urlscan.io logo urlscan.io
SecurityTrails logo

nowshowing.to Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nowshowing.to/
Effective URL: https://nowshowing.to/
Submission: On January 20 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 43 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is nowshowing.to.
TLS certificate: Issued by E1 on December 4th 2023. Valid for: 3 months.
This is the only time nowshowing.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
nowshowing.to
11    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
nowshowing.to
2    2600:9000:20c3:5c00:4:8941:6900:21 (United States)

ASN16509 (AMAZON-02, US)
d126kahie2ogx0.cloudfront.net
9    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
4    188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
pogothere.xyz
sforourcompa.org
2    18.165.183.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-95.zrh55.r.cloudfront.net
ndcomemuni.com
1    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4013:c00::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
1    192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
pl19840795.toprevenuegate.com
1    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2400:52e0:1e00::1055:1 (Germany)

ASN200325 (BUNNYCDN, SI)
image.tmdb.org
Apex Domain
Subdomains		 Transfer
12 nowshowing.to
nowshowing.to
258 KB
9 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
182 KB
6 google.com
accounts.google.com — Cisco Umbrella Rank: 23
3 KB
4 gstatic.com
fonts.gstatic.com
32 KB
3 tmdb.org
image.tmdb.org — Cisco Umbrella Rank: 21776
515 KB
2 sforourcompa.org
sforourcompa.org
807 B
2 ndcomemuni.com
ndcomemuni.com
2 KB
2 pogothere.xyz
pogothere.xyz — Cisco Umbrella Rank: 31844
101 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
2 KB
2 cloudfront.net
d126kahie2ogx0.cloudfront.net
55 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2029
252 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
91 KB
1 toprevenuegate.com
pl19840795.toprevenuegate.com
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
43 14
Domain Requested by
12 nowshowing.to 1 redirects nowshowing.to
9 cdn.jsdelivr.net nowshowing.to
cdn.jsdelivr.net
6 accounts.google.com 4 redirects nowshowing.to
4 fonts.gstatic.com fonts.googleapis.com
3 image.tmdb.org
2 sforourcompa.org nowshowing.to
2 ndcomemuni.com d126kahie2ogx0.cloudfront.net
2 pogothere.xyz d126kahie2ogx0.cloudfront.net
2 fonts.googleapis.com nowshowing.to
2 d126kahie2ogx0.cloudfront.net nowshowing.to
ndcomemuni.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com nowshowing.to
1 pl19840795.toprevenuegate.com nowshowing.to
1 www.facebook.com nowshowing.to
43 14

This site contains no links.

Subject Issuer Validity Valid
nowshowing.to
E1		 2023-12-04 -
2024-03-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
ndcomemuni.com
Amazon RSA 2048 M03		 2024-01-12 -
2025-02-09		 a year crt.sh
sforourcompa.org
GTS CA 1P5		 2024-01-12 -
2024-04-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-29 -
2024-01-27		 3 months crt.sh
toprevenuegate.com
R3		 2023-12-19 -
2024-03-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-12-11 -
2024-03-04		 3 months crt.sh
image.tmdb.org
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://nowshowing.to/
Frame ID: F0C04CF76AF17D6BD11C02E36D89C1C0
Requests: 43 HTTP requests in this frame

Frame: https://ndcomemuni.com/YjZsTEQDVA8hewMLDmoxEFpRaXYkE14KIFMEWiclCl8JfisFTlxiJw5ZGSgiEFkCOGoMUxhpdiRaDQkCU1MoAQguXh8pACBBAwkRN3U7BAYkYj0CFThOVAAcI28UHwUOBjwUAQF4OQkBBk8pGB5TDgYFdVd+KSUSK2U+GQErdB8qAAkCBws8EXk7Gyc3fioKEgZgIQEVFVUdHwUKcCkmETZzBwUVLXRVKRYFWlQLBgZ8LR90OHE+FiUgBi4bBVIHFh4SIHMtH3wwcFwdJjhzCAUcME4HHnQFdTsLfSRuPQ01OHMIBRYjcxoddBVhOzsKM2ULARUGBkEKFiRaHDQCI14oDgczdSQaASZ9LQogI2VZfBYJDggbdwZnPysKI30EfAk6UT4nFhhFOxsqJ2wpGiMsbCkoDTR3XCUMClUNGBwscCt9NwN6BCsgJFoDBBYnWSgeKiRUOCsKMFMqOA8jYBQnFlJeLQ8XAWMvIDQsVRYCCiNwVToWCQI6BBwac0omNw1YHHE1JWNcJQkQWloYLzYBDho
Frame ID: 0E0911065D3E8EAF0112667AED660163
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nowshowing.to – Watch Movies and Series with Quality Links.

