URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Submission: On March 09 via manual from RO

Summary

This website contacted 36 IPs in 8 countries across 25 domains to perform 80 HTTP transactions. The main IP is 54.36.174.44, located in Woodbridge, United States and belongs to OVH, FR. The main domain is fili.cc.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 17th 2018. Valid for: a year.
This is the only time fili.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 54.36.174.44 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 178.32.202.244 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
3 178.32.202.249 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.109.85.152 20940 (AKAMAI-ASN1)
1 6 178.32.202.248 16276 (OVH)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 185.33.223.203 29990 (ASN-APPNEXUS)
7 37.157.2.239 198622 (ADFORM)
1 178.250.2.89 44788 (ASN-CRITE...)
1 185.184.8.30 204995 (RTB-HOUSE...)
3 185.86.137.42 201081 (SMARTADSE...)
1 91.134.222.90 16276 (OVH)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:b8:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 68.232.35.16 15133 (EDGECAST)
3 37.157.5.72 198622 (ADFORM)
3 104.111.253.20 16625 (AKAMAI-AS)
1 85.14.248.72 24961 (MYLOC-AS)
1 2 54.194.108.5 16509 (AMAZON-02)
1 52.29.0.220 16509 (AMAZON-02)
2 213.254.244.18 36062 (DOUBLE-VE...)
1 178.250.2.130 44788 (ASN-CRITE...)
1 185.86.138.79 201081 (SMARTADSE...)
1 213.254.244.22 36062 (DOUBLE-VE...)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 151.101.121.108 54113 (FASTLY)
80 36
Domain Requested by
10 static.fili.cc fili.cc
6 track.adform.net ced-ns.sascdn.com
s1.adform.net
6 a.spolecznosci.net 1 redirects fili.cc
s.spolecznosci.net
6 fili.cc fili.cc
4 pagead2.googlesyndication.com s.spolecznosci.net
pagead2.googlesyndication.com
4 fonts.gstatic.com fili.cc
3 s1.adform.net track.adform.net
s1.adform.net
fili.cc
3 prg.smartadserver.com s.spolecznosci.net
ced-ns.sascdn.com
3 spolecznosci.net s.spolecznosci.net
spolecznosci.mgr.consensu.org
pagead2.googlesyndication.com
3 spolecznosci.mgr.consensu.org s.spolecznosci.net
spolecznosci.mgr.consensu.org
2 tps20225.doubleverify.com cdn.doubleverify.com
2 vfde.demdex.net 1 redirects fili.cc
2 cdn.doubleverify.com s1.adform.net
fili.cc
2 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 acdn.adnxs.com s.spolecznosci.net
1 csync.smartadserver.com s.spolecznosci.net
1 diff3.smartadserver.com
1 static.criteo.net s.spolecznosci.net
1 tps40.doubleverify.com cdn.doubleverify.com
1 cdn3.doubleverify.com cdn.doubleverify.com
1 vfd2dyn.vodafone.de fili.cc
1 m.exactag.com fili.cc
1 ec-ns.sascdn.com ced-ns.sascdn.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 ced-ns.sascdn.com fili.cc
1 delivery.clickonometrics.pl s.spolecznosci.net
1 prebid-eu.creativecdn.com s.spolecznosci.net
1 bidder.criteo.com s.spolecznosci.net
1 adx.adform.net s.spolecznosci.net
1 ib.adnxs.com s.spolecznosci.net
1 vendorlist.consensu.org spolecznosci.mgr.consensu.org
1 stats.g.doubleclick.net fili.cc
1 www.g2a.com fili.cc
1 www.gstatic.com www.google.com
1 s.spolecznosci.net fili.cc
1 www.googletagmanager.com fili.cc
1 www.google.com fili.cc
1 fonts.googleapis.com fili.cc
80 41

This site contains no links.

Subject Issuer Validity Valid
*.fili.cc
COMODO RSA Domain Validation Secure Server CA
2018-04-17 -
2019-04-17
a year crt.sh
*.googleapis.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
www.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
*.spolecznosci.net
COMODO RSA Domain Validation Secure Server CA
2018-03-28 -
2019-03-28
a year crt.sh
*.google.com
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
spolecznosci.mgr.consensu.org
COMODO RSA Domain Validation Secure Server CA
2018-10-04 -
2019-10-04
a year crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA
2018-04-24 -
2020-04-23
2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2019-03-01 -
2019-05-24
3 months crt.sh
vendorlist.consensu.org
Amazon
2019-03-06 -
2020-04-06
a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA
2018-02-02 -
2019-10-02
2 years crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA
2018-11-05 -
2020-01-03
a year crt.sh
*.creativecdn.com
RapidSSL RSA CA 2018
2019-01-11 -
2021-04-11
2 years crt.sh
*.smartadserver.com
Thawte RSA CA 2018
2018-09-07 -
2020-02-17
a year crt.sh
*.clickonometrics.pl
nazwaSSL
2018-03-19 -
2019-03-19
a year crt.sh
*.sascdn.com
DigiCert ECC Secure Server CA
2018-05-09 -
2019-05-09
a year crt.sh
*.doubleverify.com
DigiCert ECC Secure Server CA
2019-01-22 -
2020-01-22
a year crt.sh
*.exactag.com
COMODO ECC Domain Validation Secure Server CA
2016-09-14 -
2019-09-14
3 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
dyn.vodafone.de
DigiCert SHA2 Secure Server CA
2018-09-24 -
2020-09-28
2 years crt.sh
*.criteo.net
DigiCert SHA2 Secure Server CA
2018-11-08 -
2019-12-19
a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3
2018-07-13 -
2019-06-07
a year crt.sh

This page contains 14 frames:

Primary Page: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Frame ID: CF040B2A68EF996746DEDCE488561A2B
Requests: 51 HTTP requests in this frame

Frame: https://www.g2a.com/r/a3a1
Frame ID: 9F133627A87A95D10AB3226070253325
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/files/data.45.htm?Ho_fili.cc
Frame ID: 2E1817DB153E7FBE3668F9A567EC9243
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.mgr.consensu.org/portal.html
Frame ID: 798AC0948970FED41B11224DCC47647F
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/portal.html
Frame ID: D8DE7E901492D5C8B8319464AD3911C8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/show_ads_impl.js
Frame ID: 4EF5DBDF3D5D9F57C7BBBC07F22DE2B6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190306/r20190131/zrt_lookup.html
Frame ID: CF88B3458B58652BBB88EB8FB7EA843A
Requests: 1 HTTP requests in this frame

Frame: https://spolecznosci.net/adex.php?i=3534&s=AdxFili
Frame ID: 4BBB7B7DA9FD27419183F2CBD1F952B2
Requests: 1 HTTP requests in this frame

Frame: https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22235414803649591447%22%2c%22adomain%22%3a%22vodafone.de%22%2c%22page%22%3a%22996229%22%2c%22format%22%3a%2247841%22%2c%22crid%22%3a%2229052084%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2213314%22%2c%22cid%22%3a%221570316%22%2c%22adid%22%3a%2229052084%22%2c%22hash%22%3a%22-1860555786046064991%22%7d
Frame ID: A7A7C284BF2C918E86A5FE6C4B44EC04
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=29052084;rtbwp=qWYqCINgGiW0avv3WJzKGQJxzR6r16pN6VZ8Dg;rtbdata=gkidAtj_mNtLcSdZY3sSmQeXXoHTZrWgBgkgUqHujYR8SEma2DNDFO0sUD_vW9SO0E1vERQCFExKrYDUgJeIUIzhE4Vqdgk3gNNib6DlSuYAKTRIn2r_-opEsjGOlwJcY35kaWx7e8yQuzL18f1bbIiqCLEK51ZFA_BtO0RAdxEveqVeBAH6wn6yt7oK8sapaK0i99B7-NJlKlf_A-yeCwlJVdhVNP38vOW3f4J95Z5xUImtpL_lA2wvUyEK1_ElcPH1LJlPdC30LrBRX5DUJ-71FujaE3E2uQaDSrO75g9cgaoIdDxrQj99CKaGvp6-bozUPx2r6rv57kpMlB5I9Y_BsPPTF-i-0
Frame ID: B438DECEA3CCA50B923115BE4FE715D8
Requests: 14 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements257.js
Frame ID: 75C32BA0F6FAF87522D4F620A7076C31
Requests: 4 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/t2tv7.html
Frame ID: 324AE323EE8CC5E8D8E23E7BFD526E09
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=384&dcid=3&iscname=false&cname=
Frame ID: EA2E53A5A1B96C9D4D9B4A8D8E2F3EAD
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 481A3FDB1D4086548878362A2EE240B3
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • env /^criteo/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i

