eeade124bcf4fe9ebeff0da9575e6410937eb4eda086dee632dca1cf8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
48 KB 174ms
76ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a910bcd6563c7e78d6dafb506dc0a6504bdbd683705656df3a78a3e34fa70f52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48611
x-xss-protection: 0
server: cafe
etag: 10722533147217812790
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 email-decode.min.js Show response
www.kinoafisha.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
847 B 9ms
9ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinoafisha.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 03 Mar 2023 16:16:37 GMT
server: cloudflare
etag: W/"64021d65-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7a51eabf9db28ff8-FRA
expires: Sat, 11 Mar 2023 08:23:38 GMT

GET
H/1.1 200
OK module.js Show response
widget.premieralight.ru/static/js/ 18 KB
18 KB 135ms
42ms Script
application/javascript 213.189.208.20
ZENON-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.premieralight.ru/static/js/module.js
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.189.208.20 , Russian Federation, ASN6903 (ZENON-AS Moscow, Russia, RU),
Reverse DNS: unused.rusonyx.ru
Software: nginx/1.22.1 /
Resource Hash: d18a2dc53eefab7c166340605fb398a07220d2954c89a882e420e2ccf6efde88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 08:23:38 GMT
Last-Modified: Wed, 08 Mar 2017 14:46:08 GMT
Server: nginx/1.22.1
ETag: "58c01930-461f"
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17951
Expires: Fri, 10 Mar 2023 08:23:38 GMT

GET
DATA 200
OK truncated
/ 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 73d8c98b86143e9d271f10f79e337994a1a9d967b422168697e7423cba3806aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 pubads_impl_2023030601.js Show response
securepubads.g.doubleclick.net/gpt/ 393 KB
133 KB 91ms
24ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072877

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 16:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135664
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 09:35:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Mar 2024 16:56:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 355 B
692 B 67ms
21ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kinoafisha.info

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

482ada0c97058d056aea718cb8b7e5464702f539cdbc942d55f731a88b8cc2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148
x-xss-protection: 0
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 57ms
11ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:31:25 GMT
content-encoding: gzip
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront), 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
last-modified: Wed, 08 Mar 2023 21:18:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P6
age: 3134
x-amz-server-side-encryption: AES256
etag: W/"674325314aec17fac6c83c44b2e5566d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: uMEwK0tBAnMIbpRxRt7arsVdgq3QADDvFIw6J26VhJwMtbt4wX2fyQ==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 688 B
1 KB 91ms
32ms Ping
text/html 2400:52e0:1e00::723:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?KAF;desktop;;main_page_desktop;237813|704fa4
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::723:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-723 /
Resource Hash: 2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cdn-edgestorageid: 723
cdn-storageserver: DE-568
cdn-cachedat: 03/09/2023 08:23:38
cdn-pullzone: 749406
content-length: 688
server: BunnyCDN-DE1-723
cdn-fileserver: 469
cdn-requestpullcode: 405
cdn-proxyver: 1.03
etag: "63cace81-2b0"
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=0
cdn-requestid: bf95c5c74362ea595a09939eb9058582
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 30ms
13ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230309

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15767
x-jsd-version: 1.0.1640
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-PeDyOB4Gqgq4huu4pMQX1CxVy2k"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM8NuQCaFjsnIHTFz9j794Me%2FowwFvFC99%2BT5RBh34mLKwW4qMFVDJibFzH2ysvYaZT%2Fs8YCL%2F%2FTRoAo7Zruf451gvsZ2%2BIoDu12RQG3Xs%2Fwv1eSWw575lLPddIbpEY4G8Cc6GOdVXg6uSD7Dtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7a51eac08e5e3623-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21667993-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aa1866e8c4656ea0e90d47e35c92fc59b2e59a09bccb7e2141d047e80f0c79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78905
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 50ms
13ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21667993-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 07:19:39 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 09:19:39 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 80ms
10ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.kinoafisha.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.kinoafisha.info
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 09 Mar 2023 08:23:38 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 78ms
9ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.kinoafisha.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.kinoafisha.info
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 09 Mar 2023 08:23:38 GMT
server: ATS/9.1.10.25

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 79ms
10ms Preflight 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.kinoafisha.info
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.kinoafisha.info
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 09 Mar 2023 08:23:38 GMT
server: ATS/9.1.10.25

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
535 B 204ms
108ms XHR
text/plain 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
833 B 79ms
17ms XHR
application/json 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:38 GMT
AN-X-Request-Uuid: d44b5fa4-affa-474b-9130-1a783f78a5a1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kinoafisha.info
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
221 B 175ms
13ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.35.0&cb=40246474572&lsavail=0

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.kinoafisha.info
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
182 B 97ms
17ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.kinoafisha.info
date: Thu, 09 Mar 2023 08:23:38 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
568 B 63ms
24ms XHR
application/json 104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=641471
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18c3c5da0114c7f2a445b6ec6d651d3816cd3cdf56cf334ef9b04161607f45cb

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1HTDHIXxrua038tAE7jzTbJa5uvoFi7jB%2BcJq6TnmsiXP9op%2BJmQtzMrAoSJg2kyvGyHz5gGf5QCQooZc6feIj8rR4UJhlRqehPciucB0aXUXwk%2FmC4EBIuMGZQMxY%2BhfKb38xS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7a51eac0ebae9ba4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
558 B 49ms
13ms XHR
application/json 35.156.241.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.35.0&referrer=https%3A%2F%2Fwww.kinoafisha.info%2F&tmax=1000

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.156.241.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-241-175.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
accept-ch: sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
x-auction-status: 12, 12, 12
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
290 B 86ms
18ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 09 Mar 2023 08:23:37 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.kinoafisha.info
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 29ms
11ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: dcca52457c1b10aff6d72bc5a6e157d02a57add60df0bedbe63efac38317d8bc

Request headers

Referer: https://www.kinoafisha.info/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kinoafisha.info
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
345 B 29ms
11ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: fa5aa5884605a929b69e0410f7b72ade42d9ef6f51973872d31f4b0ae76cdd3f

Request headers

Referer: https://www.kinoafisha.info/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kinoafisha.info
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
125 B 30ms
12ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c97e2cb6c5f1fca4d1f0731cb9da921c9535d63036ad075cf7724fec9adfac07

Request headers

Referer: https://www.kinoafisha.info/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.kinoafisha.info
access-control-allow-credentials: true
content-length: 84

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
307 B 481ms
164ms XHR
text/plain 195.209.111.15
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.15 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.kinoafisha.info
Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:38 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
576 B 47ms
47ms Image
image/gif 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-1133887-eLWww&metatag_url=https%3A%2F%2Fwww.kinoafisha.info%2F&metatag_title=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.113461

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-frontend: front512005
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.113461
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9937.zDKEchPJ9EWzsONsGZtT9_rtxvp_DLvpR51t0ZLYESqvS-PmxJTnD5ixhEYFjl9G.AjhlNFotw0OXWfb-oTN5a1-0_Vs%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9937.O64I97znjw_S7GQYhDW66Aw7FBHYs9lBbOx34vr1711eEmXliBruVEQVBHPRcAEPqS-x8EoyPvzVUYWTzPklXEmQnYnVYYS2mi6FAIhgJmc%2C.uRgtuwP2h--VBCsh0-ntinz5uEQ%2C

43 B
67 B

55ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9937.O64I97znjw_S7GQYhDW66Aw7FBHYs9lBbOx34vr1711eEmXliBruVEQVBHPRcAEPqS-x8EoyPvzVUYWTzPklXEmQnYnVYYS2mi6FAIhgJmc%2C.uRgtuwP2h--VBCsh0-ntinz5uEQ%2C

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9937.O64I97znjw_S7GQYhDW66Aw7FBHYs9lBbOx34vr1711eEmXliBruVEQVBHPRcAEPqS-x8EoyPvzVUYWTzPklXEmQnYnVYYS2mi6FAIhgJmc%2C.uRgtuwP2h--VBCsh0-ntinz5uEQ%2C
date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 09 Mar 2023 09:23:38 GMT

GET
H2 200 newMSearch.js Show response
static.kinoafisha.info/static/assets/js/plugins/ 3 KB
1 KB 17ms
15ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/plugins/newMSearch.js?5
Requested by: Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20230306115603deb837bc1065772f3c610d9a9fa92e4f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e52ed875f727b75380e284e0fd4a241e2b760f87b2489fbda68ce5d578512e6d

Request headers

Referer: https://www.kinoafisha.info/
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 01 Jun 2022 14:36:35 GMT
server: cloudflare
age: 2923129
etag: W/"62977973-b04"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eac12be1bbbb-FRA
expires: Sat, 03 Feb 2024 12:24:48 GMT

GET
H2 200 FilmSlider.js Show response
static.kinoafisha.info/static/assets/js/plugins/ 1 KB
597 B 15ms
14ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/plugins/FilmSlider.js?4
Requested by: Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20230306115603deb837bc1065772f3c610d9a9fa92e4f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75303046884e18e0f63d9a587ccd73cbbd3f1eb37a90c1c799e48906ed614585

Request headers

Referer: https://www.kinoafisha.info/
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Oct 2022 14:50:03 GMT
server: cloudflare
age: 2920152
etag: W/"633eeb1b-539"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eac12be3bbbb-FRA
expires: Sat, 03 Feb 2024 13:14:17 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/ 361 KB
119 KB 144ms
83ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1644183505536739&plah=www.kinoafisha.info&bust=31072926

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c84ef71fee12c3bbbb057e178309ad301d2193eb48acd13c7683e7c7b792f6c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121631
x-xss-protection: 0
server: cafe
etag: 17318553166630864131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:38 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/ Frame 09E9 10 KB
5 KB 105ms
28ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230306/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 81363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 09:47:35 GMT
etag: 2378337311435320485
expires: Wed, 22 Mar 2023 09:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
313 B 7ms
7ms XHR
text/plain 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.kinoafisha.info&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:35:50 GMT
via: 1.1 e1f996a9009532eeea33edfd32ef3240.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
age: 10067
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.kinoafisha.info
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: hVAcN7DM0dMq2P8_2GRJJe7lsZq3BIsWbMjU-Rjr0hxJMTaV7udh6Q==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
465 B 123ms
47ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.kinoafisha.info%2F&pid=t8OzWbw7A1kwb&cb=0&ws=1600x1200&v=23.303.721&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_449181654%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x400%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_MIDR_300c%22%7D%2C%7B%22sd%22%3A%22notsy_container_957995369%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x400%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_ATFR_300c%22%7D%2C%7B%22sd%22%3A%22notsy_container_438815351%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_INC_970%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: EVVXDPXSR3KHA1SP9M78
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kinoafisha.info
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 4RZ35nnyAhkmpAdhXDu4LL10DxokDXz19Od87uFafZz8wCEwQ41XPg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 23ms
7ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: XEGmc9MeWOPeqjC.bMBvPzs7I4WH7xPz
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Thu, 09 Mar 2023 05:31:11 GMT
x-amz-cf-pop: FRA56-P6
age: 10348
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 03 Mar 2023 23:20:46 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: NH3wXRbDeqgMvv9B4hgZGFtzzs1AJOy-g8CL4lXvpvU-B-zsnS8ULA==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 46ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3GNTWFZ027&gtm=45je3360&_p=1318471940&_gaz=1&cid=167482201.1678350219&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678350218&sct=1&seg=0&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 46ms
16ms Ping
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3GNTWFZ027&cid=167482201.1678350219&gtm=45je3360&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 59ms
25ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3GNTWFZ027&cid=167482201.1678350219&gtm=45je3360&aip=1&z=656061632

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
148 B 21ms
20ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1318471940&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=710418640&gjid=366485942&cid=167482201.1678350219&tid=UA-21667993-5&_gid=1809659937.1678350219&_r=1&gtm=457e3360&z=1063239400

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 13ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1318471940&t=event&_s=2&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wink&ea=sticker&el=show&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=167482201.1678350219&tid=UA-21667993-5&_gid=1809659937.1678350219&gtm=457e3360&z=1562107851

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 03:23:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 18018
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 507562523587.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/1/9/6/8365691/ 23 KB
23 KB 19ms
17ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/1/9/6/8365691/507562523587.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ea2e712be5ea8e927f94aa6eb5cdfa9466ac2205ce1aad52ada70c605b1063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 01 Feb 2023 12:25:06 GMT
server: cloudflare
age: 2922206
etag: "63da5a22-5c84"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffc98ff8-FRA
content-length: 23684
expires: Sat, 03 Feb 2024 12:40:08 GMT

GET
H2 200 976993976275.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/9/0/8368094/ 17 KB
17 KB 18ms
16ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/9/0/8368094/976993976275.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7f3e71876e4322338f5656ce56baf5381a02564b2dcb1058c35d48f99aa68a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 11:30:04 GMT
server: cloudflare
age: 1888421
etag: "63ecc23c-4566"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffcb8ff8-FRA
content-length: 17766
expires: Thu, 15 Feb 2024 11:49:57 GMT

GET
H2 200 182276101635.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/6/3/8364364/ 19 KB
19 KB 22ms
19ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/6/3/8364364/182276101635.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb9193ce25e73ed5a76396220994b8b509d110113fd14a28a399e6a4f6fe35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 12:28:15 GMT
server: cloudflare
age: 586159
etag: "6400965f-4b14"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffcc8ff8-FRA
content-length: 19220
expires: Fri, 01 Mar 2024 13:34:19 GMT

GET
H2 200 988276297399.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/7/7/8/8103877/ 12 KB
12 KB 20ms
18ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/7/7/8/8103877/988276297399.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ffd0fe616375c62a7e4924119f4b7dc8800fa453c118b26a15df4ab34009eb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jan 2023 08:45:39 GMT
server: cloudflare
age: 2922355
etag: "63d0ec33-3074"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffcd8ff8-FRA
content-length: 12404
expires: Sat, 03 Feb 2024 12:37:25 GMT

GET
H2 200 144520486606.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/4/6/8364644/ 18 KB
18 KB 20ms
18ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/4/6/8364644/144520486606.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39a39748b8feb8574caf0d6d5d3a846532ef6a5fecaa61b0001e799578ee4e40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Tue, 10 Jan 2023 06:51:42 GMT
server: cloudflare
age: 2912775
etag: "63bd0afe-46be"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffce8ff8-FRA
content-length: 18110
expires: Sat, 03 Feb 2024 15:17:23 GMT

GET
H2 200 944541631166.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/8/4/9/8367948/ 19 KB
19 KB 19ms
17ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/8/4/9/8367948/944541631166.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 848d8ae140a91bcc82249732af4294a6cd669e5caf1e4d616eea538067e84877

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 07:02:18 GMT
server: cloudflare
age: 608822
etag: "640049fa-4c16"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffcf8ff8-FRA
content-length: 19478
expires: Fri, 01 Mar 2024 07:16:36 GMT

GET
H2 200 696356784892.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/1/0/9/8368901/ 18 KB
18 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/1/0/9/8368901/696356784892.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8da2229422a25a821fa5dc543ad5a82b9d9ea2ff7959e4899ae1a8404cf18350

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 08:15:15 GMT
server: cloudflare
age: 2917187
etag: "63bfc193-481a"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffd08ff8-FRA
content-length: 18458
expires: Sat, 03 Feb 2024 14:03:50 GMT

GET
H2 200 410762098117.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/7/3/0/8361037/ 17 KB
17 KB 17ms
16ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/7/3/0/8361037/410762098117.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7e169d23ae5ecb929e86545809fadedfee687f1c34bbf96256859f10fa94f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Wed, 25 Jan 2023 09:44:20 GMT
server: cloudflare
age: 2922057
etag: "63d0f9f4-4222"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac1ffd18ff8-FRA
content-length: 16930
expires: Sat, 03 Feb 2024 12:42:33 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 17ms
16ms XHR
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-21667993-5&cid=167482201.1678350219&jid=710418640&gjid=366485942&_gid=1809659937.1678350219&_u=YADAAUAAAAAAACAAI~&z=148988271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 08:23:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 XHR.js Show response
static.kinoafisha.info/static/assets/js/helpers/ 2 KB
799 B 16ms
16ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/helpers/XHR.js?2
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 425a93feae79c0808f131cdd0d448df52229d6c385a287e368772984bf328787

Request headers

Referer: https://static.kinoafisha.info/static/assets/js/plugins/newMSearch.js?5
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 14 Jan 2022 05:57:27 GMT
server: cloudflare
age: 2923110
etag: W/"61e110c7-717"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eac23d24bbbb-FRA
expires: Sat, 03 Feb 2024 12:24:59 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 135ms
53ms Image
image/gif 2a00:1450:400d:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21667993-5&cid=167482201.1678350219&jid=710418640&_u=YADAAUAAAAAAACAAI~&z=148455468

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 27ms
25ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-21667993-5&cid=167482201.1678350219&jid=710418640&_u=YADAAUAAAAAAACAAI~&z=148455468

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 MySwiper.js Show response
static.kinoafisha.info/static/assets/js/plugins/ 9 KB
2 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/plugins/MySwiper.js?32
Requested by: Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20230306115603deb837bc1065772f3c610d9a9fa92e4f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b769bb553e828a3d6190ab67ada3f4f01e3cdc6c5ac270b7176fbddd011ba026

Request headers

Referer: https://www.kinoafisha.info/
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 31 Jan 2023 14:29:57 GMT
server: cloudflare
age: 2918060
etag: W/"63d925e5-25ff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eac26d62bbbb-FRA
expires: Sat, 03 Feb 2024 13:49:16 GMT

GET
H2 200 swiper.js Show response
static.kinoafisha.info/static/assets/js/plugins/ 305 KB
58 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinoafisha.info/static/assets/js/plugins/swiper.js?2
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b238bd57150d1e00add029f25524829bcf5e9823ecfdef62c70adcef9fa6087

Request headers

Referer: https://static.kinoafisha.info/static/assets/js/plugins/MySwiper.js?32
Origin: https://www.kinoafisha.info
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 08:34:40 GMT
server: cloudflare
age: 2918019
etag: W/"62304fa0-4c4b6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 7a51eac27d8dbbbb-FRA
expires: Sat, 03 Feb 2024 13:49:59 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/28763351/
Redirect Chain

https://mc.yandex.com/watch/28763351?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-...
https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...