Page URL History Show full URLs

  1. http://nowshowing.to/ HTTP 301
    https://nowshowing.to/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

43
Requests

95 %
HTTPS

79 %
IPv6

14
Domains

14
Subdomains

14
IPs

3
Countries

1237 kB
Transfer

2168 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nowshowing.to/ HTTP 301
    https://nowshowing.to/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2pPtHX5zgJpWSGUkK8UHSxkqLrAEIycM-owYHhRnrngwYUrIJWzXVMuT5FPxjAho8EDDSOQA HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ZRJp53hJIOR5lu3Gep7Mv1mFyxnm8QFjrM2TUe_I-KXkQjsdeFepmeBzLYQWClvtE0tkntA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-267662982%3A1705759460859739&theme=glif
Request Chain 23
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3bMl9s9wHNg6JTIN2xWIWM38zoVh79FgRfcMjfZTwHRC1haTLxtZqwABXaQAOYjwpUWolcIg HTTP 302
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0s_xzN0LYElIJ4cun4CSBhM2FRPPH5L83CUgl1tuDbeR3GXreNcGL3GMpLBVd3BbPZkT4QcQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101254348%3A1705759460855089&theme=glif

43 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nowshowing.to/
Redirect Chain
  • http://nowshowing.to/
  • https://nowshowing.to/
136 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5bc2fbb0ec4cf88008e030382b16d7c234f062e0ec77dfb6949ae0a0a886ff4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8487ddaafd656633-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 20 Jan 2024 14:04:20 GMT
last-modified
Sat, 20 Jan 2024 14:04:20 GMT
link
<https://nowshowing.to/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbUaKQCfE5iMmPWhdkJCW3C9oxdbEEb7AqU13TtQdhTyah3IbP%2BKH7BccfCe8Q5g3o9xiJeNJmd1NkYN8wj2BvqTmdLnBy3iPH0Jw610e%2Br9YgIl24UKbAxAF7x8AcTeGcIkFELYa8U3TTeb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
8487ddaa88330e81-AMS
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 20 Jan 2024 14:04:18 GMT
Expires
Sat, 20 Jan 2024 15:04:18 GMT
Location
https://nowshowing.to/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTyc%2BHr8XdQYP6s4EqcwxSb1QBQOQnjno4SOwidP55QrHGAoEO07sncZzxeiIYCTYiSLL7wTMbPoB5rwVoYKv2yQHvN1mr%2BapyTbK6ZayYGDSqWI%2B1motU2J5uG9iIiCSfrE2FmbNDTNVtW6"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
style.css
nowshowing.to/wp-content/themes/fmovie/ 		225 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0d7826773f13838852cbd5bc1d75da9e0ed8726088c84792a677d45cbcd6cbe