Page Statistics

80
Requests

100 %
HTTPS

39 %
IPv6

25
Domains

41
Subdomains

36
IPs

8
Countries

1104 kB
Transfer

2605 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26
  • https://a.spolecznosci.net/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n=0.4712850959519719 HTTP 302
  • https://a.spolecznosci.net/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n=0.4712850959519719&nr=1
Request Chain 30
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1572673615&t=pageview&_s=1&dl=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&ul=en-us&de=UTF-8&dt=%5Bs01e03%5D%20The%20Balloonman%20-%20Gotham%20-%20Fili.cc%20-%20filiser%20filmy%20i%20seriale%20online&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=674107965&gjid=1808470332&cid=457829061.1552171620&tid=UA-68827056-6&_gid=1630415811.1552171620&_r=1&gtm=2ou2q1&z=996511157 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68827056-6&cid=457829061.1552171620&jid=674107965&_gid=1630415811.1552171620&gjid=1808470332&_v=j73&z=996511157
Request Chain 53
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365165112249593&output=html&h=200&slotname=Fili.cc%2FFili.cc_ROS%2FFili.cc_ROS_Doublebillboard1&adk=2389675965&adf=2822736853&w=750&lmt=1552171622&npa=1&guci=1.2.0.0.2.1.0.0&format=750x200&url=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&flash=0&wgl=1&adsid=NT&dt=1552171622356&bpp=18&bdt=2605&fdt=61&idt=60&shv=r20190306&cbv=r20190131&saldr=aa&abxe=1&correlator=3106391243779&frm=20&pv=2&ga_vid=457829061.1552171620&ga_sid=1552171622&ga_hid=1572673615&ga_fc=0&iag=0&icsg=2147494412&dssz=22&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=243&ady=701&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853%2C21063246&oid=3&rx=0&eae=0&fc=656&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=do%7Co%7CoeE%7C&abl=NS&ppjl=u&pfx=0&fu=16&bc=15&osw_key=3674288815&ifi=1&uci=1.ot3q3zvyptxb&fsb=1&xpc=ufRy6xYjXX&p=https%3A//fili.cc&dtd=94 HTTP 302
  • https://spolecznosci.net/adex.php?i=3534&s=AdxFili
Request Chain 62
  • https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772 HTTP 302
  • https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772

80 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set 23203
fili.cc/serial/gotham/s01e03/the-balloonman/
20 KB
6 KB
Document
General
Full URL
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
b03b2fdcf0111214cdb2c8b21c9ce2b6854f972a4d5b6a05ecf0d6ece770fbae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Host
fili.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-DNS-Prefetch-Control
off
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Download-Options
noopen
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Set-Cookie
ali=true; Max-Age=604800; Path=/; Expires=Sat, 16 Mar 2019 22:46:59 GMT; HttpOnly
Content-Type
text/html; charset=utf-8
ETag
W/"510d-yQ4bcUGNiHV/mBFT+NNBkNoK8kY"
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Transfer-Encoding
chunked
style.2.0.7.css
fili.cc/assets/css/
132 KB
17 KB
Stylesheet
General
Full URL
https://fili.cc/assets/css/style.2.0.7.css
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
1cfc26efda4892cb5e975f7e38a5db663d24940403dc52d3cd4be7634c56caae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Cookie
ali=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 09 Jan 2019 01:36:04 GMT
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Mar 2019 22:46:59 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=2678400
ETag
W/"21047-16830408fa0"
Accept-Ranges
bytes
css
fonts.googleapis.com/
7 KB
758 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
b3d14d1b50ce79edbcdede2f1fe0f39e34a0d531d8e8b0b6c9dd9eb9d81c1ba6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 09 Mar 2019 22:46:59 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 09 Mar 2019 22:46:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2019 22:46:59 GMT
font-awesome.min.css
fili.cc/assets/css/
26 KB
6 KB
Stylesheet
General
Full URL
https://fili.cc/assets/css/font-awesome.min.css
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Cookie
ali=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Jul 2018 01:34:49 GMT
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Mar 2019 22:46:59 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
text/css; charset=UTF-8
Cache-Control
public, max-age=2592000
ETag
W/"6857-164d43966a8"
Accept-Ranges
bytes
logo2.png
static.fili.cc/assets/img/
968 B
1 KB
Image
General
Full URL
https://static.fili.cc/assets/img/logo2.png
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
1f74a651f91b4434b7dc2f1fd9433829ebb1b59318db7c40fc2875ae037dae47
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Jul 2018 01:34:59 GMT
ETag
W/"3c8-164d4398db8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
968
X-XSS-Protection
1; mode=block
gotham.SJsnOjtXoZ.jpg
static.fili.cc/uploads/thumbs/
30 KB
31 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/gotham.SJsnOjtXoZ.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
079e5f3fa150d446ab5b3336b642e391195af694a603d2308c39a73d5e5e84dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Sep 2017 07:21:24 GMT
ETag
W/"78e3-15ead9cbd20"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
30947
X-XSS-Protection
1; mode=block
breaking.bad_Hy-CnDtR7x.jpg
static.fili.cc/uploads/thumbs/
40 KB
41 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/breaking.bad_Hy-CnDtR7x.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
4a17c4ec67218b9161fd4efcbc727fcd1786757a01ec5debcb81db08ed50597f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jun 2017 21:35:49 GMT
ETag
W/"a1e3-15c9e3bf708"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
41443
X-XSS-Protection
1; mode=block
skazany.na.smierc.ByxyGA7Cr-.jpg
static.fili.cc/uploads/thumbs/
34 KB
34 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/skazany.na.smierc.ByxyGA7Cr-.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
50279cc9473c6c781e9fa7bf27f285f495394e8bfb957d0e0b9797615c082563
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 20 Jul 2017 13:20:07 GMT
ETag
W/"87a7-15d6027cb58"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
34727
X-XSS-Protection
1; mode=block
lucyfer.HJbZK3NEr7.jpg
static.fili.cc/uploads/thumbs/
8 KB
9 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/lucyfer.HJbZK3NEr7.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
79969f491accd20f7afcaea668f86397b1e3f69cf5838db2bc2beb2645da6b77
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Sun, 05 Aug 2018 08:59:36 GMT
ETag
W/"2161-165095034c0"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
8545
X-XSS-Protection
1; mode=block
sposob.na.morderstwo_Bk-EBhYRmx.jpg
static.fili.cc/uploads/thumbs/
30 KB
30 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/sposob.na.morderstwo_Bk-EBhYRmx.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
ee0a94655495dde95869999d3feea0f17fbe8e7028dd322a63681e2996741ebb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jun 2017 21:35:48 GMT
ETag
W/"779a-15c9e3bf320"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
30618
X-XSS-Protection
1; mode=block
narcos_rJbRO9Y07l.jpg
static.fili.cc/uploads/thumbs/
27 KB
27 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/narcos_rJbRO9Y07l.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
e6721cace80a5cb8050b0ba005134489cd511bc656243bf0eb6eb7eac626020c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jun 2017 21:35:47 GMT
ETag
W/"6b03-15c9e3bef38"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
27395
X-XSS-Protection
1; mode=block
dexter_Bk-LUuF0Xl.jpg
static.fili.cc/uploads/thumbs/
34 KB
35 KB
Image
General
Full URL
https://static.fili.cc/uploads/thumbs/dexter_Bk-LUuF0Xl.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
31c74f49e5dbab1b34feafa2498ad11094bd8a1ee80fecc9239abddcb15bb4de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Mon, 12 Jun 2017 21:35:48 GMT
ETag
W/"89c9-15c9e3bf320"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
35273
X-XSS-Protection
1; mode=block
default_avatar.jpg
static.fili.cc/assets/img/
5 KB
6 KB
Image
General
Full URL
https://static.fili.cc/assets/img/default_avatar.jpg
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
ca66d33b74abcc1339855083c4eedc34bcc8ce9774a1b02fa89b560b4876fd2a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Jul 2018 01:34:54 GMT
ETag
W/"14ba-164d4397a30"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
5306
X-XSS-Protection
1; mode=block
jquery-3.2.1.min.js
static.fili.cc/assets/libs/
85 KB
30 KB
Script
General
Full URL
https://static.fili.cc/assets/libs/jquery-3.2.1.min.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
static.fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-XSS-Protection
1; mode=block
Last-Modified
Thu, 26 Jul 2018 01:35:01 GMT
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Mar 2019 22:46:59 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=2592000
ETag
W/"15283-164d4399588"
Accept-Ranges
bytes
api.js
www.google.com/recaptcha/
762 B
544 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:824::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
98239ebcc48e7c9dabc57f495946c02b3e3c907d839f6b69971aee32e237ed85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:46:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
447
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2019 22:46:59 GMT
scripts.2.0.7.js
fili.cc/assets/js/
53 KB
10 KB
Script
General
Full URL
https://fili.cc/assets/js/scripts.2.0.7.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
07d8d301cc4ba670b69ccee15a477dd0dbd369d7f52374f6efade824d7c31450
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Cookie
ali=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Connection
keep-alive
X-DNS-Prefetch-Control
off
X-XSS-Protection
1; mode=block
Last-Modified
Sat, 29 Dec 2018 01:34:54 GMT
X-Frame-Options
SAMEORIGIN
Date
Sat, 09 Mar 2019 22:46:59 GMT
X-Download-Options
noopen
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=2678400
ETag
W/"d4a2-167f7998a30"
Accept-Ranges
bytes
js
www.googletagmanager.com/gtag/
62 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-68827056-6
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
fbae279ebef13eafbfe0da3b9b458f03aa3a2397e948440d4dea33aa3da466fe
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:46:59 GMT
content-encoding
br
last-modified
Fri, 08 Mar 2019 00:53:16 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
23997
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2019 22:46:59 GMT
core2-min.js
s.spolecznosci.net/js/
296 KB
109 KB
Script
General
Full URL
https://s.spolecznosci.net/js/core2-min.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.244 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
41b1587d5ddda06f0cf6449e2d1e2789d8e3b35ddc29b85a693fa451c444b6fa