482 B
592 B

55ms
55ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A34958924401%3Ahid%3A749924939%3Az%3A0%3Ai%3A20230309082338%3Aet%3A1678350218%3Ac%3A1%3Arn%3A763377665%3Arqn%3A1%3Au%3A1678350218838470480%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A56%2C19%2C202%2C113%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678350217654%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678350219%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

630ba185645bfcabac41bc349aeab2f6694988f3492c42fa3fdcfe39cc3d143a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 09-Mar-2023 08:23:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kinoafisha.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 482
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 08:23:38 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 08:23:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afp%3A528%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A34958924401%3Ahid%3A749924939%3Az%3A0%3Ai%3A20230309082338%3Aet%3A1678350218%3Ac%3A1%3Arn%3A763377665%3Arqn%3A1%3Au%3A1678350218838470480%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A56%2C19%2C202%2C113%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678350217654%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678350219%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.kinoafisha.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 08:23:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
469 B 50ms
49ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.kinoafisha.info&callback=_gfp_s_&client=ca-pub-1644183505536739

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303070301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1644183505536739&plah=www.kinoafisha.info&bust=31072926

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76051ad9e33633d69ed5a970d9e253a48befa58076507d89d05b1a727ec51457

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 128ms
50ms Script
application/javascript 2a00:1450:400d:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kinoafisha.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 78ms
23ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kinoafisha.info

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7AC3 0
182 B 117ms
117ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1644183505536739&output=html&adk=1812271804&adf=3025194257&lmt=1678350218&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.kinoafisha.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1678350218457&bpp=3&bdt=523&idt=254&shv=r20230306&mjsv=m202303070301&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6648358162429&frm=20&pv=2&ga_vid=167482201.1678350219&ga_sid=1678350219&ga_hid=1318471940&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C44777877%2C31072926%2C31071262&oid=2&pvsid=694650881434157&tmod=1844845108&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=322

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:38 GMT
expires: Thu, 09 Mar 2023 08:23:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9937.CBsa8aTdtyGQuvkt_m_VGOQKzjTGxujXeXDzaIYmQHrZBhHCAJiCJaXfXEiLPzes.K06vSU5qZFlkkZv3i4yB9eAtfJM%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9937.d3j5mvHaYCoLlKTmjgjauyFizg-JvwaK6EXg1ynDlSZHlRNvRGEBEYmUXd-lc5rqbA3DVzAe1NR7J22EoaRQf1xNtt4WxVjPnjPfKcBjrkU%2C.94sL-3O3FcuUKr9pW5...

43 B
91 B

49ms
49ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9937.d3j5mvHaYCoLlKTmjgjauyFizg-JvwaK6EXg1ynDlSZHlRNvRGEBEYmUXd-lc5rqbA3DVzAe1NR7J22EoaRQf1xNtt4WxVjPnjPfKcBjrkU%2C.94sL-3O3FcuUKr9pW5BZ1yeZrag%2C

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9937.d3j5mvHaYCoLlKTmjgjauyFizg-JvwaK6EXg1ynDlSZHlRNvRGEBEYmUXd-lc5rqbA3DVzAe1NR7J22EoaRQf1xNtt4WxVjPnjPfKcBjrkU%2C.94sL-3O3FcuUKr9pW5BZ1yeZrag%2C
date: Thu, 09 Mar 2023 08:23:38 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
11 KB 467ms
466ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=694650881434157&correlator=4392341686972866&eid=31072028%2C31072877%2C31068366%2C31071324&output=ldjh&gdfp_req=1&vrg=2023030601&ptt=17&impl=fifs&iu_parts=22193489449%2CKAF_MIDR_300c%2CKAF_ATFR_300c%2CKAF_INC_970&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=300x600%7C240x400%7C160x600%7C300x250%2C300x600%7C240x400%7C160x600%7C300x250%2C970x250&ifi=2&adks=3030838248%2C721358286%2C348627651&didk=2559946300~3215409696~1609035666&sfv=1-0-40&fsbs=1%2C1%2C1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect%26amznbid%3D2%26amznp%3D2%7Cr_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect%26amznbid%3D2%26amznp%3D2&sc=1&cookie=ID%3Da9624ad286b46380-2299c3c349dd0091%3AT%3D1678350218%3ART%3D1678350218%3AS%3DALNI_MbeE3IM6w2R1kKNx8YcE5KJ27H86w&gpic=UID%3D00000bc29f069979%3AT%3D1678350218%3ART%3D1678350218%3AS%3DALNI_MbbUUBraMgGWmqrMXzCqayNVmCexQ&abxe=1&dt=1678350218867&lmt=1678350218&dlt=1678350217934&idt=630&adxs=1165%2C1165%2C148&adys=960%2C330%2C6413&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.kinoafisha.info%2F&frm=20&vis=1&psz=300x600%7C300x600%7C970x300&msz=300x0%7C300x0%7C970x0&fws=516%2C516%2C4&ohw=300%2C300%2C970&ga_vid=167482201.1678350219&ga_sid=1678350219&ga_hid=1318471940&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072877

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7814d007ac1fe3fba84aef4c4a9de3be417219f61a26a120b6cf2cff04d1f9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10987
x-xss-protection: 0
google-lineitem-id: -2,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAD1 6 KB
3 KB 149ms
21ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072877

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Fri, 08 Mar 2024 08:23:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 704466758836.jpg.webp
static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/ 16 KB
16 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/704466758836.jpg.webp
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff65a7a177e59e3aa85326a955e17505286a3db29063472846e5d52167370648

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:38 GMT
cf-cache-status: HIT
last-modified: Mon, 06 Mar 2023 08:59:53 GMT
server: cloudflare
age: 256878
etag: "6405ab89-3f70"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac4aa188ff8-FRA
content-length: 16240
expires: Tue, 05 Mar 2024 09:02:20 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/28763351/ 43 B
375 B 49ms
48ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/28763351/1?page-url=goal%3A%2F%2Fwww.kinoafisha.info%2Fwink_sticker_show&page-ref=https%3A%2F%2Fwww.kinoafisha.info%2F&charset=utf-8&hittoken=1678350218_991b1c67d4d70b3143ecbfd611bfcb7cebe6f348528c81078fb3d5cbc37b6266&browser-info=ar%3A1%3Avf%3A3llbk0t3p8ehu21bjv65f%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A1%3Als%3A34958924401%3Ahid%3A749924939%3Az%3A0%3Ai%3A20230309082338%3Aet%3A1678350219%3Ac%3A1%3Arn%3A212575899%3Arqn%3A2%3Au%3A1678350218838470480%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C373%2C29%2C%2C%2C%2C764%3Aco%3A0%3Acpf%3A1%3Ans%3A1678350217654%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678350219%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(2)lt(21500)aw(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 09-Mar-2023 08:23:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.kinoafisha.info
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 09-Mar-2023 08:23:39 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1318471940&t=event&_s=3&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tracking&ea=source&el=Kinoafisha&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=167482201.1678350219&tid=UA-21667993-5&_gid=1809659937.1678350219&gtm=457e3360&z=1307733985

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 16:42:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56488
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 73ms
73ms XHR
application/json 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230306&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85912f398434038a6c9e357133cc2dace9ad83bc9f38fcbd1de61abbaad36905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11284
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
12ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1318471940&t=event&_s=4&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=engagement&ea=click&el=show_push_notification_popup&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=167482201.1678350219&tid=UA-21667993-5&_gid=1809659937.1678350219&gtm=457e3360&z=1387131418

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Mar 2023 16:42:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 56488
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 245ms
85ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H2 200 publishertag.prebid.134.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 62ms
29ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.134.js

Requested by

Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 18 Jan 2023 01:20:50 GMT
server: nginx
etag: W/"63c74972-162fb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 08:23:39 GMT

GET
H2 200 container.html Show response
06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0438 6 KB
3 KB 14ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072877

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Fri, 08 Mar 2024 08:23:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 64A3 6 KB
3 KB 13ms
12ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023030601.js?cb=31072877

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Fri, 08 Mar 2024 08:23:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 499D 13 KB
5 KB 31ms
29ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54340
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 17:17:59 GMT
expires: Thu, 07 Mar 2024 17:17:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7763 783 B
965 B 53ms
52ms Document
text/html 2a00:1450:400d:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33f9ead7fae54c82646263926dec8ae0308fdf0d4ba1f9db66a45a9726223a44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fsEv0L3CSs1odMnM9n-iLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-fsEv0L3CSs1odMnM9n-iLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Thu, 09 Mar 2023 08:23:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F922 624 B
246 B 65ms
63ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnR0-gDEMTh6uwDGLzSuOIBMAE&v=APEucNW6ysG_Q5qIk0vvAeum-kJF48FMHSdKRDPhO8iZU8gZdR_rnlNOF74mw_JhzDCCmBohqS9DRqaDZ59Xksb5dsv13LRTktOejn8jdGJ5a9bcIzjPIxNmlO6CzFSaWjbO47uZVy5g-kcjTK1jp2ZG0wM9qZZK1uCBYcfLkEoRw5UHLNNMowo

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Thu, 09 Mar 2023 08:23:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0438 78 KB
27 KB 141ms
141ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0438 42 B
63 B 62ms
61ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BtcRei7qq5T9nxXm6uMkZO6WxvaGVxEuj71d4nKrMO-FGqSVIUhXRFCEFCAR4zs-1D-pJDIINjAgyjmnDsbnXEPEGM1qqYlJgm5S4FE3Pf8JE80MY

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0438 0
20 B 62ms
60ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15209841273206136285&x=1&ct=76

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 0438 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 0438 20 KB
9 KB 30ms
29ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0438 158 KB
49 KB 78ms
77ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CC04 624 B
246 B 63ms
62ms Document
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYipL9xAEwAQ&v=APEucNVA1no5i6tzOR1WrKtQ8mYzGsTBElcq8vtuI4EF5UydjK_lHKGdtYYTRqyVgskQjL988lAJM8quyP61vmvJM6ecN0AtkA6Q7rYnCkG1z663ARKLs8sRae9b2FpM0ehESprnJApN2g7h7XSthBq_0VfT8ARbms7mJHrMpjfUvZHfY6gCVPU

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
expires: Thu, 09 Mar 2023 08:23:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 64A3 78 KB
27 KB 183ms
183ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAK5PmPxwlVIVjqpxCoYmQHm_iHFyTdOQyeyd2V6bWt9ZvqUVAJkzeYPOgJKLVuC78UwgUikf4QrBug_j-CuLWnkHfBV6jXllDRJ5rNYW4V5z_fI0

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 0
20 B 62ms
61ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4780282987154336375&x=1&ct=76

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 64A3 3 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/window_focus_fy2021.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/ Frame 64A3 20 KB
8 KB 31ms
30ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:16:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:16:57 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 64A3 158 KB
49 KB 137ms
136ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 87F9 15 KB
6 KB 44ms
14ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.kinoafisha.info

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 08:23:39 GMT
server: Kestrel
server-processing-duration-in-ticks: 494027
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 65ms
32ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 08:23:39 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 499D 36 KB
14 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:46:05 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7763 0
0 61ms
61ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230306&jk=694650881434157&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F922
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

43 B
766 B

11ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnR0-gDEMTh6uwDGLzSuOIBMAE&v=APEucNW6ysG_Q5qIk0vvAeum-kJF48FMHSdKRDPhO8iZU8gZdR_rnlNOF74mw_JhzDCCmBohqS9DRqaDZ59Xksb5dsv13LRTktOejn8jdGJ5a9bcIzjPIxNmlO6CzFSaWjbO47uZVy5g-kcjTK1jp2ZG0wM9qZZK1uCBYcfLkEoRw5UHLNNMowo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F922
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

43 B
766 B

15ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnR0-gDEMTh6uwDGLzSuOIBMAE&v=APEucNW6ysG_Q5qIk0vvAeum-kJF48FMHSdKRDPhO8iZU8gZdR_rnlNOF74mw_JhzDCCmBohqS9DRqaDZ59Xksb5dsv13LRTktOejn8jdGJ5a9bcIzjPIxNmlO6CzFSaWjbO47uZVy5g-kcjTK1jp2ZG0wM9qZZK1uCBYcfLkEoRw5UHLNNMowo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F922
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

43 B
1 KB

13ms
13ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnR0-gDEMTh6uwDGLzSuOIBMAE&v=APEucNW6ysG_Q5qIk0vvAeum-kJF48FMHSdKRDPhO8iZU8gZdR_rnlNOF74mw_JhzDCCmBohqS9DRqaDZ59Xksb5dsv13LRTktOejn8jdGJ5a9bcIzjPIxNmlO6CzFSaWjbO47uZVy5g-kcjTK1jp2ZG0wM9qZZK1uCBYcfLkEoRw5UHLNNMowo

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
AN-X-Request-Uuid: 0486554c-eb6d-4ac0-a63f-db277791f1ae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F922
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NjkyNzgzMzcyNDUwNzM3NA%3D%3D

170 B
243 B

43ms
29ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NjkyNzgzMzcyNDUwNzM3NA%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 08:23:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7cb24145-b18c-4ef7-af4d-24011c0f549e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTY4NjkyNzgzMzcyNDUwNzM3NA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

43 B
632 B

14ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYipL9xAEwAQ&v=APEucNVA1no5i6tzOR1WrKtQ8mYzGsTBElcq8vtuI4EF5UydjK_lHKGdtYYTRqyVgskQjL988lAJM8quyP61vmvJM6ecN0AtkA6Q7rYnCkG1z663ARKLs8sRae9b2FpM0ehESprnJApN2g7h7XSthBq_0VfT8ARbms7mJHrMpjfUvZHfY6gCVPU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CC04
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1

43 B
632 B

19ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYipL9xAEwAQ&v=APEucNVA1no5i6tzOR1WrKtQ8mYzGsTBElcq8vtuI4EF5UydjK_lHKGdtYYTRqyVgskQjL988lAJM8quyP61vmvJM6ecN0AtkA6Q7rYnCkG1z663ARKLs8sRae9b2FpM0ehESprnJApN2g7h7XSthBq_0VfT8ARbms7mJHrMpjfUvZHfY6gCVPU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDyuzS3OEnR5-xzY881-z5I&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame CC04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

43 B
1 KB

20ms
13ms

Image
image/gif

185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYipL9xAEwAQ&v=APEucNVA1no5i6tzOR1WrKtQ8mYzGsTBElcq8vtuI4EF5UydjK_lHKGdtYYTRqyVgskQjL988lAJM8quyP61vmvJM6ecN0AtkA6Q7rYnCkG1z663ARKLs8sRae9b2FpM0ehESprnJApN2g7h7XSthBq_0VfT8ARbms7mJHrMpjfUvZHfY6gCVPU

Protocol

HTTP/1.1

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:39 GMT
AN-X-Request-Uuid: ae017d0a-fdbc-4c0f-945a-312ee29d99c3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBzyRhWKmNFTjhr34VkL2vo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CC04
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3Mjg2ODcxMzI1Mjg0NjE2Mw%3D%3D

170 B
232 B

30ms
22ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3Mjg2ODcxMzI1Mjg0NjE2Mw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 09 Mar 2023 08:23:39 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 7ae22e7e-6e6a-4b55-b1b5-2a1aecfecc28
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzg3Mjg2ODcxMzI1Mjg0NjE2Mw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 87F9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=kinoafisha.info&sn=ChromeSyncframe&so=0&topUrl=www.kinoafisha.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zHsxFnxJdlhLL3ZwcEpaM3BJb0NoNStVbWZHemNzNXZnK2RocDRGbEZlQ3B3OUZyTU5DMVczT2hLR1I5MHFQSjA0ZFpGN1lNUkxUZnpxRnAzZVFOejhheTNpdG9nMC8rbTlYS0p4aTFJUmxHUjBGZzUvSU5IMHJUbEdjMU...