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16772
cf-polished
origSize=281131
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 05 Dec 2023 06:43:50 GMT
server
cloudflare
etag
W/"656ec6a6-44a2b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BdlQ0bP%2F1Qus5w%2Bhvm4V79HzbdmmPpCeSHbsDO2jXnmvS5FDbmx85ZsVCPLqOBt1hUSMRZRhVVsEV8hxZ0tlaWrQC5yTCRVZh%2BG2muQduftkw6vq%2Fr7I5tBhS4%2BANSQ%2BkHLBZPn4XPnCG%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
cf-ray
8487ddb3dd326633-AMS
expires
Sat, 20 Jan 2024 21:24:48 GMT
/
d126kahie2ogx0.cloudfront.net/ 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d126kahie2ogx0.cloudfront.net/?ihakd=1010508
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:5c00:4:8941:6900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b86cd8d6c6825912fea62976fcaca4d8d17ad82a960150ccb5b3f39c14b985cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
gzip
via
1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-length
54679
x-amz-cf-id
e48YHfuC-lkwGDNf8Xp5ZItIOvnfipoMtESZhYyg0JWiMsTyu4aIlg==
rocket-loader.min.js
nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Jan 2024 17:29:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65983c8b-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwETWMaYZBDP1PWKHHaN0TVv6aHIwduqZvd16aG0991Do1eL1nIM4hJHFF6OSm%2FEj7oN4bfKCgTqEXHADgMKCbSPYJf1bhnvRfYYokBTmXKITxuFi6DaBl6pcmqByxsjCv%2BVCvG1zVREagTp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8487ddb3ed636633-AMS
expires
Mon, 22 Jan 2024 14:04:20 GMT
all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4436753
x-jsd-version
5.15.4
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230072-FRA, cache-ams21037-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"e7a9-pX7mjRFgGw/Y5QN/wkH/ZadURzw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xnGjsY%2FjmVxNqakdosfiflpcKsUdCf6OhQP%2BVp5rAidkV7KYloHWwmC%2BsCjBpiYaT6WpopyCoZaPbJZ4P6L6m8uPHp0mo1Vv%2FJIVOjkwS7Km1Jkfslk3rPwgXKuz1r5h7wXxz6qx85U0LUd5SA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb46d566692-AMS
swiper.min.css
cdn.jsdelivr.net/npm/swiper@5.4.5/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@5.4.5/css/swiper.min.css
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4600854
x-jsd-version
5.4.5
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230135-FRA, cache-ams21032-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"356d-GnuPJuM/6rwlfsyOlUzD8OH3rGA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=101TkXeWLL82qVDbovoK2oNTvUAAf4F0iQIn9SiILqQLHQVaZLy1yRHtafAzaCFkvOqntMTOHpRtlz6P9Lq1LVENuVp5kyNqiXOJhINU2l%2BAZ6nCsXP%2BUQJ4wwXB%2FlNyWHf8yMCR8Xyfcj6C%2FaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb46d546692-AMS
tooltipster.bundle.min.css
cdn.jsdelivr.net/npm/tooltipster@4.2.8/dist/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tooltipster@4.2.8/dist/css/tooltipster.bundle.min.css
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5988055
x-jsd-version
4.2.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230079-FRA, cache-ams21058-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"195f-Y5EBA+jMXkvessKJz79B+Jlm6ls"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJYtNkuVooyO%2Bbwe%2FeFkWIyssL8g2AB%2BqxoWu5DnI%2FbndmA%2FvHunGoqs%2F%2BJ8hsxNTMcgxCt5%2BXTUNBnHzUaMv1k4fsw0oHNCcUqEOuG2vtxHtEAAMZnqsOY2SzFLcIBsgXHgwmCh%2FKZY%2Fy%2BzHss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb46d526692-AMS
css2
fonts.googleapis.com/ 		7 KB
735 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@400;500;600;700&amp;display=swap
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44d3b949af071f8bef6a569dc9d2d058a711d9259ce08eaea1d0f6c242b797fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 14:04:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 14:04:20 GMT
css2
fonts.googleapis.com/ 		4 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/wp-content/themes/fmovie/style.css?ver=3.0.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 20 Jan 2024 13:04:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 20 Jan 2024 14:04:20 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c170ac04d107913f55e966dce8f26e068a236ba2c3bbc9a4f168f1c13342e5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1fbd6706e78d8b65bbfc2799c913b1f8cc303f56932305e05d5bfe5d3886316c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/webp
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 22:42:31 GMT
x-content-type-options
nosniff
age
228109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 22:42:31 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 02:23:46 GMT
x-content-type-options
nosniff
age
301234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 02:23:46 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 16 Jan 2024 16:16:02 GMT
x-content-type-options
nosniff
age
337698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Jan 2025 16:16:02 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 17 Jan 2024 11:02:11 GMT
x-content-type-options
nosniff
age
270129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 Jan 2025 11:02:11 GMT
fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
458253
x-jsd-version
5.15.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
78268
x-served-by
cache-fra-eddf8230076-FRA, cache-lga21935-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"131bc-DMssgUp+TKEsR3iCFjOAnLA2Hqo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A5zLSgMca2ibIjSg2%2BG4%2B%2BLTeqzGE8j8v9bUWGInAd4CezX8PpEh94o88Ef4QwIb%2F4h4ulVylcFTb6iOKldgd%2FRuIngcRc%2FFIlsvz2b8%2BoUaienISiP%2Bb8C8SbyB2B32qtHqPTLaW8C0Jtt3BnI%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8487ddb4dfff1e6d-AMS
fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/webfonts/fa-regular-400.woff2
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@5.15.4/css/all.min.css
Origin
https://nowshowing.to
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2618958
x-jsd-version
5.15.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13224
x-served-by
cache-fra-eddf8230066-FRA, cache-lga21925-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"33a8-E1F1Ka/6OeJYXFkayubcM2tqqRc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3pNVQp6BEBEDROEs4kBStSufMkiXdyB7KQUOKLgc33IBZ%2BM7XI%2FS3XKT291Sfy8ccmSwzUTItzrMb0Mm5AsBz2salDfF3OG8WvNArdej%2FgRoLGdM7QdsFXuS%2B5n1jMwoocCkGp3eLzvwEoceO74%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8487ddb4d8031e6d-AMS
asd100.bin
pogothere.xyz/ 		100 KB
100 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/asd100.bin
Requested by
Host: d126kahie2ogx0.cloudfront.net
URL: https://d126kahie2ogx0.cloudfront.net/?ihakd=1010508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
cf-cache-status
MISS
last-modified
Sat, 20 Jan 2024 14:04:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
https://nowshowing.to
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJ0voox4Oo3vDRmNUIOubxpvOkNBdEqDRyiK2rrTsH2u75oFAlmDgYbmVjABmkfVbaME04cEALmTdKF0n0K1RKuV%2F3DOiqkx4Lgptgol0PrXyrHx48RJpXOyojCipSvk"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
8487ddb5f82b1eb5-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
/
pogothere.xyz/ 		27 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pogothere.xyz/
Requested by
Host: d126kahie2ogx0.cloudfront.net
URL: https://d126kahie2ogx0.cloudfront.net/?ihakd=1010508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c79360c2abb357d98c85cf875c36b615f61f4641aa2a44f37bc265509a683da