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:46:59 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600, private
Transfer-Encoding
chunked
Expires
Sat, 09 Mar 2019 23:46:59 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Origin
https://fili.cc

Response headers

date
Fri, 08 Mar 2019 23:23:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
84233
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8892
x-xss-protection
1; mode=block
expires
Sat, 07 Mar 2020 23:23:06 GMT
search_icon.png
fili.cc/assets/img/
287 B
764 B
Image
General
Full URL
https://fili.cc/assets/img/search_icon.png
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
7c5fe63d05526e54873d76837da383519edca4db31614f3277b67ee7b8b027e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://fili.cc/assets/css/style.2.0.7.css
Cookie
ali=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://fili.cc/assets/css/style.2.0.7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Jul 2018 01:34:59 GMT
ETag
W/"11f-164d4398db8"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
287
X-XSS-Protection
1; mode=block
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Origin
https://fili.cc

Response headers

date
Sat, 09 Mar 2019 03:35:16 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:38 GMT
server
sffe
age
69103
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8732
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:35:16 GMT
fontawesome-webfont.woff2
fili.cc/assets/fonts/
63 KB
63 KB
Font
General
Full URL
https://fili.cc/assets/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.174.44 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ns3102755.ip-54-36-174.eu
Software
/
Resource Hash
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://fili.cc
Accept-Encoding
gzip, deflate, br
Host
fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://fili.cc/assets/css/font-awesome.min.css
Cookie
ali=true
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/assets/css/font-awesome.min.css
Origin
https://fili.cc

Response headers

Strict-Transport-Security
max-age=15552000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 26 Jul 2018 01:34:53 GMT
ETag
W/"fbd0-164d4397648"
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Content-Type
application/font-woff2
Cache-Control
public, max-age=2592000
Date
Sat, 09 Mar 2019 22:46:59 GMT
Connection
keep-alive
Accept-Ranges
bytes
X-DNS-Prefetch-Control
off
Content-Length
64464
X-XSS-Protection
1; mode=block
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Origin
https://fili.cc

Response headers

date
Sat, 09 Mar 2019 02:13:10 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:48 GMT
server
sffe
age
74029
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8916
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 02:13:10 GMT
mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
fonts.gstatic.com/s/opensans/v15/
7 KB
7 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFW50bf8pkAp6a.woff2
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&subset=latin-ext
Origin
https://fili.cc

Response headers

date
Sat, 09 Mar 2019 00:03:25 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:45 GMT
server
sffe
age
81814
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7176
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 00:03:25 GMT
cmp.stable.min.js
spolecznosci.mgr.consensu.org/js/
4 KB
2 KB
Script
General
Full URL
https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.249 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aee8a1c099b6232b1ce9a4a05657d5ed4ae66b61b9f85ef18f3ccf606610628e

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 10:56:40 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600, public
Transfer-Encoding
chunked
Expires
Sat, 09 Mar 2019 23:47:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1551681158638/
260 KB
90 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/api2/v1551681158638/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
224188bb6dab42ea7cdaf59b0476e84c06ba69efbbc8c469c9d1bd5df2d5e730
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 03:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Mar 2019 20:15:00 GMT
server
sffe
age
69594
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
92290
x-xss-protection
1; mode=block
expires
Sun, 08 Mar 2020 03:27:06 GMT
a3a1
www.g2a.com/r/ Frame 9F13
0
0
Document
General
Full URL
https://www.g2a.com/r/a3a1
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.85.152 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-85-152.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/r/a3a1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
270
expires
Sat, 09 Mar 2019 22:47:00 GMT
date
Sat, 09 Mar 2019 22:47:00 GMT
x-clacks-overhead
GNU Terry Pratchett
pet
a.spolecznosci.net/
Redirect Chain
  • https://a.spolecznosci.net/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n...
  • https://a.spolecznosci.net/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n...
6 KB
2 KB
Script
General
Full URL
https://a.spolecznosci.net/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n=0.4712850959519719&nr=1
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.248 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
84c0bca73e7b3650881f9cff061cc81d4c1747783273d2b9e57af4067de6924c

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Runtime
2
Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 22:47:00 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
X-Runtime-details
a0-b1-c1-d1-e1-f1-j1-k1-g1-y1-z2

Redirect headers

Access-Control-Allow-Origin
*
Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Length
0
Location
/pet?s=Fili&x=3533,3539,4245&safe=0&ut=&uu=null&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n=0.4712850959519719&nr=1
Content-Type
application/javascript; charset=UTF-8
data.45.htm
spolecznosci.net/files/ Frame 2E18
0
0
Document
General
Full URL
https://spolecznosci.net/files/data.45.htm?Ho_fili.cc
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.244 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
spolecznosci.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Server
nginx
Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Type
text/html
Last-Modified
Fri, 28 Sep 2018 09:14:02 GMT
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Sun, 08 Mar 2020 22:47:00 GMT
Cache-Control
max-age=31536000 public
Content-Encoding
gzip
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68827056-6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3606
date
Sat, 09 Mar 2019 21:46:54 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Sat, 09 Mar 2019 23:46:54 GMT
cmp.min.js
spolecznosci.mgr.consensu.org/js/
142 KB
45 KB
Script
General
Full URL
https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Requested by
Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.stable.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.249 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
cd90a6ad55a59a36e55c027561de2b6dd91dc1592255e482067c81a1d1aee81e

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 10:56:40 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600, public
Transfer-Encoding
chunked
Expires
Sat, 09 Mar 2019 23:47:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1572673615&t=pageview&_s=1&dl=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&ul=en-us&de=UTF-8&dt=%5Bs01e03%5D%20T...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68827056-6&cid=457829061.1552171620&jid=674107965&_gid=1630415811.1552171620&gjid=1808470332&_v=j73&z=996511157
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68827056-6&cid=457829061.1552171620&jid=674107965&_gid=1630415811.1552171620&gjid=1808470332&_v=j73&z=996511157
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sat, 09 Mar 2019 22:47:00 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:00 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-68827056-6&cid=457829061.1552171620&jid=674107965&_gid=1630415811.1552171620&gjid=1808470332&_v=j73&z=996511157
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
portal.html
spolecznosci.mgr.consensu.org/ Frame 798A
0
0
Document
General
Full URL
https://spolecznosci.mgr.consensu.org/portal.html
Requested by
Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.249 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
spolecznosci.mgr.consensu.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Server
nginx
Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Type
text/html
Content-Length
126
Last-Modified
Thu, 29 Nov 2018 11:19:31 GMT
Accept-Ranges
bytes
portal.html
spolecznosci.net/ Frame D8DE
0
0
Document
General
Full URL
https://spolecznosci.net/portal.html
Requested by
Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.244 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
spolecznosci.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Server
nginx
Date
Sat, 09 Mar 2019 22:47:00 GMT
Content-Type
text/html
Content-Length
128
Last-Modified
Fri, 01 Mar 2019 09:08:01 GMT
Accept-Ranges
bytes
vendorlist.json
vendorlist.consensu.org/
77 KB
14 KB
Fetch
General
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: spolecznosci.mgr.consensu.org
URL: https://spolecznosci.mgr.consensu.org/js/cmp.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:b000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50ce00ed072a39317bfd698cff66f0233eb061cf02d57e07f3daa273e0effd7e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc

Response headers

x-amz-version-id
PJ1Jy6JytVXY_zDMcRYtYALhv6aB0ShI
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
49014
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 07 Mar 2019 16:00:18 GMT
server
AmazonS3
date
Sat, 09 Mar 2019 09:10:07 GMT
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
via
1.1 8f87827e262d6aedd520409e24d2f980.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-id
eDleYRXNvWvZmzjccaudJEWTOWG_2dl-xKQsh9Uo3YJJI9prmn0rCg==
/
a.spolecznosci.net/av/320050/123/
35 B
260 B
Image
General
Full URL
https://a.spolecznosci.net/av/320050/123/?a=fili.cc_ShowBanner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.248 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:00 GMT
Transfer-Encoding
chunked
Content-Type
image/gif
prebid
ib.adnxs.com/ut/v3/
257 B
1 KB
XHR
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.203 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.4 /
Resource Hash
89b3ddffdea5b3d55faa62d83bfa1028e34b9ba5558fc4c95dedd41454f025f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:03 GMT
X-Proxy-Origin
185.220.70.202; 185.220.70.202; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.242:80
AN-X-Request-Uuid
94cb04b9-b9ed-4001-bc01-f9dbe3741c79
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://fili.cc
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
257
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
adx.adform.net/adx/
20 B
412 B
XHR
General
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTYwMzkyOCZ0cmFuc2FjdGlvbklkPTc3ZTRmNjBkLWQzNDQtNDcxNi04OTgwLTc2ZjZlYzA4NmRmOA%3D%3D&bWlkPTYwMzkyOSZ0cmFuc2FjdGlvbklkPThhOTFiZmQ0LWIzYTMtNGQ5Yi05MTM3LTRiMGExYzYyNGE0Mw%3D%3D&bWlkPTYwMzkyNiZ0cmFuc2FjdGlvbklkPWQxOWY3MzIwLWI1MzgtNGEzNy05MDM3LTYyODM2NzNmNmZiOA%3D%3D&bWlkPTYwMzkyNyZ0cmFuc2FjdGlvbklkPTAwYzcwN2U5LWE2OGMtNDA3Mi05MmE5LTFlYzAwZjUxYWIzYQ%3D%3D&pt=gross&stid=908e714e-f1ae-48d7-8c38-ec2c75008fae&fd=1
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:02 GMT
server
nginx
status
200
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://fili.cc
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
20
expires
-1
cdb
bidder.criteo.com/
0
205 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=15&wv=1.36.0&cb=95602743057
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.2.89 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://fili.cc
Date
Sat, 09 Mar 2019 22:47:01 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Timing-Allow-Origin
*
Vary
Origin
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
193 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS
unused-185-184-8-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 09 Mar 2019 22:47:02 GMT
access-control-allow-credentials
true
access-control-allow-origin
https://fili.cc
access-control-max-age
3600
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/
0
1 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:01 GMT
X-SMRT-D
3%3b6%3b51
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://fili.cc
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
v1
prg.smartadserver.com/prebid/
11 KB
5 KB
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
24bdf028ed47e2121856d6318593c1693db7133274de06a4a7cbacf48820a91d