436 B
657 B

209ms
18ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zHsxFnxJdlhLL3ZwcEpaM3BJb0NoNStVbWZHemNzNXZnK2RocDRGbEZlQ3B3OUZyTU5DMVczT2hLR1I5MHFQSjA0ZFpGN1lNUkxUZnpxRnAzZVFOejhheTNpdG9nMC8rbTlYS0p4aTFJUmxHUjBGZzUvSU5IMHJUbEdjMUYyUlA2ays2WHAyU1BPaFVHRG01TW5qOHN4VUJlSFowdkRyYStudHpReDdHRVN6MVdQcjg5WnBrMXlHckVRem1GOWV6S1JtUXNrcGdZNjAyM3dzSk1qczBDUDFFckI2WjR1YmNBWnFkRVFGZlpVV2pNbzdza09HQTdROEh5eTFBU3VRMFVXS3QvcFlNcERKNzZwSmp0OGdwdlNXaHNXdDdwWnJHeWdhNWM4ZTF6KzFDWU9rbz18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0109f5e876e29d05f16c2ed79f6fa80b1edd04ec5112ae63b4937a75d55c1182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2532902
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zHsxFnxJdlhLL3ZwcEpaM3BJb0NoNStVbWZHemNzNXZnK2RocDRGbEZlQ3B3OUZyTU5DMVczT2hLR1I5MHFQSjA0ZFpGN1lNUkxUZnpxRnAzZVFOejhheTNpdG9nMC8rbTlYS0p4aTFJUmxHUjBGZzUvSU5IMHJUbEdjMUYyUlA2ays2WHAyU1BPaFVHRG01TW5qOHN4VUJlSFowdkRyYStudHpReDdHRVN6MVdQcjg5WnBrMXlHckVRem1GOWV6S1JtUXNrcGdZNjAyM3dzSk1qczBDUDFFckI2WjR1YmNBWnFkRVFGZlpVV2pNbzdza09HQTdROEh5eTFBU3VRMFVXS3QvcFlNcERKNzZwSmp0OGdwdlNXaHNXdDdwWnJHeWdhNWM4ZTF6KzFDWU9rbz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 351699
content-length: 0
expires: 0