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WDstpeBH%2F2ONNjjwCgkdtmd1f3WH2AQOUOI9Vn87X6HIGGutg6ePfD6btURHS00YQHaDUE9VdRLgo9tol57SNkht%2FldC6X5U7PoLH%2FFjGZnbmpSHWfEtG75J%2BxDjydOm"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET
access-control-allow-origin
https://nowshowing.to
content-type
text/plain
access-control-allow-credentials
true
cf-ray
8487ddb5f82d1eb5-AMS
access-control-allow-headers
X-Requested-With, content-type
alt-svc
h3=":443"; ma=86400
utx
ndcomemuni.com/ 		0
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ndcomemuni.com/utx?cb=Er1OkUfDXLrH&top=nowshowing.to&tid=1010508
Requested by
Host: d126kahie2ogx0.cloudfront.net
URL: https://d126kahie2ogx0.cloudfront.net/?ihakd=1010508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-95.zrh55.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:04:20 GMT
via
1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
server
openresty/1.17.8.2
accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
p3p
CP="NID DSP ALL COR"
access-control-allow-origin
https://nowshowing.to
cache-control
no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials
true
x-amz-cf-id
XdA3psESlWnnf6hRo-8W-sXLeFK9aPHL-0CjPbF3WGAZXDyFw9mCEg==
YjZsTEQDVA8hewMLDmoxEFpRaXYkE14KIFMEWiclCl8JfisFTlxiJw5ZGSgiEFkCOGoMUxhpdiRaDQkCU1MoAQguXh8pACBBAwkRN3U7BAYkYj0CFThOVAAcI28UHwUOBjwUAQF4OQkBBk8pGB5TDgYFdVd+KSUSK2U+GQErdB8qAAkCBws8EXk7Gyc3fioKEgZgI...
ndcomemuni.com/ Frame 0E09 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ndcomemuni.com/YjZsTEQDVA8hewMLDmoxEFpRaXYkE14KIFMEWiclCl8JfisFTlxiJw5ZGSgiEFkCOGoMUxhpdiRaDQkCU1MoAQguXh8pACBBAwkRN3U7BAYkYj0CFThOVAAcI28UHwUOBjwUAQF4OQkBBk8pGB5TDgYFdVd+KSUSK2U+GQErdB8qAAkCBws8EXk7Gyc3fioKEgZgIQEVFVUdHwUKcCkmETZzBwUVLXRVKRYFWlQLBgZ8LR90OHE+FiUgBi4bBVIHFh4SIHMtH3wwcFwdJjhzCAUcME4HHnQFdTsLfSRuPQ01OHMIBRYjcxoddBVhOzsKM2ULARUGBkEKFiRaHDQCI14oDgczdSQaASZ9LQogI2VZfBYJDggbdwZnPysKI30EfAk6UT4nFhhFOxsqJ2wpGiMsbCkoDTR3XCUMClUNGBwscCt9NwN6BCsgJFoDBBYnWSgeKiRUOCsKMFMqOA8jYBQnFlJeLQ8XAWMvIDQsVRYCCiNwVToWCQI6BBwac0omNw1YHHE1JWNcJQkQWloYLzYBDho
Requested by
Host: d126kahie2ogx0.cloudfront.net
URL: https://d126kahie2ogx0.cloudfront.net/?ihakd=1010508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-95.zrh55.r.cloudfront.net
Software
openresty/1.17.8.2 /
Resource Hash
c3516265a260e835297c6de1e324c32785354b8db198a060946deefe1e2ae0d0