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:01 GMT
Content-Encoding
gzip
X-SMRT-D
3%3b14%3b68
Vary
Accept-Encoding
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
https://fili.cc
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
4218
Expires
-1
bid
delivery.clickonometrics.pl/ortb/prebid/
0
308 B
XHR
General
Full URL
https://delivery.clickonometrics.pl/ortb/prebid/bid
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.134.222.90 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

status
204
date
Sat, 09 Mar 2019 22:47:01 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-origin
https://fili.cc
x-robots-tag
none
pet
a.spolecznosci.net/
2 KB
1 KB
Script
General
Full URL
https://a.spolecznosci.net/pet?s=Fili&x=3533,3539&safe=0&ut=&uu=null&rtb=%7B%223533%22%3A%7B%7D%2C%223539%22%3A%7B%22263375%22%3A%7B%22c%22%3A-1641999889%2C%22r%22%3A%221.58%22%2C%22n%22%3Afalse%2C%22t%22%3A205%7D%7D%7D&cb=445131276&uq=99303619968.682559&ref=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&sp_gdpr=&n=0.0832340767760753
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.248 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
5612594dc0784c6e4b179f44edcd6c73ba687340f07d37c5508561a6abb3602c

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Runtime
1
Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 09 Mar 2019 22:47:02 GMT
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
X-Runtime-details
a0-b0-c0-d0-e0-f0-j0-k0-g0-y0-z1
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
82 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
1c06f192c2bd061420614d4421e98ad6c23d417f6c0d4c2da2c8c40f87dec0bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
31620
x-xss-protection
1; mode=block
server
cafe
etag
16064327903783090832
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Mar 2019 22:47:02 GMT
/
a.spolecznosci.net/avd/164303/263852/12262/3533/
35 B
260 B
Image
General
Full URL
https://a.spolecznosci.net/avd/164303/263852/12262/3533/?o=1552171622296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.248 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:02 GMT
Transfer-Encoding
chunked
Content-Type
image/gif
/
a.spolecznosci.net/avd/163870/263375/11312/3539/
35 B
260 B
Image
General
Full URL
https://a.spolecznosci.net/avd/163870/263375/11312/3539/?o=1552171622296
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.248 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:02 GMT
Transfer-Encoding
chunked
Content-Type
image/gif
sas-banner-1.2.js
ced-ns.sascdn.com/diff/templates/ts/dist/banner/
26 KB
9 KB
Script
General
Full URL
https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:b8:2a4::c01 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
f764addc11c276aac3a07b02622da0e1021b2358b555394d059f7a24f61f7060

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Feb 2019 15:09:11 GMT
Server
Apache
ETag
"baa6b141334f746384d3451d724775c1:1550588951"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8645
integrator.js
adservice.google.de/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=fili.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/
109 B
171 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=fili.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/
196 KB
73 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
94bb86b5c5d6840056b9a51f719b58974bec3d739095599e316f77f8bea496aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
74305
x-xss-protection
1; mode=block
server
cafe
etag
12877515367870657140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 09 Mar 2019 22:47:02 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/ Frame 4EF5
196 KB
73 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
94bb86b5c5d6840056b9a51f719b58974bec3d739095599e316f77f8bea496aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
74305
x-xss-protection
1; mode=block
server
cafe
etag
12877515367870657140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 09 Mar 2019 22:47:02 GMT
ca-pub-2365165112249593.js
pagead2.googlesyndication.com/pub-config/r20160913/
133 B
256 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2365165112249593.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 15:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 08 Mar 2019 02:31:34 GMT
server
sffe
age
27355
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
125
x-xss-protection
1; mode=block
expires
Sun, 10 Mar 2019 03:11:07 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190306/r20190131/ Frame CF88
0
0
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20190306/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20190306/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sat, 09 Mar 2019 05:39:00 GMT
expires
Sat, 23 Mar 2019 05:39:00 GMT
content-type
text/html; charset=UTF-8
etag
15457983066924787283
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6951
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
61682
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
adex.php
spolecznosci.net/ Frame 4BBB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2365165112249593&output=html&h=200&slotname=Fili.cc%2FFili.cc_ROS%2FFili.cc_ROS_Doublebillboard1&adk=2389675965&adf=2822736853&w=750&lmt...
  • https://spolecznosci.net/adex.php?i=3534&s=AdxFili
0
0
Document
General
Full URL
https://spolecznosci.net/adex.php?i=3534&s=AdxFili
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/show_ads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.32.202.244 , Poland, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
spolecznosci.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Cookie
lsccs1_currentVersion=w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865; lsccs1_currentMain=%253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u*%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er9%25C3%25AB%25C3%25A8O%25C2%25A0%253A%255C4%25C2%25BB%255C%25C3%25B25%252F%255E%25C3%259E%25C3%25B6%25C3%25BC%251F%25C2%25B2KBf4W8%2505%257C%25C2%2589%257B%25C2%2580%2523%25C3%25BF%25C3%259Eftz%250D%2513%25C3%25B2%2507%25C2%25BF%25C3%2595%25C3%2592%250A%25C3%25934XT16%25C2%25B4h%251BI%25C2%258B%25C2%25B0%25C2%2582%250B%255E%25C2%25B1%25C3%25B3a%250F%255B%25C2%25BA%251F%253B%25C3%25B6%25C2%25BF%25C2%259C%25C2%25B1%25C2%25ABN%25C2%2580%25C2%25A3%25C2%258Ah%2513Y%25C2%258F%25C3%2595%25C3%259FVV%25C3%25BBc%251D%25C2%2599%25C3%258Bla%25C2%25B0z%25C3%25ADh%25C3%25BFh%252Fd)%25C2%259C%25C3%25BB%2519%25C3%25B9%25C3%25BB%25C3%25B4%25C2%25BB%25C3%2582K%25C3%25A1%25C2%25A2%250D%25C2%25BFvy%25C3%2585%25C2%25A5T%25C2%259BW%25C2%25A5B%2518%255B%25C2%25A9.%25C2%2597%252B%25C2%25A6fa%2540; lsccs1_currentStats=%253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%2599%2500%25C3%25A0%25C2%2582x46%25C2%2596%25C3%25B3%25C2%2593%2500%25C2%25AAfa%2507%25C3%2589%25C3%2592%25C2%25A8x%2512%25C2%2583%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK_%257DJ%2510)%2512%257D%25C2%2586%251F%25C2%2582%253D%25C3%25A7%25C2%25A5%2522lp%251Fq%25C2%258A%257C%25C3%2599%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1*l%25C2%259B%25C2%2592%2513%25266%25C2%25913z%25C2%25A8%25C2%25A3%25C3%259D%25C3%25BE%25C2%25AB7%25C3%2585%25C3%25BC%25C2%259Ch%2522i%25C2%25AE%25C3%25AE%25C3%25BE%257Dl%25C3%25B8O9%25C2%25BE%25C3%258Bz8%25C3%259Bo%25C3%25B4%2526%25C2%25ACd%25015%253F%25C2%2591%25C3%25AA!%25C2%2580%25C2%258B%25C3%2598%25C2%259E%25C3%25B5%2519%25C3%2597%25C2%259E5%25C3%2590d6%25C3%25A2%25C2%25BD%2519%25C3%258DI%25C3%25A4%255E%251FX%25C2%25B3c%25C2%259Df%25C3%25AA9%2524C%25C3%25921%25C2%25B2S%251E%251C%2512%25C2%259A%25C2%25A5%25C3%25BCV%25C3%2585%25C2%25AB%25C2%259F%25C3%25B9%25C3%258D%25C2%25AD*Wy%25C3%2599f%2508%25C3%2585%25C3%25AD%251E%25C2%2585)%25C3%25A8s%25C2%258F%25C2%25A1%255B%25C2%25B1n%25C2%2593z%25C2%2584%25C3%25AAcF%25C3%25B0%25C2%2588%25C3%25B7%25C3%25BE%25C2%25A1%2519%25C3%25BB%2500%25C3%25BE%25C2%25A7p%25C3%258Eg8)%25C2%25A4%25C3%2597%25C3%2587%250A%25C2%2589b%25C3%258C%252B%251Ac%25C2%2594%25C2%258F%25C3%25B9%25C3%25A5U%25C2%2590%25C3%259C%2506B%25C2%25B3%25C2%25AE%25C2%2591%25C2%258F%25C2%25A2X%25C3%25B8uZ%25C2%25B1%255E%25C2%25A7%25C2%2592%25C2%2582%2512O6%25C3%25862v%2516%255C%25C3%25A0%2504%250EU%25C2%2599%25C3%25AB0%250C%25C2%25A6%25C3%25ADu%25C3%2594W%25C2%2593p%25C3%258D%25C2%25BA5%2517Abb%25C3%25A8%25C2%25A3%25C3%25A9%25C3%2594W%25C3%25AFP%253D%25C2%258B%25C3%25AD%25C2%259B%25C3%25A9%25C2%2590%2513%2524B%25C3%2591dm%25C3%25BF%25C2%25A0%25C3%25A1%25C3%25BF%25C3%2580V%25C3%25B3%25C2%259F%25C2%2584M4%25C3%25BC%25C3%258C%25C2%2596N_%25C2%25A2; tgx=v%3A1%7CWo%3A55%7CKr%3ADE%7CRe%3A2925533%7CAd%3A0%7CSw%3A1600%7COs%3ALINUX-0%7CUa%3AHEADLESSCHROME-72%7CCt%3ARESIDENTIAL%7CIsp%3AM247%20EUROPE%20SRL; v=1552171620.321
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Server
nginx
Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
location
https://spolecznosci.net/adex.php?i=3534&s=AdxFili
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 09 Mar 2019 22:47:02 GMT
server
cafe
content-length
46
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Sat, 09-Mar-2019 23:02:02 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
osd.js
www.googletagservices.com/activeview/js/current/
77 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190306/r20190131/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1551269762062339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28006
x-xss-protection
1; mode=block
expires
Sat, 09 Mar 2019 22:47:02 GMT
st.min.html
ec-ns.sascdn.com/diff/rtb/handler/ Frame A7A7
0
0
Document
General
Full URL
https://ec-ns.sascdn.com/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22235414803649591447%22%2c%22adomain%22%3a%22vodafone.de%22%2c%22page%22%3a%22996229%22%2c%22format%22%3a%2247841%22%2c%22crid%22%3a%2229052084%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2213314%22%2c%22cid%22%3a%221570316%22%2c%22adid%22%3a%2229052084%22%2c%22hash%22%3a%22-1860555786046064991%22%7d
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.232.35.16 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4196) /
Resource Hash