GET
H2 200 598401509842.jpg.webp
static.kinoafisha.info/k/movie_posters/90x150/upload/movie_posters/6/0/7/8367706/ 2 KB
2 KB 15ms
14ms Image
image/webp 2606:4700:10::6816:178e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinoafisha.info/k/movie_posters/90x150/upload/movie_posters/6/0/7/8367706/598401509842.jpg.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bfd282d2a437f44ef99b381d15edf9ffa3b6da2fa13152eb7530a62fa0075c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Mar 2023 21:25:43 GMT
server: cloudflare
age: 39472
etag: "6408fd57-8b6"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7a51eac82d5d8ff8-FRA
content-length: 2230
expires: Thu, 07 Mar 2024 21:25:47 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0438 0
20 B 62ms
61ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2356462551732&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0438 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2356462551732&version=m202301230201&ct=76&x=1&cor=15209841273206137000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0438 84 KB
35 KB 93ms
93ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkJADsWCdLAmQ_eiE-o9PnVlYcWn39OF_q9iIosRYH3z-RORWJ5LQdn_qGwnyiRZmQwAPPzs7TcUmCdOZuxTuh5DbOpg&cry=1&dbm_d=AKAmf-AfX33iJGkm92vvVE9sPQmv7d-OxsoUh3WGijpaB2nytKr7TATuKEZBRios9c-rPLka_M_mjPYH3zwB9k4qPb--cBq1dxbuee-tNJuK1Oxh3bq_iim_Dhh8IlCi6o33NHlSS-GNaEwjb9qqVQdKjSx65EgaiSsSKT9BSJ8rrwH17m08153q0KFf5CtrhV28oFBTe1yKnyB_nJba6B57jHkjwfjUrCtWi7j5CQpgKcvutySka71C8xMI7QHZ7LPPaBbddY4aKRka1-5GvAwneBBdqhDLBhlinXdHKxQgZRuj9HRGcFak_UmPogoIX-Rgd_hohtF3ri_T0dbdTjnvRYxnZeeukOPx9mlKLh2yPzbW1rnxneYIRQ_n-GbD7C4vdv0kNdgF3AeJKIb2zGTL2OLmUlYdYcA1yfoEDVqhrkCRlC1yqlrQEdLbs7goWy157zLNyOHJt69VS6cVsJsUeSY92Z5bt1thLjBK7rdqsLZ1vBWuZJ0p3AM38MILX9ATHJMsdTsIRtyIBfUSiVzwXpKlzlVK2E19fSwg-gqRjxjxCvrT9p7vAGIIB9REeMlWMO2HtTc9H8VjrlqwlT5g-kmbYIDCbVPQ01yrftWJnNghEjr_RqdpijXyx_Njp2q2s2bKI4DE2x2Uh29cz0ZeT-ejYzqA_9Wt4jU-qYxmHBFQkpYsAgxstw-chHf3HLk8kqqwfsCGLJ4fZ_8AOMI3UvTVtG7Au64vgQFl6tCFQA_6NvgYHJ0OPJ0AHqJxBEffHgxBmGk4VpyQzj3kkKKVh12BRY2pUbN76CkFsL6IoIxmr2TJyjM6KZEE-7IrRmGbphsgDaV8on197V-4lpGY8DC70K8Ddii5d9Lg9GtJrPhz4APs6Yjhgy0Rg1TBmfbfvT-c8zyTYrtCZdJMoCShbPTdUMSiQ0BpmiVq1hMAA8pMaFLKAiuj8Wd7z7jdQEU6Fli0OirpRByYaXCtqwzZ-q7yRgOTo3qntsPWOJhzbkFcsbZ0kQpA7lyVWQ_GJ7Za0gxDZwIktNNnEplXqhpI7gC9_gIgoh5hR0ABSAigxsAIsjdaOIlEOp9oZjTKuDDWYnjJsVsBjYGGPZiwVr5jzOjcj3SiCEYSjZBvcVwt6Ut1WdsgxgfVxusz5f7j7vJdZlLku_5rRNSfgW_LvNvLIBqHdnBBhF6bfmkijoV5vwMePUcleLi-Ut-bf50K0C9F8vzMYADXNK_nsAGKHd8dkoc_xtpMkmaKKfSAOjqQOSWd7vOSXTegnEKJwpKNQUxVx29_GYQ3DNzTvfKXBkVwY94ss4V8usUGln18PvOg2xpOP7ZZCLkWDcz2VDiLmDYDCr9vONHjDilKx8wD7T1mIkIJLmD6IqCE7ILOT0brDvgs3oYkO7aN1dfDx03UTbc4_LSPqluY-VIbeMQYtUWAOdpp336Elhj4nAdCkLzYmHDtakCpGemVoQ9y7vj1Mi_iGMFEWbU9Is21QIihyVgr0O4Bi6gsF6Bm6iDnZNTrvxGRUiUhZKCU9yhps9DFPARl3qV17qwCtW8m6crNWfpxh0gcG1i7lpEOicOqrxpFjDP9rfa3LKkRqgnfPZdL05dMZJjzFpaaYdDkRZlImVv8iKqL44CoVyF3S0Azhrn6IE1NqJquGqycmMDop90yoiKZ1BFvIZ67OjjXXXV2FEQ2yzwH7KwG6TmlRr94b6OcjGWEoO0lRxflB30ULi-cnRyISjDkFiaDwh1kSJraqHiC7wIGQDy9EKfKEBRHx-FHr4Z3E2sOkJyKciuG2xInNuUFYQ86222gx8-Dj9ep-gXKZhhWq5w1M3XlueIFB5BT8CWSXn3VnoCHbrjU8O0taK9lIuPar9cVmBP8Avl6ElXQV4A0qXN7GeGqljej-koCFjEMGFyThxJqc60fR-j5ZLfuZchTY289O6X7TwH9WxK1t9vWH86TmSWCbLZlWwxycrw54cbKNSG2XWq-sm25-9PrWqdvez7b6QT3Q98jlfNwt0SyR_qOdYNQ93vnjnm9qr6xXwx7T7G5iLeKByJ-9JEJaiLbODfJklHYCexHHZDtcXaYS6PbVSTyMbkUpsSFxnCx7LQ64D1IVXhglnUfQ4UmgpeM5izU92646-mfWCVTZdNaBtSjhLQIBf6FAE5up1t32vyhdlagA77zujUJpFDH40elrJxuNdjV7C-6THivuaKE7Nft_8ARL4u8zVUj16_NZNtBt-h4n1oEzFimVhJKDDvaiJlDVrxIBvPnO57Oq5oqpc60YRG_-36cnKHdaMI_NpVdr58AJNYjYuZI_FZakxOYn9SpNCrFNJczEBCI0tK6SuvOf4OngbDexZs8pd9B6J77n-yK2dihAinEudDaMMRci29Wn4jw2-xG9MPSjdS-TxsY06X1_NrbcD1Pt0OpDipglrAZ0j-S95thbW54GThunTRZzYj6DOE0F8hgDcT9hLAW4mxhie-jnCyvlQ-7aieOBtqp6wcd5iiGjQs3DFkj9xR376TriOf7dWVltA5j2dBKRNFW2NB_lOtEEMrLVs1x0nNXnHN_ZQlG_0G1lH-mORl1G2XXMAHrdFuWEDnvE1up06TG9e2lu_C1RA63qWmxQ61Zhe8uI6V1nk8Z6fMRvyrFhJObO1MQrZb_2Lf6znG5m6v1BA6YVUtHTU49csZ8qYabQGPJ9CfKJ1mCJZLptBckyc9SgnSE5bOVPUus5CXEnaRluIyRbC-9ghsyB286FmHYpdqEI3AhDolN5taofrjJ-Vf_7V6mw4hsw0EJYBa34nzs4sAzjT7rLFaQ5bKzUumsyyL_rjTT3ZUNYcnocpDBgclJHv_DraJtTEDb8Z38rsG6XgFZCj4H3ILdxdmLDX_wpP1yrWWlM6G-lEWxGEPgPBNKlZhGciC18q63_2rkVCEPUSxFDpe6Jez2bWo37DAAKxfj2_VRRDzooIuIJvii73PnpwQzTjM31v5JLZGL7BCLFagG4GYolwhOHCsflBgkHwm2O-oqMFCFxsWUimLF5bC_El7PXWHzMwaLo5msp5UVNzm9181mDsmyx-TiZmqQwptvTu2DgEvwnyJb50xS1myRYzdwZM8BnNqYk3K6P1O6BDB1yOjXhEpnmC49Y3UGJfROIxym_cB9ooMb0TIUAflJOYJC_99xrBkyrrnW-Kx33R0FUoKMrmypZUtAgq-JL0ITyIeEKM2QIHtX0t4FcLDjdnK4YJkkkDpNAstgVyys5LnIBIHyggVovT2WWhGgnNX6TCUnaBJq1_cNU51_Kth52v39QX1rUyvtwMPwAATUre1EjUwbxUW3Fda4iRpzc-laqxirf66QUH7vIGIh-iFE8SK2sb1kFMlnDwskcGKte6FsUP74KJhrNYO08MTQkchgCJWalz5sZsBo9ROLcxNwmFx4JACTSc3ykWPZ3w&cid=CAQSTADUE5ym2aAVusXtJS4MzDTNgMXkjbznDvuu0Fk9JwwRdhRZaWjr1VLkZZfvsQyDwWOeAeM1uoHl7nuGVQjobfwo40GKzMJy1QfFsWkYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kinoafisha.info%2F&ds=l&xdt=1&iif=1&cor=15209841273206137000&adk=250412560&idt=148&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71b1eedb435ff26e9c35fd17ffda52d1401203ff4b254aa7d4c266374dac8d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 499D 0
10 B 28ms
27ms Image
text/plain 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6TBXZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 0
20 B 63ms
62ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1607575582475&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1607575582475&version=m202301230201&ct=76&x=1&cor=4780282987154337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 64A3 96 KB
38 KB 156ms
156ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBMq1RAioa4QqWj93rQZesLcAdX8k_HONd7CGwjzuNKgR1nEiCNvZkKIsbV4aGu0BgnQxRV5Mfi434RYqb_ATnLCF7ZJULjzDtzNZquqKh8nIZKJAdEUWaU5AI77Ypy34KtTDFrg_8U9EaOO-Q0U2Nuqay2lnU6e0ihgM4rb23kL-M5IE&dbm_d=AKAmf-CDDy3E2vpg1v06GMeBpe6xAfyCqsk45_B27q5P8NfvG_wpt9c1zpGBmSqz0cwnBI7HBReEYsDZXchO6gVpVKxNDJdLZLmT9jIXGabEh_I4qwjfJ9b6RSKF4q_R2wPb3ziR0rKTkHKHshNZgEi1AuV0stDBW_qdKrNMrU_4mM8luxQ08cvTFJi5mK2gQcGuuiWVwdeq0SJD8qmhNfan9A3ofwYM31-2L1Fdqo1fG7HhLCgPB7DaLh8x5Xde8HEk2iULeycIbWWjDQu9_ys6Ag69qMBBh6cx-i3fKkWLo7d1s_b3xa4JTawhpC2CDdvrKlf1A3Cva_NQXeq83rXdTwofh218KnBe5iu873vLMjA7XMHYs20warEQVHT9g4otIYiEpv5fooeubcubgdWb7y_522flxkhfBO_IaQk0dQhzxm5k3Gg3lC492vXp81ElDPse-F5vwpZ2JmpmfHdkhcKMfQDeHe0gW1PPnalKYoQOWkzstjD9a771NWll3FlJA-B7yDRwrRPpOyPM8_J3DY7npG9CcGcsYVhqxjf7NZVaXt9Lxe3X4CYP1kr1jkh7dWl3ygLF5cktupsSuWyS2a_Nc6oMeEdyrZg23Cp1Melq55ZBhb1tCIVsxe6BHsMINHud_o2cuGEw0YR9zfCxQcGuR8NpQr9Bjgs7eQdPdy12moNqvKS0a-Sm3wJ7CQNyDy5RBaku8lfsftakaU__LnIEb-b8ZZIQ6LACvMC7G9xujFTdnQqdk07g09c6lZRgxGpNGhF0SuUAY9e60B5wtcL0uPoL5m16UsOcVEUfJtsRuGCVdS5saxVod8XpWEAWfLXK_h62JQOT1h0e2QrO_9GuwDAEPvER0Z5xtdPlWhfxrXfhDgPi37Gb5rPvBgMWu80Qi7ItjbN7raN2yuIAwCEMT20CQebpeONFpWLuNjmng1Xd09311Vw8kll4jnUmiUv-x16Ev90l_r3lZbclJCR3Vaz6oy6DI_CPhiQEz23gDf6UJNzk0JNobsnC8Yj5KIotNHAz2KYDasxhzVxU7mSYIpZ0EFw0RgzaCh3UUO-Md7-150Pm1aDS_n5_Qo78E0PGB7eSprR5s3eV5ItFrYLFOhRnLBeFVO4tbAzyPMtBzkP971eqJztiqjyiYJRRvxtHbF_J6MSDOHyepnNsL0Qa2g7E60AUyafIsAtQRuWSkuDAbwiPj7nlIqN5nSAkDvpJApS-sqjSc-4DORXSMupV_M1q1qfVmFFF7CijD0dHJDKbk9BguQ5S99dU-W-6U8NF6S0Uilph1SVAOk1sNz8pgC9382e7wtM1Pt3DmlIEmfFJ6HlriGkqIif5jmNPO3fHHDRUO465jW6BP_Cr_Ew2NnB1Ym6_9ZKlDZAzi65zAIXFpze_0gxgfOZPfIEE6FaoNmYe86bt4OXFbkpMgZBxfTXtBOen5c0fv_l8XsK8p2Z9RJAKO7WJJVRD9pDKe7932yVYKVePl06tjJYprd9Gn6Av_D8L3Dsl_FkGFR6Szhz2j1srL0rbmZgKUDXlV-qvzt0sHoX_p0KHfw60abOmjoZEgu_mPlRBJO9ngM3n81Ph-CoT2T0OlnKm6g9DvXZmy8lHN0DveJsO1_Np9U1PEB6ap9O73b6rASwqCkQSrNH67VweK82M3wm3RpxsaF98UToVqmkKW4YSgm3N5V6hpxa192uz6Q3G_4ZamRZ5PSyhG8w8a7d3QFoY5gvgWYzdurmI8W5vkKLNP-0-RcKCpzvjxQ--ejvOi5yoCoyKUDCx9ZJrnTwgggPURMgl5n1Rw7lf-bVDH6oUAgT8W2oMXCveCWIJqTOKFkuUafaWbczjzt4KlvXpH1WE8OP6T4dF_coRyJCR96tMhyhD1iadUq5WqhBjdZ1IOCbIIF9vL5DgLwdKmvB-X3OzBg06pmjSn_Ja1gyaOUVDZ11s353q0qSm0QfEgvcca-h0-4C387QZfWYeV0LskeVNYwhS2u1fLcN7pENm5KtdqRumY0R7PB_Tsx0WfdkhMxAfIUui-1yh0q3Fmjb5xNRH0wv15jEgMs5TJVQhQbzySdtpsHmptyXhX21k1paKQbHvX0pNOAxtnwOV0UbPjyKx83f4UIkp_BZ0e4uYpnL7bp6VdPlpI-IoxfCDk_kLDXqjvd7B-WafL1M2G2Q886k4k7XCxn_2sGIOtHfdik-apIoYglJEQIiH-gkcNO2vjYu2ivjWRHOaM5A6CiuVns-uiVaatzYrYgK0aqbOJEv6pTnOBxYLg9_CFGiXdubYDEXiTd8tr0JghGiL2VSog0YeBX7K5-POYqKTr8B6rsXG8EYNf2vp2UkwyCsNmreoi7SlXFxJkvP1Y1BaK0qMn3gHpzuf5m2RmTqeIuA9ndzcSQhiFI-ONVXKISBQHaCTJ9M_P2_4Oe60h6sMnK6vjb_JFmAM0n7ovM-3vz4BRAJQmqT51-E6IGQQWBIi_0NeZpemf87aqDYb5edxgCuIc-5B3F-mh-68f608Ntl_PNqKlx-PvuWfb3jlB8_osTr1cfQlVavU4oPXcnuOiGimMCfggZhSj3zU1x_7Bv9x4IkJQFerSaFZNalcG4c66pl2Op3snkjYYbrQSGwW9lOBDIeKYbO2C4Dsm72mFTAHKGpDnUzEEYtCMA3kdlr1ZwuuV3EupHHtVty-uidX6ZQm5GJOn-xvfwtLIRnZwZCeMWetPlox0BprDT0pAnlwllde9Jqs3ZC9BqtkNVXJ8Wbo22s0sK92_2uXqx3s03v89klKPiXyAjEjILeCcu66BTEHCQxXKYGBVmWZcWtmkU5u-I0jJCiZD6STm76clA_-a53am3tnyixbCtzHQHdwhMfIRXZietae4Syb-UNbn7xCmVWYUPrL4P0bIk3MyKuHeAodgCKCG78KbJWcsY6g81cZot_qZblQy_Q3h9d6qTlfhHrGAqktcG-xctOGMGxj-TWhCj1V6u1ERLs0NQg9OokF4P27wN0uLx-tnnEobDfpf7tubeeWas71pzEuuDS2AYOrkBzKfBxq4cEyMhSE9S0F6Hir5o4x5w60-GAhgDI3phKX1RYpIZy4X5EbilHv0cQG9KzbKHoIHq0r8IAKs5ur9wHwODrrRG-fNh4wTmturcLldVJ2dbPmvNQXdurC_V2oS7WvjbS_sAhGniHoQBf43baLfyHpjoVu8cA7ERMDqdooZrC6zvnJanlqq3qvDggAaPbNGC4eEqJr01ZWDej_xsj3Fwg0zdD7bHNcK0DI6TuZompaKA3qCxnRrHM8xL2AUi6m1PPzJD40CuMHGYDJvB-JTcAfg8kYi7swQ0LSDY9XdCHXXOeOUz1lfD10wmeO6Qr-JRcy5JP5xVUflUGHm6vDvK8obB0qKV06IoPI7UT24gz3vnYN5qq8kgURlyjv76fItCRIFAUOvgRwXKK5PSdCs85Ok5dhikux8ySdbeioOWVY7w9Fa6Y_yK0MIQfqC-EPmYxdd7kRZYFND4Raw1-vCEp2BaTiSrhHZGSf94XZVGQNZbTVb97kXgmgLXPRyqrV-H7oATq7InvNlqazzM2f9Uq-jgDPU2JBFXkV3FvnqQpVpv1yFKCf&cid=CAQSTADUE5ym2aAVusXtJS4MzDTNgMXkjbznDvuu0Fk9JwwRdhRZaWjr1VLkZZfvsQyDwWOeAeM1uoHl7nuGVQjobfwo40GKzMJy1QfFsWkYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kinoafisha.info%2F&ds=l&xdt=1&iif=1&cor=4780282987154337000&adk=1964084972&idt=191&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00376c0c805d0c110bda492afa68de626789b4bc7fb892579cf701519c5aca4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38764
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 0438 106 KB
37 KB 46ms
12ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Origin: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 07:16:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 0438 8 KB
3 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AkJADsWCdLAmQ_eiE-o9PnVlYcWn39OF_q9iIosRYH3z-RORWJ5LQdn_qGwnyiRZmQwAPPzs7TcUmCdOZuxTuh5DbOpg&cry=1&dbm_d=AKAmf-AfX33iJGkm92vvVE9sPQmv7d-OxsoUh3WGijpaB2nytKr7TATuKEZBRios9c-rPLka_M_mjPYH3zwB9k4qPb--cBq1dxbuee-tNJuK1Oxh3bq_iim_Dhh8IlCi6o33NHlSS-GNaEwjb9qqVQdKjSx65EgaiSsSKT9BSJ8rrwH17m08153q0KFf5CtrhV28oFBTe1yKnyB_nJba6B57jHkjwfjUrCtWi7j5CQpgKcvutySka71C8xMI7QHZ7LPPaBbddY4aKRka1-5GvAwneBBdqhDLBhlinXdHKxQgZRuj9HRGcFak_UmPogoIX-Rgd_hohtF3ri_T0dbdTjnvRYxnZeeukOPx9mlKLh2yPzbW1rnxneYIRQ_n-GbD7C4vdv0kNdgF3AeJKIb2zGTL2OLmUlYdYcA1yfoEDVqhrkCRlC1yqlrQEdLbs7goWy157zLNyOHJt69VS6cVsJsUeSY92Z5bt1thLjBK7rdqsLZ1vBWuZJ0p3AM38MILX9ATHJMsdTsIRtyIBfUSiVzwXpKlzlVK2E19fSwg-gqRjxjxCvrT9p7vAGIIB9REeMlWMO2HtTc9H8VjrlqwlT5g-kmbYIDCbVPQ01yrftWJnNghEjr_RqdpijXyx_Njp2q2s2bKI4DE2x2Uh29cz0ZeT-ejYzqA_9Wt4jU-qYxmHBFQkpYsAgxstw-chHf3HLk8kqqwfsCGLJ4fZ_8AOMI3UvTVtG7Au64vgQFl6tCFQA_6NvgYHJ0OPJ0AHqJxBEffHgxBmGk4VpyQzj3kkKKVh12BRY2pUbN76CkFsL6IoIxmr2TJyjM6KZEE-7IrRmGbphsgDaV8on197V-4lpGY8DC70K8Ddii5d9Lg9GtJrPhz4APs6Yjhgy0Rg1TBmfbfvT-c8zyTYrtCZdJMoCShbPTdUMSiQ0BpmiVq1hMAA8pMaFLKAiuj8Wd7z7jdQEU6Fli0OirpRByYaXCtqwzZ-q7yRgOTo3qntsPWOJhzbkFcsbZ0kQpA7lyVWQ_GJ7Za0gxDZwIktNNnEplXqhpI7gC9_gIgoh5hR0ABSAigxsAIsjdaOIlEOp9oZjTKuDDWYnjJsVsBjYGGPZiwVr5jzOjcj3SiCEYSjZBvcVwt6Ut1WdsgxgfVxusz5f7j7vJdZlLku_5rRNSfgW_LvNvLIBqHdnBBhF6bfmkijoV5vwMePUcleLi-Ut-bf50K0C9F8vzMYADXNK_nsAGKHd8dkoc_xtpMkmaKKfSAOjqQOSWd7vOSXTegnEKJwpKNQUxVx29_GYQ3DNzTvfKXBkVwY94ss4V8usUGln18PvOg2xpOP7ZZCLkWDcz2VDiLmDYDCr9vONHjDilKx8wD7T1mIkIJLmD6IqCE7ILOT0brDvgs3oYkO7aN1dfDx03UTbc4_LSPqluY-VIbeMQYtUWAOdpp336Elhj4nAdCkLzYmHDtakCpGemVoQ9y7vj1Mi_iGMFEWbU9Is21QIihyVgr0O4Bi6gsF6Bm6iDnZNTrvxGRUiUhZKCU9yhps9DFPARl3qV17qwCtW8m6crNWfpxh0gcG1i7lpEOicOqrxpFjDP9rfa3LKkRqgnfPZdL05dMZJjzFpaaYdDkRZlImVv8iKqL44CoVyF3S0Azhrn6IE1NqJquGqycmMDop90yoiKZ1BFvIZ67OjjXXXV2FEQ2yzwH7KwG6TmlRr94b6OcjGWEoO0lRxflB30ULi-cnRyISjDkFiaDwh1kSJraqHiC7wIGQDy9EKfKEBRHx-FHr4Z3E2sOkJyKciuG2xInNuUFYQ86222gx8-Dj9ep-gXKZhhWq5w1M3XlueIFB5BT8CWSXn3VnoCHbrjU8O0taK9lIuPar9cVmBP8Avl6ElXQV4A0qXN7GeGqljej-koCFjEMGFyThxJqc60fR-j5ZLfuZchTY289O6X7TwH9WxK1t9vWH86TmSWCbLZlWwxycrw54cbKNSG2XWq-sm25-9PrWqdvez7b6QT3Q98jlfNwt0SyR_qOdYNQ93vnjnm9qr6xXwx7T7G5iLeKByJ-9JEJaiLbODfJklHYCexHHZDtcXaYS6PbVSTyMbkUpsSFxnCx7LQ64D1IVXhglnUfQ4UmgpeM5izU92646-mfWCVTZdNaBtSjhLQIBf6FAE5up1t32vyhdlagA77zujUJpFDH40elrJxuNdjV7C-6THivuaKE7Nft_8ARL4u8zVUj16_NZNtBt-h4n1oEzFimVhJKDDvaiJlDVrxIBvPnO57Oq5oqpc60YRG_-36cnKHdaMI_NpVdr58AJNYjYuZI_FZakxOYn9SpNCrFNJczEBCI0tK6SuvOf4OngbDexZs8pd9B6J77n-yK2dihAinEudDaMMRci29Wn4jw2-xG9MPSjdS-TxsY06X1_NrbcD1Pt0OpDipglrAZ0j-S95thbW54GThunTRZzYj6DOE0F8hgDcT9hLAW4mxhie-jnCyvlQ-7aieOBtqp6wcd5iiGjQs3DFkj9xR376TriOf7dWVltA5j2dBKRNFW2NB_lOtEEMrLVs1x0nNXnHN_ZQlG_0G1lH-mORl1G2XXMAHrdFuWEDnvE1up06TG9e2lu_C1RA63qWmxQ61Zhe8uI6V1nk8Z6fMRvyrFhJObO1MQrZb_2Lf6znG5m6v1BA6YVUtHTU49csZ8qYabQGPJ9CfKJ1mCJZLptBckyc9SgnSE5bOVPUus5CXEnaRluIyRbC-9ghsyB286FmHYpdqEI3AhDolN5taofrjJ-Vf_7V6mw4hsw0EJYBa34nzs4sAzjT7rLFaQ5bKzUumsyyL_rjTT3ZUNYcnocpDBgclJHv_DraJtTEDb8Z38rsG6XgFZCj4H3ILdxdmLDX_wpP1yrWWlM6G-lEWxGEPgPBNKlZhGciC18q63_2rkVCEPUSxFDpe6Jez2bWo37DAAKxfj2_VRRDzooIuIJvii73PnpwQzTjM31v5JLZGL7BCLFagG4GYolwhOHCsflBgkHwm2O-oqMFCFxsWUimLF5bC_El7PXWHzMwaLo5msp5UVNzm9181mDsmyx-TiZmqQwptvTu2DgEvwnyJb50xS1myRYzdwZM8BnNqYk3K6P1O6BDB1yOjXhEpnmC49Y3UGJfROIxym_cB9ooMb0TIUAflJOYJC_99xrBkyrrnW-Kx33R0FUoKMrmypZUtAgq-JL0ITyIeEKM2QIHtX0t4FcLDjdnK4YJkkkDpNAstgVyys5LnIBIHyggVovT2WWhGgnNX6TCUnaBJq1_cNU51_Kth52v39QX1rUyvtwMPwAATUre1EjUwbxUW3Fda4iRpzc-laqxirf66QUH7vIGIh-iFE8SK2sb1kFMlnDwskcGKte6FsUP74KJhrNYO08MTQkchgCJWalz5sZsBo9ROLcxNwmFx4JACTSc3ykWPZ3w&cid=CAQSTADUE5ym2aAVusXtJS4MzDTNgMXkjbznDvuu0Fk9JwwRdhRZaWjr1VLkZZfvsQyDwWOeAeM1uoHl7nuGVQjobfwo40GKzMJy1QfFsWkYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kinoafisha.info%2F&ds=l&xdt=1&iif=1&cor=15209841273206137000&adk=250412560&idt=148&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:17:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 0438 28 KB
11 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:46:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0438 41 KB
15 KB 28ms
28ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
DATA 200
OK truncated
/ Frame 0438 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5531db68de4c5ee84e552a4bb348077e5404f681cc1be356b4000aa5dded7ac5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 371B 22 KB
8 KB 28ms
28ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 7 KB
2 KB 39ms
12ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1dcc20207f17a4dd9a8e767e73b386c06623440ed4bb6a19895cfcf0a5db52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 81331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1861
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 09:48:08 GMT
expires: Thu, 07 Mar 2024 09:48:08 GMT
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0438 0
0 118ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJpygJ2pB3JgyPZ-_F4XaD54M9D_BxSEDn3yTOqq1v_unPEVs1auQC5VZXGNf-VhJIcf3p1mokadkVSUuMPMwYkakqjqORUakObCNt--r9lSwiij5XcuGMbn1uft85KLUjrgalGK1LwKoIXol7I-gXCfMegEOheF1JdQn3ULH4DTzk6uwmoolBLA5Q-Z3rDwLyssxYwuWZMOymcbNWzD6AyQeQCe-5oXkM6zcQoGIp0kFCLwdzWw3jOsYOzWp2g0k-5KLrG7MiJPyt0HiCyShAWFgKVft5L6m4X5NQcmMMK0M9_ZT3vaPk-ar87FHKyXwfqLj-WvOgcak1urUfjpQyA40R6kYrJcJwTi4WQp5L6l_OtgNhBGyor4MGyPsUxhp7gG-ikEQHGFSYs7ybLTsTqXNxWpS10foyoY7pYUs9cOIQxPuHdooBB3pQYiKJ3pctmVMBHFQ2aojwb5Fhl7Ak9HuA3Ze20N5UiqjBHZtzsWozJceI2O9RuhSXC2ItGyyKF_iV3dDjLeGXSAEZBoCKG09dAdTcMYgsYmY-TORzDVZJaOLmpF-YBI9SuiIOUF-ipE254H-QhYV4aOVQwdtqsdl7BQLkXLdaNZvU582c36WwMtja0gHJZe9fu7DS8P_aZ_0nv1CDFvlP6SubV7OrQCvq7BSb_nCmjhqg57XcyKFpOglSfikhXAhZYo5wA1X0Yytcc16DW9c_tOI9fOKCnEGH6O2ckpFTU4d7OAWOCxg6yGw1MkQmVqF7n2Vk-TepoMg29dRq6rtsuAiLLD_Y80KaioKmP9UN6E7a3s3Zt1pc4r12iZ0hMVNplZ9lEWrLcUdas9FOEvrW0xzDFqouUu5C1qaNbj4nigwbH8klrs2ZnrSl4EQhILdiju-HqlTGC0EJyZgw8BRxgI67P17tET8iLB3jRUiCeQ99WbCILtxL3s11shPNyNCmSrpoqN-uVgfmymbOk5Y2wx41_3MaFbKmYSS56q2Ty2TKUVq8NuG-W2m7dMKq-MxrBfT_J7VtoycdUsDkfJVZeMC0TLpu47b7EF42nMB9eBa2YVTGgKxV6doNFErR0FsRL9nJwq3D5H1ueiTAIrusiKpUfUPMTqwWJ6mRrBLcMCxY0ab6-pNmbNo1ojOO2p-176nVefZXRGoWrt3IXMkFlBmZnUCHQpTOunL9Vds0s-tGXqe-i9QqUpyC0Z4LR3x7SQmo8KbnvoGnJXzewt5ZOB_UYbI7wQUiO3ndrI6wQPe85wcJblueU-tQ&sai=AMfl-YTGZ11MJw8EJM0mYwNcr2UTAu3BfjvJjhVMY78lPL_nj5hzKmaLBqdR8oM-DD-FBIFexVq_ovlkpTD8n2mUU8EjJGIa6uuROC39PzGTxggW7mPhgmFYErkwjIthG6mclic2zhtz-pY6D4-1sltqCs0AJI1Pnhh3xGsdiBL_hqzTeySwek0015u0VNY1CK2ys5wTr7tIVcHjK6BFFnd4NLIVjRi1nLT8vCizMegL7Zh0eSlbGC6F4vQ0Bdk0ljJrg6jzHziucWxEtoF23qoyOnPYddpxN84OIS04&sig=Cg0ArKJSzMH2EW9uENpMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&cbvp=1&cstd=88&cisv=r20230306.67084&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/987057/61527016/ Frame 64A3 243 KB
73 KB 119ms
35ms Script
application/javascript 52.30.84.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/987057/61527016/skeleton.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2276134140992200&ias_chanId=1&ias_placementId=19429848476&bidurl=https://www.kinoafisha.info/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jZtEM9djUZD7dAIu88lPIV
Requested by: Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.84.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-84-16.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 25df65a21577c6e620df36e7ec934bfacf79fbc1f212a39d1e104293069d73e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 64A3 106 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Origin: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 07:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4047
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 07:16:12 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/ Frame 64A3 8 KB
3 KB 29ms
29ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CBMq1RAioa4QqWj93rQZesLcAdX8k_HONd7CGwjzuNKgR1nEiCNvZkKIsbV4aGu0BgnQxRV5Mfi434RYqb_ATnLCF7ZJULjzDtzNZquqKh8nIZKJAdEUWaU5AI77Ypy34KtTDFrg_8U9EaOO-Q0U2Nuqay2lnU6e0ihgM4rb23kL-M5IE&dbm_d=AKAmf-CDDy3E2vpg1v06GMeBpe6xAfyCqsk45_B27q5P8NfvG_wpt9c1zpGBmSqz0cwnBI7HBReEYsDZXchO6gVpVKxNDJdLZLmT9jIXGabEh_I4qwjfJ9b6RSKF4q_R2wPb3ziR0rKTkHKHshNZgEi1AuV0stDBW_qdKrNMrU_4mM8luxQ08cvTFJi5mK2gQcGuuiWVwdeq0SJD8qmhNfan9A3ofwYM31-2L1Fdqo1fG7HhLCgPB7DaLh8x5Xde8HEk2iULeycIbWWjDQu9_ys6Ag69qMBBh6cx-i3fKkWLo7d1s_b3xa4JTawhpC2CDdvrKlf1A3Cva_NQXeq83rXdTwofh218KnBe5iu873vLMjA7XMHYs20warEQVHT9g4otIYiEpv5fooeubcubgdWb7y_522flxkhfBO_IaQk0dQhzxm5k3Gg3lC492vXp81ElDPse-F5vwpZ2JmpmfHdkhcKMfQDeHe0gW1PPnalKYoQOWkzstjD9a771NWll3FlJA-B7yDRwrRPpOyPM8_J3DY7npG9CcGcsYVhqxjf7NZVaXt9Lxe3X4CYP1kr1jkh7dWl3ygLF5cktupsSuWyS2a_Nc6oMeEdyrZg23Cp1Melq55ZBhb1tCIVsxe6BHsMINHud_o2cuGEw0YR9zfCxQcGuR8NpQr9Bjgs7eQdPdy12moNqvKS0a-Sm3wJ7CQNyDy5RBaku8lfsftakaU__LnIEb-b8ZZIQ6LACvMC7G9xujFTdnQqdk07g09c6lZRgxGpNGhF0SuUAY9e60B5wtcL0uPoL5m16UsOcVEUfJtsRuGCVdS5saxVod8XpWEAWfLXK_h62JQOT1h0e2QrO_9GuwDAEPvER0Z5xtdPlWhfxrXfhDgPi37Gb5rPvBgMWu80Qi7ItjbN7raN2yuIAwCEMT20CQebpeONFpWLuNjmng1Xd09311Vw8kll4jnUmiUv-x16Ev90l_r3lZbclJCR3Vaz6oy6DI_CPhiQEz23gDf6UJNzk0JNobsnC8Yj5KIotNHAz2KYDasxhzVxU7mSYIpZ0EFw0RgzaCh3UUO-Md7-150Pm1aDS_n5_Qo78E0PGB7eSprR5s3eV5ItFrYLFOhRnLBeFVO4tbAzyPMtBzkP971eqJztiqjyiYJRRvxtHbF_J6MSDOHyepnNsL0Qa2g7E60AUyafIsAtQRuWSkuDAbwiPj7nlIqN5nSAkDvpJApS-sqjSc-4DORXSMupV_M1q1qfVmFFF7CijD0dHJDKbk9BguQ5S99dU-W-6U8NF6S0Uilph1SVAOk1sNz8pgC9382e7wtM1Pt3DmlIEmfFJ6HlriGkqIif5jmNPO3fHHDRUO465jW6BP_Cr_Ew2NnB1Ym6_9ZKlDZAzi65zAIXFpze_0gxgfOZPfIEE6FaoNmYe86bt4OXFbkpMgZBxfTXtBOen5c0fv_l8XsK8p2Z9RJAKO7WJJVRD9pDKe7932yVYKVePl06tjJYprd9Gn6Av_D8L3Dsl_FkGFR6Szhz2j1srL0rbmZgKUDXlV-qvzt0sHoX_p0KHfw60abOmjoZEgu_mPlRBJO9ngM3n81Ph-CoT2T0OlnKm6g9DvXZmy8lHN0DveJsO1_Np9U1PEB6ap9O73b6rASwqCkQSrNH67VweK82M3wm3RpxsaF98UToVqmkKW4YSgm3N5V6hpxa192uz6Q3G_4ZamRZ5PSyhG8w8a7d3QFoY5gvgWYzdurmI8W5vkKLNP-0-RcKCpzvjxQ--ejvOi5yoCoyKUDCx9ZJrnTwgggPURMgl5n1Rw7lf-bVDH6oUAgT8W2oMXCveCWIJqTOKFkuUafaWbczjzt4KlvXpH1WE8OP6T4dF_coRyJCR96tMhyhD1iadUq5WqhBjdZ1IOCbIIF9vL5DgLwdKmvB-X3OzBg06pmjSn_Ja1gyaOUVDZ11s353q0qSm0QfEgvcca-h0-4C387QZfWYeV0LskeVNYwhS2u1fLcN7pENm5KtdqRumY0R7PB_Tsx0WfdkhMxAfIUui-1yh0q3Fmjb5xNRH0wv15jEgMs5TJVQhQbzySdtpsHmptyXhX21k1paKQbHvX0pNOAxtnwOV0UbPjyKx83f4UIkp_BZ0e4uYpnL7bp6VdPlpI-IoxfCDk_kLDXqjvd7B-WafL1M2G2Q886k4k7XCxn_2sGIOtHfdik-apIoYglJEQIiH-gkcNO2vjYu2ivjWRHOaM5A6CiuVns-uiVaatzYrYgK0aqbOJEv6pTnOBxYLg9_CFGiXdubYDEXiTd8tr0JghGiL2VSog0YeBX7K5-POYqKTr8B6rsXG8EYNf2vp2UkwyCsNmreoi7SlXFxJkvP1Y1BaK0qMn3gHpzuf5m2RmTqeIuA9ndzcSQhiFI-ONVXKISBQHaCTJ9M_P2_4Oe60h6sMnK6vjb_JFmAM0n7ovM-3vz4BRAJQmqT51-E6IGQQWBIi_0NeZpemf87aqDYb5edxgCuIc-5B3F-mh-68f608Ntl_PNqKlx-PvuWfb3jlB8_osTr1cfQlVavU4oPXcnuOiGimMCfggZhSj3zU1x_7Bv9x4IkJQFerSaFZNalcG4c66pl2Op3snkjYYbrQSGwW9lOBDIeKYbO2C4Dsm72mFTAHKGpDnUzEEYtCMA3kdlr1ZwuuV3EupHHtVty-uidX6ZQm5GJOn-xvfwtLIRnZwZCeMWetPlox0BprDT0pAnlwllde9Jqs3ZC9BqtkNVXJ8Wbo22s0sK92_2uXqx3s03v89klKPiXyAjEjILeCcu66BTEHCQxXKYGBVmWZcWtmkU5u-I0jJCiZD6STm76clA_-a53am3tnyixbCtzHQHdwhMfIRXZietae4Syb-UNbn7xCmVWYUPrL4P0bIk3MyKuHeAodgCKCG78KbJWcsY6g81cZot_qZblQy_Q3h9d6qTlfhHrGAqktcG-xctOGMGxj-TWhCj1V6u1ERLs0NQg9OokF4P27wN0uLx-tnnEobDfpf7tubeeWas71pzEuuDS2AYOrkBzKfBxq4cEyMhSE9S0F6Hir5o4x5w60-GAhgDI3phKX1RYpIZy4X5EbilHv0cQG9KzbKHoIHq0r8IAKs5ur9wHwODrrRG-fNh4wTmturcLldVJ2dbPmvNQXdurC_V2oS7WvjbS_sAhGniHoQBf43baLfyHpjoVu8cA7ERMDqdooZrC6zvnJanlqq3qvDggAaPbNGC4eEqJr01ZWDej_xsj3Fwg0zdD7bHNcK0DI6TuZompaKA3qCxnRrHM8xL2AUi6m1PPzJD40CuMHGYDJvB-JTcAfg8kYi7swQ0LSDY9XdCHXXOeOUz1lfD10wmeO6Qr-JRcy5JP5xVUflUGHm6vDvK8obB0qKV06IoPI7UT24gz3vnYN5qq8kgURlyjv76fItCRIFAUOvgRwXKK5PSdCs85Ok5dhikux8ySdbeioOWVY7w9Fa6Y_yK0MIQfqC-EPmYxdd7kRZYFND4Raw1-vCEp2BaTiSrhHZGSf94XZVGQNZbTVb97kXgmgLXPRyqrV-H7oATq7InvNlqazzM2f9Uq-jgDPU2JBFXkV3FvnqQpVpv1yFKCf&cid=CAQSTADUE5ym2aAVusXtJS4MzDTNgMXkjbznDvuu0Fk9JwwRdhRZaWjr1VLkZZfvsQyDwWOeAeM1uoHl7nuGVQjobfwo40GKzMJy1QfFsWkYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.kinoafisha.info%2F&ds=l&xdt=1&iif=1&cor=4780282987154337000&adk=1964084972&idt=191&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:17:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50774
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 22 Mar 2023 18:17:25 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/ Frame 64A3 28 KB
11 KB 29ms
28ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230306/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 01:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23813
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10962
x-xss-protection: 0
server: cafe
etag: 11760670070698444384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 01:46:46 GMT