Request headers

Referer
https://nowshowing.to/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

accept-ch
DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
cache-control
no-store, no-cache, must-revalidate, no-transform
content-encoding
gzip
content-length
1243
content-type
text/html
date
Sat, 20 Jan 2024 14:04:20 GMT
p3p
CP="NID DSP ALL COR"
pragma
no-cache
server
openresty/1.17.8.2
via
1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
x-amz-cf-id
4iJH4uwLHex9hCLiZ4arlKYstVmjbTOWycXvteviMKOvRYVumy_jJg==
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
blBieFVBbwELaDRiO0wxOCA2LgRXEgA+bDkRNxw8ODxWOQc5ZEQMPAptU0hkXmVSQHMeOQZFZEgjFhkhGyNfSXMHPgQXaEgmX0l7XWRMS2FAYEQNaF92Fgg0CW1TXiUaJA5FZFlgV09gV2RUSGJaYg
sforourcompa.org/ 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sforourcompa.org/blBieFVBbwELaDRiO0wxOCA2LgRXEgA+bDkRNxw8ODxWOQc5ZEQMPAptU0hkXmVSQHMeOQZFZEgjFhkhGyNfSXMHPgQXaEgmX0l7XWRMS2FAYEQNaF92Fgg0CW1TXiUaJA5FZFlgV09gV2RUSGJaYg
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAGZoNADjgbro2njqflf0CgZPJWLOyjm3Gx%2BvgCsRsdwbAYfkBGK9ntuLUvKoZMx0SnA%2BY5pRmekDvY7KiEvJQKbr7FdJyHibD37hpGb8gCu6T7jVgDnY5ogdYWIUkSFPqHL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8487ddb61f2c06dc-AMS
alt-svc
h3=":443"; ma=86400
login.php
www.facebook.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
  • https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ASKXGp2pPtHX5zgJpWSGUkK8UHSxkqLrAEIycM-owYHhRnrngwYUrIJWzXVMuT5...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ZRJp53hJIOR5lu3Gep7Mv1mFyxnm8QFjrM2TUe_I-KXkQjsdeFepmeBzLYQWClvtE0tkntA&passiv...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ZRJp53hJIOR5lu3Gep7Mv1mFyxnm8QFjrM2TUe_I-KXkQjsdeFepmeBzLYQWClvtE0tkntA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-267662982%3A1705759460859739&theme=glif
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H3
Server
2a00:1450:4013:c00::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-SgKKeVRhtougYz2dSdbbug' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
404
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ZRJp53hJIOR5lu3Gep7Mv1mFyxnm8QFjrM2TUe_I-KXkQjsdeFepmeBzLYQWClvtE0tkntA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-267662982%3A1705759460859739&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
identifier
accounts.google.com/v3/signin/
Redirect Chain
  • https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
  • https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKXGp3bMl9s9wHNg6JTIN2xWIWM38zoVh79FgRfcMjfZTwHRC1haTLxtZq...
  • https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0s_xzN0LYElIJ4cun4CSBhM2FRPPH5L83CUgl1tuDbeR3GXreNcGL3GMpLBVd3BbPZkT4QcQ&passi...
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0s_xzN0LYElIJ4cun4CSBhM2FRPPH5L83CUgl1tuDbeR3GXreNcGL3GMpLBVd3BbPZkT4QcQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101254348%3A1705759460855089&theme=glif
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/
Protocol
H3
Server
2a00:1450:4013:c00::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Redirect headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce--IDXqxtpyqWUxXbsdA0Clg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
407
x-xss-protection
1; mode=block
pragma
no-cache
server
GSE
x-frame-options
DENY
report-to
{"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type
text/html; charset=UTF-8
location
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0s_xzN0LYElIJ4cun4CSBhM2FRPPH5L83CUgl1tuDbeR3GXreNcGL3GMpLBVd3BbPZkT4QcQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101254348%3A1705759460855089&theme=glif
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only
same-origin; report-to="coop_gse_qebhlk"
expires
Mon, 01 Jan 1990 00:00:00 GMT
favorites.js
nowshowing.to/wp-content/themes/fmovie/assets/js/ 		749 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-content/themes/fmovie/assets/js/favorites.js?ver=3.0.3
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b8fc6d37e27d8d7f879f415a59f885409cc855d37dfcab205e57f2c31b23c6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23137
cf-polished
origSize=1192
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 29 Jul 2022 07:00:02 GMT
server
cloudflare
etag
W/"62e38572-4a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zi9IApX0ocpsOYSqKSw9hedQu4Wbdq%2FXgJ3KWeIOEiPofqzhfowWkvN%2B%2BHtcSFyjC3VoIffC3NVQN%2F0%2FNTipms%2BrNzvYpkD6Ani1KBiNm3suBVWN8ZZGLLVJDyDzr1VcNiBoED7H%2F68MTZK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8487ddb5eb0d7763-AMS
expires
Sat, 20 Jan 2024 19:38:43 GMT
suggestions.min.js
nowshowing.to/wp-content/themes/fmovie/assets/js/min/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-content/themes/fmovie/assets/js/min/suggestions.min.js?ver=55
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c19beb125c32c12c5a384171a0f4346647b1ed3d96b14cc934ae15d0b2f7c9e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Nov 2022 23:54:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23137
etag
W/"6381559c-8fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6n7pRNm8bayr81x9nBFGJI4ebhQi%2BP0glxjf%2FXtscuHp1GhfgrZb1aXWyo3uIvTOz1Ka8jAl1E613wWtW71hms2zBrEtVFZaPVeuufuHodT5LHVMMIZ35SrJzUCvbXdZOJE0ItaFk7wWcWhN"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8487ddb5eb127763-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 19:38:43 GMT
script.js
nowshowing.to/wp-content/themes/fmovie/assets/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-content/themes/fmovie/assets/js/script.js?ver=3.0.3
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e35f5dba17d24efbc210940c57509df1ef65995ea18bb89a4408b121d5652d90