Request headers

:method
GET
:authority
ec-ns.sascdn.com
:scheme
https
:path
/diff/rtb/handler/st.min.html?%7b%22bid%22%3a%22235414803649591447%22%2c%22adomain%22%3a%22vodafone.de%22%2c%22page%22%3a%22996229%22%2c%22format%22%3a%2247841%22%2c%22crid%22%3a%2229052084%22%2c%22dsp%22%3a%2222%22%2c%22buyer%22%3a%2213314%22%2c%22cid%22%3a%221570316%22%2c%22adid%22%3a%2229052084%22%2c%22hash%22%3a%22-1860555786046064991%22%7d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

status
200
content-encoding
gzip
cache-control
max-age=86400
content-type
text/html
date
Sat, 09 Mar 2019 22:47:02 GMT
etag
"cf77ec65ee9c36afad6942d47dda53fb:1515417051+gzip"
last-modified
Mon, 08 Jan 2018 13:10:51 GMT
server
ECS (fcn/4196)
vary
Accept-Encoding
x-cache
HIT
content-length
320
/
track.adform.net/adfscript/ Frame B438
20 KB
10 KB
Script
General
Full URL
https://track.adform.net/adfscript/?bn=29052084;rtbwp=qWYqCINgGiW0avv3WJzKGQJxzR6r16pN6VZ8Dg;rtbdata=gkidAtj_mNtLcSdZY3sSmQeXXoHTZrWgBgkgUqHujYR8SEma2DNDFO0sUD_vW9SO0E1vERQCFExKrYDUgJeIUIzhE4Vqdgk3gNNib6DlSuYAKTRIn2r_-opEsjGOlwJcY35kaWx7e8yQuzL18f1bbIiqCLEK51ZFA_BtO0RAdxEveqVeBAH6wn6yt7oK8sapaK0i99B7-NJlKlf_A-yeCwlJVdhVNP38vOW3f4J95Z5xUImtpL_lA2wvUyEK1_ElcPH1LJlPdC30LrBRX5DUJ-71FujaE3E2uQaDSrO75g9cgaoIdDxrQj99CKaGvp6-bozUPx2r6rv57kpMlB5I9Y_BsPPTF-i-0
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ddcfb2a8cb6abff6c13c327b79b82079313c7062f0d666fdb110a19c3b810588

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
9874
expires
-1
aip
prg.smartadserver.com/h/ Frame B438
43 B
406 B
Image
General
Full URL
https://prg.smartadserver.com/h/aip?tmstp=8800488551&ckid=5379011626621887246&pubid=14&systgt=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0%3b%24b%3d16670%3b%24o%3d12100%3b%24wpc%3d2%3b%24wpc%3d56&uii=235414803649576827&acd=1552171622011&visit=S&statid=15&tgt=%24dt%3d1t%3b%24hc&pgDomain=https%3a%2f%2ffili.cc%2fserial%2fgotham%2fs01e03%2fthe-balloonman%2f23203&capp=0&mcrdbt=0&insid=6207582&siteid=264677&imgid=0&pgid=996229&fmtid=47841&sig=8W3zUxdNCAjLXcqwlegaVHylgARbVP1%2bxoCLaSda6xk%3d&rtb=1&rtbnid=384&rtbbid=235414803649591447&rtbh=a6246ffc0ab510c2a732cdf86af73f5653294504&rtblt=636877684220106570&rtbet=0
Requested by
Host: ced-ns.sascdn.com
URL: https://ced-ns.sascdn.com/diff/templates/ts/dist/banner/sas-banner-1.2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:02 GMT
Cache-Control
no-cache, no-store
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Content-Type
image/gif
Content-Length
43
Expires
-1
bootstrap.js
s1.adform.net/stoat/615/s1.adform.net/ Frame B438
31 KB
14 KB
Script
General
Full URL
https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=29052084;rtbwp=qWYqCINgGiW0avv3WJzKGQJxzR6r16pN6VZ8Dg;rtbdata=gkidAtj_mNtLcSdZY3sSmQeXXoHTZrWgBgkgUqHujYR8SEma2DNDFO0sUD_vW9SO0E1vERQCFExKrYDUgJeIUIzhE4Vqdgk3gNNib6DlSuYAKTRIn2r_-opEsjGOlwJcY35kaWx7e8yQuzL18f1bbIiqCLEK51ZFA_BtO0RAdxEveqVeBAH6wn6yt7oK8sapaK0i99B7-NJlKlf_A-yeCwlJVdhVNP38vOW3f4J95Z5xUImtpL_lA2wvUyEK1_ElcPH1LJlPdC30LrBRX5DUJ-71FujaE3E2uQaDSrO75g9cgaoIdDxrQj99CKaGvp6-bozUPx2r6rv57kpMlB5I9Y_BsPPTF-i-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9bf28f6cc36bd0a6e167ff8b916c07b5f23fc702b70ba0bd6d0e67582ebd20fd

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 09:52:41 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Mon, 11 Mar 2019 02:28:57 GMT
/
track.adform.net/wpf/v2/cWa44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame B438
6 KB
3 KB
Script
General
Full URL
https://track.adform.net/wpf/v2/cWa44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY2EsiqSHdUMnGWpwoNSUC56MnGW87gq1HACVdY9A9J1_511v.2dI_AIQjvEodUW2vqCRc7L1eLY6UfSWW8rNtG2hiwgAwBfy4MjNpp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF3fKXV4.hL9.LxU...E9/adfserve/?CC=1&bn=29052084;rtbwp=qWYqCINgGiW0avv3WJzKGQJxzR6r16pN6VZ8Dg;rtbdata=gkidAtj_mNtLcSdZY3sSmQeXXoHTZrWgBgkgUqHujYR8SEma2DNDFO0sUD_vW9SO0E1vERQCFExKrYDUgJeIUIzhE4Vqdgk3gNNib6DlSuYAKTRIn2r_-opEsjGOlwJcY35kaWx7e8yQuzL18f1bbIiqCLEK51ZFA_BtO0RAdxEveqVeBAH6wn6yt7oK8sapaK0i99B7-NJlKlf_A-yeCwlJVdhVNP38vOW3f4J95Z5xUImtpL_lA2wvUyEK1_ElcPH1LJlPdC30LrBRX5DUJ-71FujaE3E2uQaDSrO75g9cgaoIdDxrQj99CKaGvp6-bozUPx2r6rv57kpMlB5I9Y_BsPPTF-i-0;js=1;adfxid=1x;9104;set=en-US|en-US|1600X1200|0|300|600|24|8|3|7|0;fd=0|15&CREFURL=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8ae8197579cc3a73d846ad7cb75c61c73ef99c406ea6e48999953aa83337ba46