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame 371B 36 KB
14 KB 30ms
30ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49054
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:46:05 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2829854111991172336/ Frame 3246 143 KB
22 KB 14ms
13ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2829854111991172336/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afc1448b426761a59378f46afe85f2f88065998dae71aca11a40e23e25fd68df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 603288
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 22919
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 08:48:51 GMT
expires: Fri, 01 Mar 2024 08:48:51 GMT
last-modified: Thu, 24 Feb 2022 12:22:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 64A3 0
0 86ms
60ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpQtMIoqCVp-pXhtVLzvLGbgJJAlBwsKhfqnJBzNLfjNGjAVJVlxG7XOGdS7cXd6DkLMX81wKxP6BTj6uEAx0ONYQAJVkYqZ59i8lY9atNTJJ-EpcgEVa2_CH13tOWGikziWYUXIIsdHA9PcyMJykWOxOebb6ulMFIzYRMn-BUqpNEKcOTP67LXxGAgdzA3Hbp6PY9O0LSb5b3rMn-qBSL-k8cbQ47wwR1C-QFf_yRnqojQjia4wKoYeNUmiKAP8Yi21fYNnSxC-Tkz-oy7MN7JEkY4O8ppNT4LYlx6ZNP__OoGKFKFPSzPkk2xwefiLjE98yg0RTyyZuf-POaMuQ6xs0omoulQaQT-aagmEm4BvPusDSS0stTHCmzn4XlCDwhxB01hnCpq3ooUC9Z_75h5tQQ9H1FEawO6PV_80711pt76Rxk0cXnXDAdpiCR0x5ICCYvvGbuB_Rr07XvUuwOftqE5IjLEeOUV9iaw3N1m3dfwGwTj7juz0zxQWzdYDm35vPfylyLrpJq9qlbrMltMouRRKLtRP_Etd2oKJf26RiWG94dV6097LPZk6iEBVrRPgsp1WinQZfXuGoqihx7y80bWzKgDNhztlejtFABpuwbj50TK9JXdT_I5pqcZta3ZTxsK5WLlFhj1Ka9JKICLX_Qph46jsBpmvaDTRuil3reG9KJfnRQsjkt5uZbYWXgViOZ_sOimyiMueCmznAyaI8q70sKT1fth4s3s_tdNWNkNB3Qsv-aFGbAlaCeWj4i5F-dtYopUMsWRs8ObjSAZ7GLKEDs2vExZbCiwBZrLamn_Nt8CjR-c_rqGXphhXGaDjkTk5teQyK5eBAlk_mlu1RdI3P2LVDFvTbPKkpYWdTqy9YuEu0keXCLuyZ2k4R5YyacUtNtGQAkdb3pUNDggKoJCldzrG9zrdKnqIHf4l7d0GWxfMV64G3n2HKnfZxoRnbx_RD6sz29aLQGhaVWDSHPL-1gD42bQSOLoLBcDWmDEdUm1M3hw9amsL_KQyxW1sK0k_INxYVNaKWpRzsNBZgEWIR8wkydss_DEDnOp5UMuDa201r4jgcvQ9ul-X8MQtk-rn4-nxv2sNfQLWmQadd6REAbXj5YZ54p3qDu-QdRq_D5au5HWt7gxGjO_m026hpO08RzGgNWdAVKim4qRbVOpYPUuwA9zYWCjdthd98qPYC8g5yWUfejhqtJsGNapO5VI_cHVUuSx7S6rn8OwA7M5wgZhWnymkyTGprQRIRXoIF2eelZiCwT7GDguSfOenaX-eHhP7VQdyS3Ww9Qx5OmuA&sai=AMfl-YRSxRqI2doXHkS3j4QohR_WE6u2vdmcyMzf6slSqe0Rw6OxKmZZYbN_VM9fw5KOtLPRjSI2RFn9kL80iScUs72eS-JFgxfew5mdcMgXOmNrEAe4VRZjtg7ePEB0bIGADRaRPm3DEQOf5HQYkGVhGCNWDP2rsalIo99KRw45F7k8ppFQM9AcrZ6BhGyatOL9eRyxzpadDHhQaVeT02aDcY3YXMYKKpodiHOOWTwm6KoaijijSIjIu46Kgo9mPjYgy-PasPktVhyCC5xSMPo-lJblvygTBh9I5Qoq&sig=Cg0ArKJSzMwLqDDMzhDuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=27&cbvp=1&cstd=25&cisv=r20230306.00031&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 hp_styles.css
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 4 KB
1 KB 13ms
12ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b42ad3ab3631144b8d67244ab3b5c9538e8f522f3f3b40ec62e9c111e81f988a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1024
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0B75 63 KB
25 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 hp_main.js Show response
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 10 KB
2 KB 13ms
13ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ca00ea6870d19ba164c79031d3a49739695e0ffa7e9d7c2739840fbb3cd647b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1844
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 64A3 41 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:18:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 18:18:30 GMT

GET
DATA 200
OK truncated
/ Frame 64A3 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53084a509d23366b29980e94b52eb27211c38dafe70d46a46ac2aab9a5970151

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 3246 29 KB
10 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 Mar 2023 05:53:58 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F475 22 KB
8 KB 37ms
35ms Document
text/html 2a00:1450:400d:807::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 50803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Mar 2023 18:16:56 GMT
expires: Thu, 07 Mar 2024 18:16:56 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 windmill_base.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 3 KB
3 KB 16ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/windmill_base.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a289af45b78e4755907c7a1a6b01512e5149c7afa904d1913b081b07e341d2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2660
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 windmill.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 4 KB
4 KB 17ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/windmill.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbeb2d3f6217c0a4b40475a71d0d8457aaabbcd4b7bbc6f70dd93b46d374165c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3709
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 cable2.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 3 KB
3 KB 18ms
15ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/cable2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87bad049866b876cc8a5db6d56f8a85f7b766a733ca3d41819337e97cf43d26f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3115
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 car.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 7 KB
7 KB 19ms
15ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/car.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16e90466e3b094019d62f924341d643365c2bc532c10f25b389f993b767ecc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6897
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 wheel.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 384 B
411 B 20ms
16ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/wheel.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9099f978e1e3385ec525f0c69a9d4879551785a51c498920c16a34fa10ffbbf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 384
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 cable1.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 3 KB
3 KB 20ms
17ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/cable1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ac41bb28fdffba67cb09c2f6c95e5048bdcc328cd26e01a0bb873ddb624fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3316
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 elli.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 4 KB
4 KB 22ms
19ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/elli.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add5972e81248891bfbba9d9279c838ff96b473152f812cdbed12a564c7a6616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4447
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 card.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 5 KB
5 KB 22ms
19ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/card.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab012c14a972ae3a3b1b71777100fceeb64e2aa2ab3a7d5df81138acce9c3b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4805
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 card_chip.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 1 KB
1 KB 23ms
20ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/card_chip.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f21c776e45cd0bd044378b4d83cef2404483ef5636185564af328c5efb5df038

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1259
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 phone.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 4 KB
4 KB 23ms
20ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/phone.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13eada2d62ca0f0476009daeffbedc27cdc454b26649f7cc5125ec50f1aa4174

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3870
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 bonus.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 3 KB
3 KB 23ms
20ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/bonus.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e549caaf78aaf127a46268b7756bfdcf79c304df053a85a5c679a0f5ffaa9034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2869
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 dot.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 1 KB
1 KB 23ms
20ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/dot.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5947012b2b359a009b28b9dcdb9fc6bd46ecb517d572fa2a0a3d95dc982ffbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1434
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 txtSprite.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 19 KB
19 KB 25ms
22ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/txtSprite.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a8a4d3546806481db8e1a3149d3bc4fbc7519226a93bda4a2dabcd3feb5e696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19488
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 636 B
663 B 27ms
24ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71559201aa0eb92d596f3404e36c290dd2ca535746543e3ae1a186cf27a19eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 636
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 css_sprite2.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 57 KB
57 KB 32ms
29ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/css_sprite2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7577881926970191a7a97d0045b74790592409478613742747ebafe7df5c09de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58711
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9069027582205621822/ Frame 0B75 3 KB
3 KB 34ms
31ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9069027582205621822/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1218a409d4cb7cf3b4ea211658b293754d9e14e20802660e0a20e2d0deb4e62c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9069027582205621822/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 09:48:08 GMT
x-content-type-options: nosniff
age: 81331
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2694
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 14:34:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Mar 2024 09:48:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 64A3 0
0 61ms
56ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvpQtMIoqCVp-pXhtVLzvLGbgJJAlBwsKhfqnJBzNLfjNGjAVJVlxG7XOGdS7cXd6DkLMX81wKxP6BTj6uEAx0ONYQAJVkYqZ59i8lY9atNTJJ-EpcgEVa2_CH13tOWGikziWYUXIIsdHA9PcyMJykWOxOebb6ulMFIzYRMn-BUqpNEKcOTP67LXxGAgdzA3Hbp6PY9O0LSb5b3rMn-qBSL-k8cbQ47wwR1C-QFf_yRnqojQjia4wKoYeNUmiKAP8Yi21fYNnSxC-Tkz-oy7MN7JEkY4O8ppNT4LYlx6ZNP__OoGKFKFPSzPkk2xwefiLjE98yg0RTyyZuf-POaMuQ6xs0omoulQaQT-aagmEm4BvPusDSS0stTHCmzn4XlCDwhxB01hnCpq3ooUC9Z_75h5tQQ9H1FEawO6PV_80711pt76Rxk0cXnXDAdpiCR0x5ICCYvvGbuB_Rr07XvUuwOftqE5IjLEeOUV9iaw3N1m3dfwGwTj7juz0zxQWzdYDm35vPfylyLrpJq9qlbrMltMouRRKLtRP_Etd2oKJf26RiWG94dV6097LPZk6iEBVrRPgsp1WinQZfXuGoqihx7y80bWzKgDNhztlejtFABpuwbj50TK9JXdT_I5pqcZta3ZTxsK5WLlFhj1Ka9JKICLX_Qph46jsBpmvaDTRuil3reG9KJfnRQsjkt5uZbYWXgViOZ_sOimyiMueCmznAyaI8q70sKT1fth4s3s_tdNWNkNB3Qsv-aFGbAlaCeWj4i5F-dtYopUMsWRs8ObjSAZ7GLKEDs2vExZbCiwBZrLamn_Nt8CjR-c_rqGXphhXGaDjkTk5teQyK5eBAlk_mlu1RdI3P2LVDFvTbPKkpYWdTqy9YuEu0keXCLuyZ2k4R5YyacUtNtGQAkdb3pUNDggKoJCldzrG9zrdKnqIHf4l7d0GWxfMV64G3n2HKnfZxoRnbx_RD6sz29aLQGhaVWDSHPL-1gD42bQSOLoLBcDWmDEdUm1M3hw9amsL_KQyxW1sK0k_INxYVNaKWpRzsNBZgEWIR8wkydss_DEDnOp5UMuDa201r4jgcvQ9ul-X8MQtk-rn4-nxv2sNfQLWmQadd6REAbXj5YZ54p3qDu-QdRq_D5au5HWt7gxGjO_m026hpO08RzGgNWdAVKim4qRbVOpYPUuwA9zYWCjdthd98qPYC8g5yWUfejhqtJsGNapO5VI_cHVUuSx7S6rn8OwA7M5wgZhWnymkyTGprQRIRXoIF2eelZiCwT7GDguSfOenaX-eHhP7VQdyS3Ww9Qx5OmuA&sai=AMfl-YRSxRqI2doXHkS3j4QohR_WE6u2vdmcyMzf6slSqe0Rw6OxKmZZYbN_VM9fw5KOtLPRjSI2RFn9kL80iScUs72eS-JFgxfew5mdcMgXOmNrEAe4VRZjtg7ePEB0bIGADRaRPm3DEQOf5HQYkGVhGCNWDP2rsalIo99KRw45F7k8ppFQM9AcrZ6BhGyatOL9eRyxzpadDHhQaVeT02aDcY3YXMYKKpodiHOOWTwm6KoaijijSIjIu46Kgo9mPjYgy-PasPktVhyCC5xSMPo-lJblvygTBh9I5Qoq&sig=Cg0ArKJSzMwLqDDMzhDuEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&vt=11&dtpt=124&dett=3&cstd=25&cisv=r20230306.00031&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 08:23:39 GMT

GET
H3 200 cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 3246 2 KB
1 KB 27ms
25ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/cta_jetzt_buchen.svg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1056
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 09:19:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:33:53 GMT

GET
H3 200 logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 3246 3 KB
1 KB 28ms
26ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4331440/logo_flextarif.svg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
last-modified: Thu, 21 Oct 2021 13:24:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:35:47 GMT

GET
H3 200 tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 3246 6 KB
2 KB 27ms
26ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:11:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 700
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2072
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 07:44:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:26:59 GMT

GET
H3 200 head2_2line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3246 12 KB
3 KB 28ms
27ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head2_2line_family.svg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:12:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3442
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:27:57 GMT

GET
H3 200 head1_1line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3246 7 KB
2 KB 29ms
27ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/head1_1line_family.svg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:12:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2321
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 08:21:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:27:58 GMT

GET
H3 200 970x250_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 3246 36 KB
36 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4453672/970x250_kv_family.jpg

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27c302f43bcab119d8bbb14116ac9a65b29b37c8e2768a4e18c8bc6e1860c5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2829854111991172336/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:13:29 GMT
x-content-type-options: nosniff
age: 610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36931
x-xss-protection: 0
last-modified: Thu, 24 Feb 2022 10:48:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Mar 2023 08:28:29 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0438 0
0 52ms
52ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJpygJ2pB3JgyPZ-_F4XaD54M9D_BxSEDn3yTOqq1v_unPEVs1auQC5VZXGNf-VhJIcf3p1mokadkVSUuMPMwYkakqjqORUakObCNt--r9lSwiij5XcuGMbn1uft85KLUjrgalGK1LwKoIXol7I-gXCfMegEOheF1JdQn3ULH4DTzk6uwmoolBLA5Q-Z3rDwLyssxYwuWZMOymcbNWzD6AyQeQCe-5oXkM6zcQoGIp0kFCLwdzWw3jOsYOzWp2g0k-5KLrG7MiJPyt0HiCyShAWFgKVft5L6m4X5NQcmMMK0M9_ZT3vaPk-ar87FHKyXwfqLj-WvOgcak1urUfjpQyA40R6kYrJcJwTi4WQp5L6l_OtgNhBGyor4MGyPsUxhp7gG-ikEQHGFSYs7ybLTsTqXNxWpS10foyoY7pYUs9cOIQxPuHdooBB3pQYiKJ3pctmVMBHFQ2aojwb5Fhl7Ak9HuA3Ze20N5UiqjBHZtzsWozJceI2O9RuhSXC2ItGyyKF_iV3dDjLeGXSAEZBoCKG09dAdTcMYgsYmY-TORzDVZJaOLmpF-YBI9SuiIOUF-ipE254H-QhYV4aOVQwdtqsdl7BQLkXLdaNZvU582c36WwMtja0gHJZe9fu7DS8P_aZ_0nv1CDFvlP6SubV7OrQCvq7BSb_nCmjhqg57XcyKFpOglSfikhXAhZYo5wA1X0Yytcc16DW9c_tOI9fOKCnEGH6O2ckpFTU4d7OAWOCxg6yGw1MkQmVqF7n2Vk-TepoMg29dRq6rtsuAiLLD_Y80KaioKmP9UN6E7a3s3Zt1pc4r12iZ0hMVNplZ9lEWrLcUdas9FOEvrW0xzDFqouUu5C1qaNbj4nigwbH8klrs2ZnrSl4EQhILdiju-HqlTGC0EJyZgw8BRxgI67P17tET8iLB3jRUiCeQ99WbCILtxL3s11shPNyNCmSrpoqN-uVgfmymbOk5Y2wx41_3MaFbKmYSS56q2Ty2TKUVq8NuG-W2m7dMKq-MxrBfT_J7VtoycdUsDkfJVZeMC0TLpu47b7EF42nMB9eBa2YVTGgKxV6doNFErR0FsRL9nJwq3D5H1ueiTAIrusiKpUfUPMTqwWJ6mRrBLcMCxY0ab6-pNmbNo1ojOO2p-176nVefZXRGoWrt3IXMkFlBmZnUCHQpTOunL9Vds0s-tGXqe-i9QqUpyC0Z4LR3x7SQmo8KbnvoGnJXzewt5ZOB_UYbI7wQUiO3ndrI6wQPe85wcJblueU-tQ&sai=AMfl-YTGZ11MJw8EJM0mYwNcr2UTAu3BfjvJjhVMY78lPL_nj5hzKmaLBqdR8oM-DD-FBIFexVq_ovlkpTD8n2mUU8EjJGIa6uuROC39PzGTxggW7mPhgmFYErkwjIthG6mclic2zhtz-pY6D4-1sltqCs0AJI1Pnhh3xGsdiBL_hqzTeySwek0015u0VNY1CK2ys5wTr7tIVcHjK6BFFnd4NLIVjRi1nLT8vCizMegL7Zh0eSlbGC6F4vQ0Bdk0ljJrg6jzHziucWxEtoF23qoyOnPYddpxN84OIS04&sig=Cg0ArKJSzMH2EW9uENpMEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&vt=11&dtpt=199&dett=3&cstd=88&cisv=r20230306.67084&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.kinoafisha.info
URL: https://www.kinoafisha.info/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:40 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 09 Mar 2023 08:23:40 GMT

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame 64A3
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/987057/61527016/4.js?ias_dspID=3&ias_campId=1010147415&ias_pubId=pub-2276134140992200&ias_chanId=1&ias_placementId=19429848476&bidurl=https://www.kinoafisha.in...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

55ms
19ms

Script
application/javascript

2600:9000:238d:e200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:238d:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 19:35:44 GMT
x-amz-version-id: vtoVcOeStqySRz0ovnOpcMO_.XzI7BRS
content-encoding: gzip
via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 46077
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 22 Feb 2023 19:35:40 GMT
server: AmazonS3
etag: W/"33dffa7df253125904b2f354b5bb5e8d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
x-amz-cf-id: PGQ8EXoF6CKHL_O6OEG-J4iiid9zN-KpDPi4C2Z1clIS8MIVSkwGSA==