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
3060
expires
-1
dvtp_src.js
cdn.doubleverify.com/ Frame B438
16 KB
5 KB
Script
General
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1570316&sid=1358733&plc=29052084&advid=165376&app=&sup=Smart+RTB%2b&adsrv=178&region=40&btreg=29052084&btadserv=adform&crt=31075522&crtname=gigacubemax_1eur_181127_300x600&dvtagver=6.1.src&turl=fili.cc&DVP_ADTYPE=Image&DVP_LINE=4873895&DVPX_IMPID=5684085811477279435&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.1109&DVPX_LONG=8.6821&DVPX_PAGE=https%3a%2f%2ffili.cc%2fserial%2fgotham%2fs01e03%2fthe-balloonman%2f23203
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.253.20 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-253-20.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
149c8502a2f3c858670747415c1c96a6180448d64e524b300945ced2f414fddc

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Encoding
gzip
ETag
"2e591b7420d4d41:0"
Last-Modified
Wed, 06 Mar 2019 13:28:15 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=85209
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5086
ai.aspx
m.exactag.com/ Frame B438
43 B
654 B
Image
General
Full URL
https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ltesta&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&cachebuster=14828
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:01 GMT
X-ET-Code
0
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Connection
close
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control
private
Last-Modified
Sa, 09 Mrz 2019 10:47:02 GMT
X-ET-Camp
707
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Jul 1997 05:00:00 GMT
firstevent
vfde.demdex.net/ Frame B438
Redirect Chain
  • https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772
  • https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772
42 B
771 B
Image
General
Full URL
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.108.5 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-194-108-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v021-0c7b645b0.edge-irl1.demdex.com 5.49.0.20190304124312 5ms
Pragma
no-cache
X-TID
Zu40Z6p3QyE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
X-TID
lxnv6/nrTcM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_lte_sta_gigacubemax_1eur_181127_300x600&rnd=39772
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
csp.php
vfd2dyn.vodafone.de/csp/ Frame B438
0
279 B
Image
General
Full URL
https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=88448
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.220 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-29-0-220.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
server
Apache
p3p
CP="CAO PSA OUR"
status
200
cache-control
no-cache, must-revalidate
content-type
text/html; charset=utf-8
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
Standard
s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/ImageTag:types/ Frame B438
85 KB
35 KB
Script
General
Full URL
https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
401a531c518c60170d8f34f3328c5709518b8a2f298fb0b337a4b7dacc8034df

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
content-encoding
gzip
last-modified
Tue, 05 Mar 2019 09:52:41 GMT
server
nginx
access-control-allow-origin
*
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=100000
expires
Mon, 11 Mar 2019 01:35:06 GMT
/
track.adform.net/csimpr/ Frame B438
35 B
408 B
Other
General
Full URL
https://track.adform.net/csimpr/?bn=29052084&csi=b7E9lcOpu9g-aQNSth7KL5iuR5oaQomzKutDLcBQWnEgY8dmHc6lJVEukj43E-gFTJ7_jWFDjI3R4bJALZ2PlSoNbLXpRdMHbD45yK7wMbhSiCX4jZfc5g2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:02 GMT
server
nginx
access-control-allow-origin
https://fili.cc
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
31075522.gif
s1.adform.net/Banners/31075522/ Frame B438
48 KB
48 KB
Image
General
Full URL
https://s1.adform.net/Banners/31075522/31075522.gif?bv=3
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.72 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
954730c8cc726757119d91b3c08dcdbc3350a1c9537dc9bf53b837363b4dcec5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 22:47:02 GMT
last-modified
Fri, 08 Mar 2019 07:56:00 GMT
server
nginx
access-control-allow-origin
*
etag
"5c822010-be2c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
48684
dv-measurements257.js
cdn.doubleverify.com/ Frame 75C3
243 KB
57 KB
Script
General
Full URL
https://cdn.doubleverify.com/dv-measurements257.js
Requested by
Host: fili.cc
URL: https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.253.20 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-253-20.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
95f53b697354f5ccf0e8c395adc67e1380239d86cea14342da9e453827fdefb3

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Encoding
gzip
ETag
"0f26a45a6d1d41:0"
Last-Modified
Sun, 03 Mar 2019 09:48:36 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
57526
t2tv7.html
cdn3.doubleverify.com/ Frame 324A
0
0
Document
General
Full URL
https://cdn3.doubleverify.com/t2tv7.html
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.111.253.20 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-253-20.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Host
cdn3.doubleverify.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Cache-Control
max-age=946080000
Content-Type
text/html
Last-Modified
Thu, 11 Sep 2014 19:15:16 GMT
Accept-Ranges
bytes
ETag
"0ba3b8f4cdcf1:0"
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
3877
Date
Sat, 09 Mar 2019 22:47:03 GMT
Connection
keep-alive
visit.js
tps40.doubleverify.com/ Frame 75C3
10 KB
4 KB
Script
General
Full URL
https://tps40.doubleverify.com/visit.js?bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTau7%3A%3D%3A%5D44TauD6C%3A2%3DTau8%40E92%3ETauD_%606_bTauE96%5C32%3D%3D%40%40%3F%3E2%3FTauaba_bU2%3F4r92%3A%3Fl9EEADTbpTauTau7%3A%3D%3A%5D44Tar9EEADTbpTauTau7%3A%3D%3A%5D44U2%26C%3Dl&srcurlD=0&aUrlD=0&ssl=https:&dvp_region=40&sup=Smart+RTB%2b&aadid=c87fd1ac886e364eab1f919ecf8c7aca57b60e0e&dfs=196&ddur=105&uid=1552171622906881&jsCallback=dvCallback_1552171622906553&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=257&vavbkt=4,8,1,23&lvvn=26&m1=13&refD=1&referrer=https%3A%2F%2Ffili.cc%2Fserial%2Fgotham%2Fs01e03%2Fthe-balloonman%2F23203&fwc=0&fcl=91&flt=13&fec=529&fcifrms=12&brh=2&dvp_epl=203&ctx=11655933&cmp=1570316&sid=1358733&plc=29052084&crt=31075522&btreg=29052084&adsrv=178&advid=165376&crtname=gigacubemax_1eur_181127_300x600&turl=fili.cc&DVP_ADTYPE=Image&DVP_LINE=4873895&DVPX_IMPID=5684085811477279435&DVPX_GUID=-5750631979060554475&DVPX_LAT=50.1109&DVPX_LONG=8.6821&DVPX_PAGE=https%253a%252f%252ffili.cc%252fserial%252fgotham%252fs01e03%252fthe-balloonman%252f23203
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.18 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
5cd1e9c04034654c5cd3e293b8a44e94137083d8f09fb16850dec822129e6b22

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:02 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=0
Connection
close
Expires
3/8/2019 10:47:02 PM
publishertag.prebid.js
static.criteo.net/js/ld/
39 KB
13 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 13:26:35 GMT
Server
nginx
ETag
W/"5c811c0b-9ab2"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sun, 10 Mar 2019 22:47:03 GMT
action
diff3.smartadserver.com/track/
43 B
168 B
Image
General
Full URL
https://diff3.smartadserver.com/track/action?sid=1552171622318&pid=996229&iid=6207582&cid=0&key=viewcount&rtb=1&rtbbid=235414803649591447&rtbet=0&rtblt=636877684220106570&rtbnid=384&rtbh=a6246ffc0ab510c2a732cdf86af73f5653294504&ts=1552171622318
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sat, 09 Mar 2019 22:47:03 GMT
Cache-Control
private
Content-Length
43
Content-Type
image/gif
/
track.adform.net/serving/unload/ Frame B438
35 B
417 B
Other
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@29052084,5684085811477279435,66|1044|0|0|0|0|0|0|0||65|0|32|235414803649591447_03d00310-08d3-4779-bbf0-02da9ec9ffc6|||1|0|0|4__qHnEPTG_5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:04 GMT
server
nginx
access-control-allow-origin
https://fili.cc
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/Serving/Event/ Frame B438
35 B
257 B
Image
General
Full URL
https://track.adform.net/Serving/Event/?bn=29052084&event=178&time=1&banner=31075522&name=Viewable%20impressions&imprid=5684085811477279435&icid=-5750631979060554475&eData=b7E9lcOpu9hAW4Ol-8J26ECYQJsizCFrWn4RHwA1TBl_7KLPWa1aEhT5cxamdaOvLwF1-MxABZWsdMPbidFoFg2&rnd=628113596&rtbwp=qWYqCINgGiW0avv3WJzKGQJxzR6r16pN6VZ8Dg&rtbdata=gkidAtj_mNtLcSdZY3sSmQeXXoHTZrWgBgkgUqHujYR8SEma2DNDFO0sUD_vW9SO0E1vERQCFExKrYDUgJeIUIzhE4Vqdgk3gNNib6DlSuYAKTRIn2r_-opEsjGOlwJcY35kaWx7e8yQuzL18f1bbIiqCLEK51ZFA_BtO0RAdxEveqVeBAH6wn6yt7oK8sapaK0i99B7-NJlKlf_A-yeCwlJVdhVNP38vOW3f4J95Z5xUImtpL_lA2wvUyEK1_ElcPH1LJlPdC30LrBRX5DUJ-71FujaE3E2uQaDSrO75g9cgaoIdDxrQj99CKaGvp6-bozUPx2r6rv57kpMlB5I9Y_BsPPTF-i-0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:04 GMT
server
nginx
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
expires
-1
event.png
tps20225.doubleverify.com/ Frame 75C3
67 B
456 B
Other
General
Full URL
https://tps20225.doubleverify.com/event.png?impid=4f59423042914a1db51dfbe4ae909d14&vdur=106&msrjs=257&pltfrm=Linux%20x86_64&dvp_acv=1&dvp_acifd=2&dvp_mref=&dvp_acc=69&dvp_acl=22794&dvp_acwe=0&dvp_vpos=1585-1200-1&isvelg=1&vit=2&engms=1&engisel=1&dvp_dvcs=&cbust=1552171625028246
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.22 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:04 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://fili.cc
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
3/8/2019 10:47:04 PM
event.png
tps20225.doubleverify.com/ Frame 75C3
67 B
456 B
Other
General
Full URL
https://tps20225.doubleverify.com/event.png?impid=4f59423042914a1db51dfbe4ae909d14&msrcanlm=456&msrcannum=3&ismms=57&isumms=56&isvelg=1&nvr=6&isbxdms=2257&b7=2306&adhgt=600&adwdth=300&engisel=1&vsos=6&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2306&sftb=2306&msrdp=3&naral=192&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=66&advisonl=true&isiabvms=957&isuiabvms=957&engalms=55&dvp_hdnAd=2001&dvp_dpr=1&cbust=1552171626027765
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements257.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.254.244.18 , Germany, ASN36062 (DOUBLE-VERIFY - DoubleVerify, Inc., US),
Reverse DNS
Software
Microsoft-IIS/8.0 / ASP.NET
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 09 Mar 2019 22:47:05 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
https://fili.cc
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
3/8/2019 10:47:05 PM
CookieSyncV.html
csync.smartadserver.com/rtb/csync/ Frame EA2E
0
0
Document
General
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSyncV.html?hasrtb=true&nwid=384&dcid=3&iscname=false&cname=
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:eb:1a6::c09 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Cookie
vs=264677=8513267; TestIfCookie=ok; TestIfCookieP=ok; pbw=%24b%3d16670%3b%24o%3d12100; sasd=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0; sasd2=q=%24qc%3d1311284246%3b%24ql%3dUnknown%3b%24qpc%3d60311%3b%24qt%3d25_1045_42811t%3b%24dma%3d0&c=1&l=2085336053&lo=335876966&lt=636877720219343347&o=1; Trk0=Value=996229&Creation=09%2f03%2f2019+23%3a47%3a02
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Content-Type
text/html
Content-Encoding
gzip
Last-Modified
Thu, 28 Feb 2019 13:58:28 GMT
Accept-Ranges
bytes
ETag
"23efb2ae6dcfd41:0"
Vary
Accept-Encoding
Content-Length
397
Cache-Control
max-age=3600
Date
Sat, 09 Mar 2019 22:47:07 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 481A
0
0
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: s.spolecznosci.net
URL: https://s.spolecznosci.net/js/core2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=3857086110625685381; icu=ChgI89BPEAoYASABKAEw54SR5AU4AUABSAEKGAi_uFkQChgBIAEoATDshJHkBTgBQAFIARDshJHkBRgB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sat, 09 Mar 2019 22:47:07 GMT
Age
18623113
Connection
keep-alive
X-Served-By
cache-jfk8146-JFK, cache-cdg20724-CDG
X-Cache
HIT, HIT
X-Cache-Hits
4857776, 4745405
X-Timer
S1552171627.273872,VS0,VE0
Vary
Accept-Encoding
/
track.adform.net/serving/unload/ Frame B438
35 B
417 B
Other
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@29052084,5684085811477279435,66|4743|0|0|0|0|0|0|0||297|0|32|235414803649591447_03d00310-08d3-4779-bbf0-02da9ec9ffc6|||1|0|0|4__qHnEPTG_5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/ImageTag:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://fili.cc/serial/gotham/s01e03/the-balloonman/23203
Origin
https://fili.cc
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Mar 2019 22:47:07 GMT
server
nginx
access-control-allow-origin
https://fili.cc
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| _qasp object| adserverUtils function| pbsjsChunk object| pbsjs object| __core-js_shared__ function| JSEncrypt object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| LANG object| MODAL object| CROPPER object| MAIN object| FORM boolean| firstSelect function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga function| __cmp object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| recaptcha object| core number| _qasp_ncb_creation_306089_id undefined| _qasp_ncb_creation_306089 number| _qasp_ncb_creation_284192_id undefined| _qasp_ncb_creation_284192 number| _qasp_ncb_creation_264696_id undefined| _qasp_ncb_creation_264696 number| _qasp_ncb_creation_263418_id undefined| _qasp_ncb_creation_263418 number| _qasp_ncb_creation_263412_id undefined| _qasp_ncb_creation_263412 number| _qasp_ncb_creation_263379_id undefined| _qasp_ncb_creation_263379 number| _qasp_ncb_creation_263361_id undefined| _qasp_ncb_creation_263361 number| _qasp_ncb_creation_305351_id undefined| _qasp_ncb_creation_305351 number| _qasp_ncb_creation_284195_id undefined| _qasp_ncb_creation_284195 number| _qasp_ncb_creation_264698_id undefined| _qasp_ncb_creation_264698 number| _qasp_ncb_creation_263416_id undefined| _qasp_ncb_creation_263416 number| _qasp_ncb_creation_263411_id undefined| _qasp_ncb_creation_263411 number| _qasp_ncb_creation_263377_id undefined| _qasp_ncb_creation_263377 number| _qasp_ncb_creation_263375_id undefined| _qasp_ncb_creation_263375 object| Criteo object| adBidResponses number| _qasp_ncb_creation_263852_id undefined| _qasp_ncb_creation_263852 string| html_3533_263852 string| html_3539_263375 object| adsbygoogle object| sas object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_t12n_vars function| google_sa_impl object| google_jobrunner object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_iframe_oncopy function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Viewability function| Banner object| newObj6207582 function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| __adform_onload object| Adform function| ADFReload function| ADFCall function| ADFcall object| a object| criteo_pubtag

9 Cookies

Domain/Path Name / Value
.spolecznosci.net/ Name: v
Value: 1552171620.321
.spolecznosci.net/ Name: tgx
Value: v%3A1%7CWo%3A55%7CKr%3ADE%7CRe%3A2925533%7CAd%3A0%7CSw%3A1600%7COs%3ALINUX-0%7CUa%3AHEADLESSCHROME-72%7CCt%3ARESIDENTIAL%7CIsp%3AM247%20EUROPE%20SRL
.spolecznosci.net/ Name: lsccs1_currentStats
Value: %253C%2502H%2516%25C3%2586%25C2%2586.%2513%257Fv%25C3%2585%25C2%258B%25C3%25B8O%25C3%2599%2500%25C3%25A0%25C2%2582x46%25C2%2596%25C3%25B3%25C2%2593%2500%25C2%25AAfa%2507%25C3%2589%25C3%2592%25C2%25A8x%2512%25C2%2583%25C3%25AE%2509u%25C2%2580%253C%250A%25C3%25BD%25C2%25BE!%25C3%25B0i%250Bu%25C3%25A3%2500%25C2%25B2ud%251D%25C2%2592%25C2%2595%25C2%25A2%251F%25C2%25BAK_%257DJ%2510)%2512%257D%25C2%2586%251F%25C2%2582%253D%25C3%25A7%25C2%25A5%2522lp%251Fq%25C2%258A%257C%25C3%2599%25C3%2597%25C3%259D%2516%25C3%2593n%2513r9%2560%25C3%25BDhiw%25C3%25A8%25C2%25A0%25C2%25A1*l%25C2%259B%25C2%2592%2513%25266%25C2%25913z%25C2%25A8%25C2%25A3%25C3%259D%25C3%25BE%25C2%25AB7%25C3%2585%25C3%25BC%25C2%259Ch%2522i%25C2%25AE%25C3%25AE%25C3%25BE%257Dl%25C3%25B8O9%25C2%25BE%25C3%258Bz8%25C3%259Bo%25C3%25B4%2526%25C2%25ACd%25015%253F%25C2%2591%25C3%25AA!%25C2%2580%25C2%258B%25C3%2598%25C2%259E%25C3%25B5%2519%25C3%2597%25C2%259E5%25C3%2590d6%25C3%25A2%25C2%25BD%2519%25C3%258DI%25C3%25A4%255E%251FX%25C2%25B3c%25C2%259Df%25C3%25AA9%2524C%25C3%25921%25C2%25B2S%251E%251C%2512%25C2%259A%25C2%25A5%25C3%25BCV%25C3%2585%25C2%25AB%25C2%259F%25C3%25B9%25C3%258D%25C2%25AD*Wy%25C3%2599f%2508%25C3%2585%25C3%25AD%251E%25C2%2585)%25C3%25A8s%25C2%258F%25C2%25A1%255B%25C2%25B1n%25C2%2593z%25C2%2584%25C3%25AAcF%25C3%25B0%25C2%2588%25C3%25B7%25C3%25BE%25C2%25A1%2519%25C3%25BB%2500%25C3%25BE%25C2%25A7p%25C3%258Eg8)%25C2%25A4%25C3%2597%25C3%2587%250A%25C2%2589b%25C3%258C%252B%251Ac%25C2%2594%25C2%258F%25C3%25B9%25C3%25A5U%25C2%2590%25C3%259C%2506B%25C2%25B3%25C2%25AE%25C2%2591%25C2%258F%25C2%25A2X%25C3%25B8uZ%25C2%25B1%255E%25C2%25A7%25C2%2592%25C2%2582%2512O6%25C3%25862v%2516%255C%25C3%25A0%2504%250EU%25C2%2599%25C3%25AB0%250C%25C2%25A6%25C3%25ADu%25C3%2594W%25C2%2593p%25C3%258D%25C2%25BA5%2517Abb%25C3%25A8%25C2%25A3%25C3%25A9%25C3%2594W%25C3%25AFP%253D%25C2%258B%25C3%25AD%25C2%259B%25C3%25A9%25C2%2590%2513%2524B%25C3%2591dm%25C3%25BF%25C2%25A0%25C3%25A1%25C3%25BF%25C3%2580V%25C3%25B3%25C2%259F%25C2%2584M4%25C3%25BC%25C3%258C%25C2%2596N_%25C2%25A2
.spolecznosci.net/ Name: lsccs1_currentMain
Value: %253C%2502j%251F%25C2%2582%25C3%25B8!%2512v8%25C3%2593%25C2%258B%25C2%259D%2516%25C3%258A%2503%25C2%25A3%25C3%2587'u*%25C2%258D%25C3%25B0%25C3%258E%2510%25C2%25AAgc%2511%25C3%259B%25C2%25A9%25C3%25B4k%251D%25C2%2596%25C3%25B0n%257B%25C2%258Er9%25C3%25AB%25C3%25A8O%25C2%25A0%253A%255C4%25C2%25BB%255C%25C3%25B25%252F%255E%25C3%259E%25C3%25B6%25C3%25BC%251F%25C2%25B2KBf4W8%2505%257C%25C2%2589%257B%25C2%2580%2523%25C3%25BF%25C3%259Eftz%250D%2513%25C3%25B2%2507%25C2%25BF%25C3%2595%25C3%2592%250A%25C3%25934XT16%25C2%25B4h%251BI%25C2%258B%25C2%25B0%25C2%2582%250B%255E%25C2%25B1%25C3%25B3a%250F%255B%25C2%25BA%251F%253B%25C3%25B6%25C2%25BF%25C2%259C%25C2%25B1%25C2%25ABN%25C2%2580%25C2%25A3%25C2%258Ah%2513Y%25C2%258F%25C3%2595%25C3%259FVV%25C3%25BBc%251D%25C2%2599%25C3%258Bla%25C2%25B0z%25C3%25ADh%25C3%25BFh%252Fd)%25C2%259C%25C3%25BB%2519%25C3%25B9%25C3%25BB%25C3%25B4%25C2%25BB%25C3%2582K%25C3%25A1%25C2%25A2%250D%25C2%25BFvy%25C3%2585%25C2%25A5T%25C2%259BW%25C2%25A5B%2518%255B%25C2%25A9.%25C2%2597%252B%25C2%25A6fa%2540
.spolecznosci.net/ Name: lsccs1_currentVersion
Value: w%2501i%2503%25C3%258F%25C2%25AE*%2504%2560%253A%25C2%2590%25C3%259A%25C2%25A9%2516%25C3%2586W%25C2%25A8%25C3%25865
.fili.cc/ Name: _gid
Value: GA1.2.1630415811.1552171620
fili.cc/ Name: ali
Value: true
.fili.cc/ Name: _gat_gtag_UA_68827056_6
Value: 1
.fili.cc/ Name: _ga
Value: GA1.2.457829061.1552171620