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame AD62 91 KB
23 KB 81ms
16ms Script
application/javascript 2600:9000:238d:e200:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:e200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 14575644
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: xQThccWN_eM8exp2wyzUzUjD9tmSJLEDbOubPAg3FHeNmyt4pyWkNw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
215 B 602ms
172ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO0W9,pingTime:-8,time:29,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:29,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B20~0%5D,as:%5B20~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:0,renddet:na,siq:28%7D&br=c
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt16.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js Show response
pagead2.googlesyndication.com/bg/ Frame F475 36 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YvrCvW6enSrSZlpWfT49hCwWEU4IwRN__jQypf5gIC4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 18:46:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14215
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 18:46:05 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
216 B 590ms
172ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO0WQ,pingTime:-3,time:72,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:72,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:0,renddet:na,siq:28%7D&br=c
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
215 B 588ms
174ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO0WR,pingTime:-6,time:73,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:73,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B64~0%5D,as:%5B64~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:0,renddet:na,siq:28%7D&tpiLookup=ao:www.kinoafisha.info*&br=c
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
215 B 572ms
173ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO0Xa,pingTime:-2,time:92,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:663,beZ:665,mfA:668,cmA:670,inA:670,inZ:675,prA:675,prZ:683,si:690,poA:692,poZ:719,cmZ:719,mfZ:719,loA:736,loZ:740,ltA:754,ltZ:754%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:970,h:250,t:26%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:92,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:28,sinceFw:61,readyFired:true%7D&br=c
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
64ms Image
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230306&jk=694650881434157&bg=!AQKlAlbNAAbv3-2Ez987ADkAdvg8WvVo41ehiw1irazXWMXfO_WAR8O6WZeZmXLtMmSTnQMlOXNZ2YV-U-OKckM92vLnEEPVSH4CAAAAdFIAAAADaAEHmQKrz9eFCroCHlaTVWvkP4h36SSYlt-pfU3mN3XyJ0pMr-Xt84H7AHWvywQCYIdEWRzJ_zJbiPJutMKnccbTq17KjevQtLBfVg2z3d-OKMDeKhfK97Q8ofL42afQ5F3G9FPI9Wdr_1XdFCNs6wRhLJC9AKVd6yzoQAtU_fwrU7TpB4NK-kV7ab_o0t2TvDiHybTp9v7wR0Ot-iRmnyCQUNP6DRN-LKuj5AwHmQzasj_kHN73VmQGQRs7vlyS-0RkPx6MKi3DrBMy-cq9A_yKZnZCbha7rscFrm2ciGZmstnPjqCeHjvWsrVdg0EJASR5XMhD7-SWxvCjYsn5d77vaiyjm13q_9zNOou7fQwJnxXplxzWSHJmKcHfvuiufe-Kmup-03M4PvFHrm9wUHKiiVz2hNH7wAD0Vi01NAWSmMKF3421eteBRH-w5vGMSdqOdjXg4ZgQ1hqLRi8BiPjaAkfe1av7jCPtDPnDubyOyAxqI0KuS7Sf0flTTGUX5iI_HDTCvqq8G_pXP6Wvxre09mqm2toRbpmL7wexglT7y5TpdX_nq0Zz-gmzrwqhugMEgUeajRGnLjrTLPHI16YNUewsyIuZOUgNaVW1VLX0NRsCfoNjvabumo8sR3ExX3Y1oohSOmNDmHlygp1PWsXSnTj1s-YhfXRN7vZYYj-No6queHQJxgoiA2BeU1TvK7rtj7-H_fqs8swlAnXVLaQUTUQaJwyfVggw_K_U1Y3butUHu-kssqG5pMEl4kJAzUbxhzkhEumJYhHSgLieLGGMs-slQsmFAMXKEfcsTv-THANIf_MXHjvjqg3csnGfWeScQ_2tSYTNsAqbL0QvcQZqPBXS-Uub_cJz1FCGP_Fxi-j0uSxbI3y6mB-VqOlAQyNVBg-ui2OKnotSnZwfItg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.kinoafisha.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 371B 0
20 B 69ms
64ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQEVBi5cJZNO_JJXk-gbU_bDADwAAAAA4AeAEAg&bg=!FBelF0PNAAbv3-2Ez987ADkAdvg8WnlG3pup4ceOt_orPCkFgbX8iZjoUi2wlgQkdjt4cdHcRSy0zX-BWJn7jtswgyUufTE2NeECAAAA5VIAAAACaAEHmQLyOL9Exma1yNqzQUtnyco8L2XB4LeMq_5a3ipc8JLe2c1-8Cnktd_nJbpv0SKX16TG5n0LDaEbQX7HiOYKptfjucnMNUW4IQuZ-OtcDqOGOwf7pGgK4QMEsa8qLsCN1_GGwYQmvesnABq5NuDsdGQebshDmE3Env8k2UFUrVT6qQ1iByiVrwUoiOKiQABfzmrJjQsiKItkcY0-c9zTex-D9JYiwKVB8ZH29tS2hEecLrOdCShOxtXGcY4H8IC6m2oogWNrokYwchTy-qsWSBbY501SuRTFv4k2G0C2vfQlvLqLO5BZ09j0rWLyc9SL0kXMaBR4KKQVQ9C3-RlbXIDzDl_m3pALi9H6lWf3-LSesGMEhkOopv9WpZFGMnj1Th38HCPY1f0gAHXl8nGtNH7BZ26pCjg_iNGqlb5B0OHoEeSVbDLzMwvd8haXLO-Uk_1wfcvzUjxUr8CYxGtHCbeE-fBbWEDls3eTbtufUq9-4lLiV7IPmotS_4C100YiCpyirLn3cWQliWKvMQEmFZg4Rq_DWfJ_B_qIovaZ0c8ZBbFGqTu1bgFJFZecNFEzA2VDv51zMGuhN8Aht2cgSIhSKH3iTx8u4w8V26rUgO5H2HKci8A_r240WqEKwHZT8NPMjJl1ZHerivxnvtNb6b-1G5WQrSzkMZ-bG3zHbaGoVJCH0JlBntd3wLZkltmdbeFoHCwERcECD-Kox4wMt0HxubiLnA0LdtkE04JDHy7vzacUvelbGVNIdTc5GJVMsNHIJbhgiRCm1p9WxVazk6DdBwK9wn1sKOuhYo8zkeFVeiG7He0lXblDvUEt9jB4A5j86VyrWqndYCVfv7AHFaYv13Ic5a3uH6Td-AFtIo8aYFb-C3naP4xnPgMk6KvC9h6yE9Ze_JvKQQ1fu62KCHIcw5u0QgOHut_qF9LiCh7fGk74PG0kInkE2YBM8Mn_S16G3KGjvO62euDZCA1F5fkYyphXfhyPQwOLPfgOCWnp5hhpOw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F475 0
20 B 63ms
63ms Image
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAvF_i5cJZJfJKqCmx_AP0OKX8A4AAAAAOAHgBAI&bg=!tLelt-PNAAbv3-2Ez987ADkAdvg8WqdO4K4xmx8KpucjgEFg9qN8N8zwhNGZFI-7xwU3XA0gokFs0tl3uwIaO85jFlnNIj1HxDoCAAAAYlIAAAACaAEHmQMB5Dpn-QcpONyo7mGdh0tFwZ_g2auplGWa1eFK-FklPf831hyayddkTAmmSqFLvgmIHAM19OIu2e0wuBCnQV1drzNCs6-vCW33ADGu--6d5coSxRSlkEZk3uPrRVEagYCnV2_JI4HQ-e5WhX55-J_WxIkvVxJwgmOV1crK2gz-sTMZAHKWDnUaRxhNgcnKu1m7Kj5sJ4wFDhCDDfaMRhgFyW7vEPJvV1pQKNsI_20RU6wbLot5ssuWHXzAZ0f5azCdMONVYPVSYuNmwG_7RtqajWxF1oZ2jZ_g6tfbc1OJyxWWh6u5jtDujjWtiUrg99p7T92-8jJk9VUlXkUkknhKuhlits2_QAJ8F-_SHsgjkvzFFH7E0E94ORxKUbvQF5tC5z4xTr30IsfQ0YZ4rPQb_qFhYwX7YsPCkDXv5aEw_m77XT-HOUrdsBImWEjMoyzzpM6pLY8ClEq-S7rrj-Ne4js5fxK33gxuK2i7YCowFuZ5e9oWVw5vFuHfvPzdYp4aukYhzC3iUPCEUZoD4rqhNfk2eCp5NfJBJqNJhtOrsh0bX_FjypGB9TrD4b7dpMXtmRqxAtE66BUUYAZP_8UBiyzl-SJwZeAjLT18d7wpiDAoVjGlQvL_KBfIlT6lZivRt90x-rptAC4YZ5ubMcywGXMFChq8jUm32ajj4O_Lt4J3WRz8VrKhg479-IbT6XdKPmjk9iz-sFSbvfuyhxwMLKL5vVrgmTMBRbxr1lzu5yFLRNao4cnE3hxlvyCnRh49eVlCqqrAxwNmOSjsvgRp9iLZ5awhVEudkSt_ugJmF-SV0_amlvPiR-ttrfXYs6_4Y8ax14M-wpl15ejVgG3UaFWzrKY0e221Mm9wQtbqvOiVyxMuERKMdYLHl5RfbDnWPX8sOBSaSdF7-Ms3EzklsJTM7qT0w369uG7DRZjI44-Ki0dsRlTbU1gtZ_BHhmk9bVRor08vUbZP_dfrOQrpLckNiaWccZLqa3W9bQIbPmOQGIKW_VBWGjhmHolu8CXmow

Requested by

Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
215 B 212ms
174ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO12Y,pingTime:-10,time:452,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTExLjAuNTU2My42NCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1678350220476%7C%7Cc02c8a4385d4de74d03833c64330b96a%7C%7C048cfc492222ea08fb0159cb46ab52cc%7C%7C448c4939ebe3d85691334e29b7c0f7d5%7C%7Cbfd3d1a2f3c968ce6af8c99c21f41781%7C%7C71d7d90d8c32913bc233f5fa8f8f8e43%7C%7Cb535e68b33c14cbe19fa0625d046d92c%7C%7Ccd1202df9194a3a38d2724028c8d77ac%7C%7C1663701684%7D
Requested by: Host: 06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
URL: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 64A3 43 B
215 B 175ms
175ms Image
image/gif 2600:1f13:800:7780:c8d2:cc35:8371:b2d9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=987057&asId=56e7e796-cf70-7067-b084-1d051ba8f40a&tv=%7Bc:6lO16S,time:694,type:e,im:%7Bpci:%7Btdr:648%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:694,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:26,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B685~0%5D,as:%5B685~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:215,fm:txZEtV6+11%7C12%7C13%7C141%7C1421%7C143%7C15*.987057-61527016%7C151%7C152%7C153%7C16%7C17%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:28,sis:150%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:c8d2:cc35:8371:b2d9 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
server: nginx
x-server-name: dt04.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0438 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMJx73DBtzcJzaC5_9tjeBFC732Wqx-_m8VkA0Mc9ALijU8J6jbMnrtCLm98mzEYNwsLbbVB-JdqS1fRYga1KVIY7yvPHfDgXH-hYaycd6l5g8r_tR0_PVLxh6Bm8d48LDeId-Tg&sai=AMfl-YTlCwUZLvc9K55tcTHY91qNMO4InKL_MjT2HNTplWACLdPUPCNGfR61hd7fO8REzBcq0y3GFISfzdE1QNb4-EAsT3sRusrXzpBg3MXw8BEcsv6nJwNiORpqu3G0E_KPA6x1_fndA_YxqT_2-w&sig=Cg0ArKJSzHqMuAiZl6yrEAE&cid=CAQSTADUE5ym2aAVusXtJS4MzDTNgMXkjbznDvuu0Fk9JwwRdhRZaWjr1VLkZZfvsQyDwWOeAeM1uoHl7nuGVQjobfwo40GKzMJy1QfFsWkYAQ&id=lidar2&mcvt=1000&p=30,1424,70,1465&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=721358286&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1678350219357&rpt=400&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0438 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2356462551732&version=m202301230201&ct=76&x=1&cor=15209841273206137000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 64A3 0
20 B 62ms
62ms Ping
image/gif 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1607575582475&version=m202301230201&ct=76&x=1&cor=4780282987154337000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7192 52 KB
17 KB 43ms
6ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 4274
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 09 Mar 2023 08:23:42 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 01 Mar 2023 07:12:12 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 4, 34781
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230131-FRA
X-Timer: S1678350222.200420,VS0,VE0

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 3878 3 KB
2 KB 64ms
11ms Document
text/html 104.18.11.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.11.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 571
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7a51ead8dad290fe-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 09 Mar 2023 08:23:42 GMT
expires: Thu, 09 Mar 2023 12:23:42 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 6F67 37 B
140 B 43ms
9ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://www.kinoafisha.info/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Thu, 09 Mar 2023 08:23:42 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7192 0
863 B 14ms
14ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
AN-X-Request-Uuid: 4ed63206-0c6e-4cac-8292-242066a563d1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame F090 1 KB
2 KB 61ms
9ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 05b0cd6a977640b44a5377694cd2987c68fa37b8acddb93d6e75d708e97436e6

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1523
Content-Type: text/html
Date: Thu, 09 Mar 2023 08:23:42 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F090
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid=&dcc=t

43 B
855 B

124ms
123ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DGEPT38970H05QAWZFPJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RWHRNPHQJ3SSC2TGGJJ2
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F090
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZAmXi3DqEAAK1IRuExz7WgAADL0AAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDj4W8K7Mcq3aaAqUnk7D0Y&google_cver=1

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDj4W8K7Mcq3aaAqUnk7D0Y&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEDj4W8K7Mcq3aaAqUnk7D0Y&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F090 70 B
265 B 127ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 09 Mar 2023 08:23:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F090
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7872868713252846163

43 B
632 B

22ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7872868713252846163
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Thu, 09 Mar 2023 08:23:42 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f1b9bff3-50fd-46e1-8385-c29cd988efce
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7872868713252846163
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F090
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=
Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

rum
dsum.casalemedia.com/ Frame F090
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=f92122d2-2592-4c65-8c36-e30fa13a86c0&ssp=index
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=eae6f90e-50e1-453c-bc28-9dd014e77c46&gdpr=&gdpr_consent=&us_privacy=

43 B
632 B

36ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=eae6f90e-50e1-453c-bc28-9dd014e77c46&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=eae6f90e-50e1-453c-bc28-9dd014e77c46&gdpr=&gdpr_consent=&us_privacy=
date: Thu, 09 Mar 2023 08:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F090
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685626532041971

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685626532041971
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5109685626532041971
Date: Thu, 09 Mar 2023 08:23:42 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame F090 43 B
433 B 149ms
33ms Image
image/gif 54.154.209.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.209.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-209-57.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:42 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
content-type: image/gif
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame F090 43 B
353 B 48ms
12ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZAmXi3DqEAAK1IRuExz7WgAA%263261
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:23:42 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 24247
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7a51ead9cedb9a2d-FRA
content-length: 43
expires: Fri, 10 Mar 2023 08:23:42 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7192 0
863 B 13ms
13ms Script
text/html 185.83.142.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 08:23:43 GMT
AN-X-Request-Uuid: 98e63b20-cfe9-4f93-995d-828827cb3eba
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 178.162.209.141; 178.162.209.141; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 17ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3GNTWFZ027&gtm=45je3360&_p=1318471940&cid=167482201.1678350219&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1678350218&sct=1&seg=0&dl=https%3A%2F%2Fwww.kinoafisha.info%2F&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%93%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%2C%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kinoafisha.info/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 08:23:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kinoafisha.info
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kinoafisha.info/	1969-12-31 23:59:59	Name: PHPSESSID Value: 9936ebdf413192e492db9c9abdcd33f8
.kinoafisha.info/	1970-01-20 10:55:42	Name: ka_city Value: bXNrLmtpbm9hZmlzaGEuaW5mb3xtc2s%3D
.kinoafisha.info/	1970-01-20 18:58:06	Name: _ym_uid Value: 1678350218838470480
.kinoafisha.info/	1970-01-20 18:58:06	Name: _ym_d Value: 1678350218
.vk.com/	1970-01-20 18:54:42	Name: remixlang Value: 6
.vk.com/	1970-01-20 18:58:06	Name: remixstlid Value: 9083010922493529574_bskaiin6ryqgZcT9qRTOtNifINCYWmN4MlGRwJbnPfw
.mc.yandex.com/	1970-01-20 10:12:30	Name: sync_cookie_csrf Value: 547228567fake
.kinoafisha.info/	1970-01-20 19:48:30	Name: _ga Value: GA1.2.167482201.1678350219
.kinoafisha.info/	1970-01-20 10:13:56	Name: _gid Value: GA1.2.1809659937.1678350219
.kinoafisha.info/	1970-01-20 10:12:30	Name: _gat_gtag_UA_21667993_5 Value: 1
.kinoafisha.info/	1970-01-20 10:13:42	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 10:12:30	Name: sync_cookie_csrf Value: 2898402781fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1713504281678350218
.yandex.com/	1970-01-20 19:48:30	Name: i Value: 8vFNcXKG7/oQmCrfmeAESM/3VajNzuQATKLbBp+1/SX3SCG17g2YhHoDv+X1NZptRIeoMdIr6WMckTTsHEyBozulzdw=
.yandex.com/	1970-01-20 18:58:06	Name: yandexuid Value: 1461596961678350218
.yandex.com/	1970-01-20 18:58:06	Name: yuidss Value: 1461596961678350218
.yandex.com/	1970-01-20 18:58:06	Name: ymex Value: 1709886218.yc.1678350218#1709886218.yrts.1678350218#1709886218.yrtsi.1678350218
.kinoafisha.info/	1970-01-20 19:34:06	Name: __gpi Value: UID=00000bc29f069979:T=1678350218:RT=1678350218:S=ALNI_MbbUUBraMgGWmqrMXzCqayNVmCexQ
.kinoafisha.info/	1970-01-20 19:48:30	Name: _ga_3GNTWFZ027 Value: GS1.1.1678350218.1.0.1678350219.59.0.0
.kinoafisha.info/	1970-01-20 19:34:06	Name: __gads Value: ID=a9624ad286b46380-2299c3c349dd0091:T=1678350218:S=ALNI_MbeE3IM6w2R1kKNx8YcE5KJ27H86w
.doubleclick.net/	1970-01-20 19:34:06	Name: IDE Value: AHWqTUm8gAHmcmCow8CHyG3Hm3x0EnLStmYANRb3z2B7eqUI_SNu6ij6byXmUAJS
.criteo.com/	1970-01-20 19:34:06	Name: uid Value: 47546f8b-bc89-4f9e-9bf7-752109536fff
.adnxs.com/	1970-01-20 12:22:06	Name: uuid2 Value: 7872868713252846163
.casalemedia.com/	1970-01-20 18:58:06	Name: CMID Value: ZAmXi3DqEAAK1IRuExz7WgAA
.casalemedia.com/	1970-01-20 12:22:06	Name: CMPS Value: 3261
.casalemedia.com/	1970-01-20 12:22:06	Name: CMPRO Value: 3261
.adnxs.com/	1970-01-20 12:22:06	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C''mS.M1!]tbPl1M>e)ZlrFUfJ+tGXxo@@Jszwa=K-NBAdifSl1N``_A=lc0QKmEMM0=bpRzqF1`b`6T2p58
.kinoafisha.info/	1970-01-20 19:34:06	Name: cto_bundle Value: 4xX-JV8lMkJRJTJCTGlzOWdOWnczYk84RmVZUmM4Y2E4UkFmY2tGUlFLYzF0QVA2OEFoU3ZmVnZOaXdBWSUyQnVQRDFKUFdrMVdpVEszQms3bXFRUlRZdXUwUSUyQjVhWktQT3plYmwxSnZVYUpsM240NERuWnJBVW9BVzd4WVp5YU9mRXN2QXJJbEVCRXhCaTRUOXBJVzgweEtTTmxmR0c4ZyUzRCUzRA
.rfihub.com/	1970-01-20 19:34:06	Name: eud Value: H4sIAAAAAAAA__vFyGtoZm5hbGpgZGRkYmIGAC5tbSMQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjM1NjIwMbQ0NxTiM9TNT7PMMDNNMwoM8gkGAKfYfRYlAAAA
.rfihub.com/	1970-01-20 19:34:06	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjM1NjIwMbQ0NxTiM9TNT7PMMDNNMwoM8gkGAKfYfRYlAAAA
.bidswitch.net/	1970-01-20 18:58:06	Name: tuuid Value: eae6f90e-50e1-453c-bc28-9dd014e77c46
.bidswitch.net/	1970-01-20 18:58:06	Name: c Value: 1678350222
.bidswitch.net/	1970-01-20 18:58:06	Name: tuuid_lu Value: 1678350222
.scoota.co/	1970-01-20 19:48:30	Name: tuuid Value: f92122d2-2592-4c65-8c36-e30fa13a86c0
.scoota.co/	1970-01-20 19:48:30	Name: c Value: 1678350222
.scoota.co/	1970-01-20 19:48:30	Name: tuuid_lu Value: 1678350222
.amazon-adsystem.com/	1970-01-20 15:09:08	Name: ad-id Value: A8F-zBMM6EBbkiDKpjIMhg8
.amazon-adsystem.com/	1970-01-20 19:48:30	Name: ad-privacy Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06be5e2e6ab0cd0228596a4d9255b380.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
b1sync.zemanta.com
bidder.criteo.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn-b.notsy.io
cdn.indexww.com
cdn.jsdelivr.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fw.adsafeprotected.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
jsn.24smi.net
match.adsrvr.org
match.prod.bidr.io
mc.yandex.com
mc.yandex.ru
mug.criteo.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
prebid-eu.creativecdn.com
r.scoota.co
region1.analytics.google.com
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
static.kinoafisha.info
stats.g.doubleclick.net
tlx.3lift.com
tpc.googlesyndication.com
vk.com
widget.premieralight.ru
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.kinoafisha.info
x.bidswitch.net
ym-tack.b-cdn.net
104.18.10.47
104.18.11.47
104.18.25.185
108.138.4.10
108.138.4.150
13.248.245.213
142.250.185.66
142.250.186.162
151.101.193.108
178.250.0.157
185.180.12.68
185.184.8.90
185.80.39.216
185.83.142.19
185.89.210.244
193.0.160.130
195.209.111.15
2001:4860:4802:34::36
209.54.182.161
213.189.208.20
2400:52e0:1e00::723:1
2600:1f13:800:7780:c8d2:cc35:8371:b2d9
2600:9000:238d:e200:8:48e:53c0:93a1
2606:4700:10::6816:178e
2606:4700::6810:5914
2a00:1450:4001:800::2003
2a00:1450:4001:803::2008
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:400d:803::2004
2a00:1450:400d:806::2002
2a00:1450:400d:807::2001
2a00:1450:400d:808::2002
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a00:1450:4025:402::9b
2a02:2638:3::7
2a02:2638:3::c
2a02:2638::3
2a02:6b8::1:119
2a06:98c1:3122:e000::c
2a0c:5c81:5142::2
3.65.89.114
35.156.241.175
35.157.246.167
35.71.131.137
37.157.5.142
50.31.142.31
52.214.158.183
52.30.84.16
54.154.209.57
87.240.137.164
00376c0c805d0c110bda492afa68de626789b4bc7fb892579cf701519c5aca4c
0109f5e876e29d05f16c2ed79f6fa80b1edd04ec5112ae63b4937a75d55c1182
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05b0cd6a977640b44a5377694cd2987c68fa37b8acddb93d6e75d708e97436e6
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0977d027e31c96ac0ebe97ffc9c8821047dc6c26c6dd7ad623b102ab59c0aada
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1218a409d4cb7cf3b4ea211658b293754d9e14e20802660e0a20e2d0deb4e62c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13eada2d62ca0f0476009daeffbedc27cdc454b26649f7cc5125ec50f1aa4174
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
16e90466e3b094019d62f924341d643365c2bc532c10f25b389f993b767ecc80
18c3c5da0114c7f2a445b6ec6d651d3816cd3cdf56cf334ef9b04161607f45cb
1bd4b6c45e7bc6a8d91d052fd971d32dae0282cdc0a8513ff8dc60f4b3f2a274
2060077bd731e5532e89b2a0a84af61e9f8759dc3177f7bec0f0254ef2dbf954
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25df65a21577c6e620df36e7ec934bfacf79fbc1f212a39d1e104293069d73e1
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27c302f43bcab119d8bbb14116ac9a65b29b37c8e2768a4e18c8bc6e1860c5eb
2aa1866e8c4656ea0e90d47e35c92fc59b2e59a09bccb7e2141d047e80f0c79d
2b54085bfd350fea76bee85aebe19330ca0c10dbe5aa67578bbfffe2f110dc99
2bfd282d2a437f44ef99b381d15edf9ffa3b6da2fa13152eb7530a62fa0075c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
2ffd0fe616375c62a7e4924119f4b7dc8800fa453c118b26a15df4ab34009eb9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3192c9a7e98a6d2874cde7e3a27c4f6149d4b1034ac6acd81a7d2d6ef1393761
33d3105f647956d7fcdbf1834bebb5d37ea66545a133bfe8ae370ed230bc90f9
33f9ead7fae54c82646263926dec8ae0308fdf0d4ba1f9db66a45a9726223a44
340e79a7efae87309e8b015c70816b6d8b2aaecc5b8d4a17193f8d43bf2a7f63
39a39748b8feb8574caf0d6d5d3a846532ef6a5fecaa61b0001e799578ee4e40
3a8a4d3546806481db8e1a3149d3bc4fbc7519226a93bda4a2dabcd3feb5e696
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
425a93feae79c0808f131cdd0d448df52229d6c385a287e368772984bf328787
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4689b605c7e44e4125672ebc9838c8946cdc517ab632c86a8a7b7c5e0021a79f
482ada0c97058d056aea718cb8b7e5464702f539cdbc942d55f731a88b8cc2ab
48ea2e712be5ea8e927f94aa6eb5cdfa9466ac2205ce1aad52ada70c605b1063
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53084a509d23366b29980e94b52eb27211c38dafe70d46a46ac2aab9a5970151
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5531db68de4c5ee84e552a4bb348077e5404f681cc1be356b4000aa5dded7ac5
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5947012b2b359a009b28b9dcdb9fc6bd46ecb517d572fa2a0a3d95dc982ffbb6
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5eb3dbf6094861db4230debabbf2fa752dab94c4981e6d4d99f6562b49c5e4af
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fac2bd6e9e9d2ad2665a567d3e3d842c16114e08c1137ffe3432a5fe60202e
630ba185645bfcabac41bc349aeab2f6694988f3492c42fa3fdcfe39cc3d143a
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6ca00ea6870d19ba164c79031d3a49739695e0ffa7e9d7c2739840fbb3cd647b
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
71559201aa0eb92d596f3404e36c290dd2ca535746543e3ae1a186cf27a19eec
71b1eedb435ff26e9c35fd17ffda52d1401203ff4b254aa7d4c266374dac8d07
73d8c98b86143e9d271f10f79e337994a1a9d967b422168697e7423cba3806aa
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75303046884e18e0f63d9a587ccd73cbbd3f1eb37a90c1c799e48906ed614585
7577881926970191a7a97d0045b74790592409478613742747ebafe7df5c09de
76051ad9e33633d69ed5a970d9e253a48befa58076507d89d05b1a727ec51457
7814d007ac1fe3fba84aef4c4a9de3be417219f61a26a120b6cf2cff04d1f9d6
7b238bd57150d1e00add029f25524829bcf5e9823ecfdef62c70adcef9fa6087
809d5e6ffe4af97ac006f280567b58e81299449c3572fc52dcf7f6d47a7f4274
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835c46f680eda60ae7a5ebe49e9a7c9187e98bdb7f859226cdee3a03f178c8b4
848d8ae140a91bcc82249732af4294a6cd669e5caf1e4d616eea538067e84877
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1
85912f398434038a6c9e357133cc2dace9ad83bc9f38fcbd1de61abbaad36905
87bad049866b876cc8a5db6d56f8a85f7b766a733ca3d41819337e97cf43d26f
8bb9193ce25e73ed5a76396220994b8b509d110113fd14a28a399e6a4f6fe35a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da2229422a25a821fa5dc543ad5a82b9d9ea2ff7959e4899ae1a8404cf18350
9099f978e1e3385ec525f0c69a9d4879551785a51c498920c16a34fa10ffbbf8
9798cea005aac4333203616f34c5eb42c280d1964703c9bac73e84013cdd9125
97d67f8c2575e19d30ae28a32bad7610849e0e56c81ca66e51178124a5c5eed2
9b4a6ebe3e504b894684b8e94e18e39c512908b42313776600c3cde2452f04df
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a289af45b78e4755907c7a1a6b01512e5149c7afa904d1913b081b07e341d2ac
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a910bcd6563c7e78d6dafb506dc0a6504bdbd683705656df3a78a3e34fa70f52
ab012c14a972ae3a3b1b71777100fceeb64e2aa2ab3a7d5df81138acce9c3b37
add5972e81248891bfbba9d9279c838ff96b473152f812cdbed12a564c7a6616
afc1448b426761a59378f46afe85f2f88065998dae71aca11a40e23e25fd68df
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dcc20207f17a4dd9a8e767e73b386c06623440ed4bb6a19895cfcf0a5db52f
b42ad3ab3631144b8d67244ab3b5c9538e8f522f3f3b40ec62e9c111e81f988a
b67535afebe43178333e9b0482a2611b058f9f1cfb733b8b4d54dbfc91c3d04b
b769bb553e828a3d6190ab67ada3f4f01e3cdc6c5ac270b7176fbddd011ba026
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbd8d9108d0310c609bc603d72db751fbee61125d9cee2a760650f7699b86a89
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c84ef71fee12c3bbbb057e178309ad301d2193eb48acd13c7683e7c7b792f6c2
c97e2cb6c5f1fca4d1f0731cb9da921c9535d63036ad075cf7724fec9adfac07
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
cb7d191eeade124bcf4fe9ebeff0da9575e6410937eb4eda086dee632dca1cf8
cf0e934daa92ef101fcdf4f64d318324f197533bc3a8ad60630a947cef5d7073
d18a2dc53eefab7c166340605fb398a07220d2954c89a882e420e2ccf6efde88
d2aee40a90fc7bb865be856546c276ec7cfee3a1a52d772449f9b0a78fbc57ab
dbeb2d3f6217c0a4b40475a71d0d8457aaabbcd4b7bbc6f70dd93b46d374165c
dcca52457c1b10aff6d72bc5a6e157d02a57add60df0bedbe63efac38317d8bc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1ac41bb28fdffba67cb09c2f6c95e5048bdcc328cd26e01a0bb873ddb624fd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e52ed875f727b75380e284e0fd4a241e2b760f87b2489fbda68ce5d578512e6d
e549caaf78aaf127a46268b7756bfdcf79c304df053a85a5c679a0f5ffaa9034
e58798939afd607aa76e8be948216df69422fb6cb44d15aa7775e56c51ec4bad
e7e169d23ae5ecb929e86545809fadedfee687f1c34bbf96256859f10fa94f49
e7f3e71876e4322338f5656ce56baf5381a02564b2dcb1058c35d48f99aa68a1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21c776e45cd0bd044378b4d83cef2404483ef5636185564af328c5efb5df038
fa5aa5884605a929b69e0410f7b72ade42d9ef6f51973872d31f4b0ae76cdd3f
ff65a7a177e59e3aa85326a955e17505286a3db29063472846e5d52167370648

www.kinoafisha.info Open in urlscan Pro 2606:4700:10::6816:178e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

191 Requests

90 %HTTPS

47 %IPv6

37 Domains

60 Subdomains

51 IPs

12 Countries

2150 kBTransfer

6374 kBSize

39 Cookies

235 Outgoing links

Redirected requests

191 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kinoafisha.info Open in urlscan Pro
2606:4700:10::6816:178e Public Scan

Screenshot
Live screenshot

Full Image

191
Requests

90 %
HTTPS

47 %
IPv6

37
Domains

60
Subdomains

51
IPs

12
Countries

2150 kB
Transfer

6374 kB
Size

39
Cookies

191 HTTP transactions
8 data transactions