1 Console Messages

Source Level URL
Text
console-api log (Line 7)
Message:
cnst: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.spolecznosci.net
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
cdn.doubleverify.com
cdn3.doubleverify.com
ced-ns.sascdn.com
csync.smartadserver.com
delivery.clickonometrics.pl
diff3.smartadserver.com
ec-ns.sascdn.com
fili.cc
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
m.exactag.com
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prg.smartadserver.com
s.spolecznosci.net
s1.adform.net
spolecznosci.mgr.consensu.org
spolecznosci.net
static.criteo.net
static.fili.cc
stats.g.doubleclick.net
tps20225.doubleverify.com
tps40.doubleverify.com
track.adform.net
vendorlist.consensu.org
vfd2dyn.vodafone.de
vfde.demdex.net
www.g2a.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.109.85.152
104.111.253.20
151.101.121.108
178.250.2.130
178.250.2.89
178.32.202.244
178.32.202.248
178.32.202.249
185.184.8.30
185.33.223.203
185.86.137.42
185.86.138.79
213.254.244.18
213.254.244.22
2600:9000:200c:b000:1:af78:4c0:93a1
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2002
2a00:1450:4001:817::200e
2a00:1450:4001:818::2003
2a00:1450:4001:819::2002
2a00:1450:4001:820::200a
2a00:1450:4001:824::2004
2a00:1450:4001:825::2002
2a00:1450:4001:825::2003
2a00:1450:400c:c07::9b
2a02:26f0:b8:2a4::c01
2a02:26f0:eb:1a6::c09
37.157.2.239
37.157.5.72
52.29.0.220
54.194.108.5
54.36.174.44
68.232.35.16
85.14.248.72
91.134.222.90
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
079e5f3fa150d446ab5b3336b642e391195af694a603d2308c39a73d5e5e84dc
07d8d301cc4ba670b69ccee15a477dd0dbd369d7f52374f6efade824d7c31450
149c8502a2f3c858670747415c1c96a6180448d64e524b300945ced2f414fddc
1c06f192c2bd061420614d4421e98ad6c23d417f6c0d4c2da2c8c40f87dec0bb
1cfc26efda4892cb5e975f7e38a5db663d24940403dc52d3cd4be7634c56caae
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
1f74a651f91b4434b7dc2f1fd9433829ebb1b59318db7c40fc2875ae037dae47
224188bb6dab42ea7cdaf59b0476e84c06ba69efbbc8c469c9d1bd5df2d5e730
24bdf028ed47e2121856d6318593c1693db7133274de06a4a7cbacf48820a91d
31c74f49e5dbab1b34feafa2498ad11094bd8a1ee80fecc9239abddcb15bb4de
35a21333c81302e934ee42b7b85b2c6a731bfffb418fe52fe795cb1974186976
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
401a531c518c60170d8f34f3328c5709518b8a2f298fb0b337a4b7dacc8034df
41b1587d5ddda06f0cf6449e2d1e2789d8e3b35ddc29b85a693fa451c444b6fa
49b9e18a4b833d5c0b464a8e868f333dbefba58b690fb00d90e7aad180e6e847
4a17c4ec67218b9161fd4efcbc727fcd1786757a01ec5debcb81db08ed50597f
50279cc9473c6c781e9fa7bf27f285f495394e8bfb957d0e0b9797615c082563
50ce00ed072a39317bfd698cff66f0233eb061cf02d57e07f3daa273e0effd7e
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
5612594dc0784c6e4b179f44edcd6c73ba687340f07d37c5508561a6abb3602c
5cd1e9c04034654c5cd3e293b8a44e94137083d8f09fb16850dec822129e6b22
676fb70994eb3dc2e6aad2e42e8a027c57c069238a606f7e6bf08099f7d3e0f8
79969f491accd20f7afcaea668f86397b1e3f69cf5838db2bc2beb2645da6b77
7c5fe63d05526e54873d76837da383519edca4db31614f3277b67ee7b8b027e4
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84c0bca73e7b3650881f9cff061cc81d4c1747783273d2b9e57af4067de6924c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
89b3ddffdea5b3d55faa62d83bfa1028e34b9ba5558fc4c95dedd41454f025f5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae8197579cc3a73d846ad7cb75c61c73ef99c406ea6e48999953aa83337ba46
90252ef0aa9e3d36c861bbeaa1bd57b7f855333edf2957ab9473838a52e2dd7f
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
94bb86b5c5d6840056b9a51f719b58974bec3d739095599e316f77f8bea496aa
954730c8cc726757119d91b3c08dcdbc3350a1c9537dc9bf53b837363b4dcec5
95f53b697354f5ccf0e8c395adc67e1380239d86cea14342da9e453827fdefb3
98239ebcc48e7c9dabc57f495946c02b3e3c907d839f6b69971aee32e237ed85
9bf28f6cc36bd0a6e167ff8b916c07b5f23fc702b70ba0bd6d0e67582ebd20fd
aee8a1c099b6232b1ce9a4a05657d5ed4ae66b61b9f85ef18f3ccf606610628e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b03b2fdcf0111214cdb2c8b21c9ce2b6854f972a4d5b6a05ecf0d6ece770fbae
b3d14d1b50ce79edbcdede2f1fe0f39e34a0d531d8e8b0b6c9dd9eb9d81c1ba6
c83c7670c31d4127fb493e87ba84436b9ac70c4ef71614027252eb671350d7c8
ca66d33b74abcc1339855083c4eedc34bcc8ce9774a1b02fa89b560b4876fd2a
cd90a6ad55a59a36e55c027561de2b6dd91dc1592255e482067c81a1d1aee81e
ddcfb2a8cb6abff6c13c327b79b82079313c7062f0d666fdb110a19c3b810588
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6721cace80a5cb8050b0ba005134489cd511bc656243bf0eb6eb7eac626020c
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee0a94655495dde95869999d3feea0f17fbe8e7028dd322a63681e2996741ebb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f764addc11c276aac3a07b02622da0e1021b2358b555394d059f7a24f61f7060
fbae279ebef13eafbfe0da3b9b458f03aa3a2397e948440d4dea33aa3da466fe