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23137
cf-polished
origSize=7957
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Feb 2023 16:57:16 GMT
server
cloudflare
etag
W/"63e3d46c-1f15"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eObrRyNTN7zaw7SA8GhTBbhKTGYMYQE5yPB9n%2FV7GIfu4WIF9KBI%2FoxIoPBPvgxmIhHXrg0NHf9YHN5MxARBA11YPyaYDUFi0murf7ekuzlFtcpraOzGGDLSj7iuiqg8N5nSyKHdXEfVEKh6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8487ddb5eb167763-AMS
expires
Sat, 20 Jan 2024 19:38:43 GMT
tooltipster.bundle.min.js
cdn.jsdelivr.net/npm/tooltipster@4.2.8/dist/js/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/tooltipster@4.2.8/dist/js/tooltipster.bundle.min.js?ver=4.2.8
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc6a422ff120aa9f97f799b541eef116a6b222cf13e1ea8574ca16a8fdd6c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4345243
x-jsd-version
4.2.8
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230052-FRA, cache-ams21042-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"9bdc-uUL3YmM0fKdPcaw5+2/Jt/9AAPg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEzzgIZpHHB3ERAyefXm5xMzeUNQB4HNNAYnALdnRilm%2BC3u9aG21mCaEIBF%2FVVKKCJYpxbHdKPbvfIw9Rc4gNhtgkbIAg%2Bb1%2BDKBNc4CtG5BDwUVYjkEwyontg%2FetOsVWH3mR%2FgmsW7KcwomV8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb5efe16692-AMS
swiper.min.js
cdn.jsdelivr.net/npm/swiper@5.4.5/js/ 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/swiper@5.4.5/js/swiper.min.js?ver=5.4.5
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4516078
x-jsd-version
5.4.5
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230132-FRA, cache-ams21031-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"22681-6kBjTcB74gdDRc3BT2hE088/Ar0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBsaMno5KB%2Ffd2gjG77GLLn6uyLE9Aos2i1%2BB8GLv2s7tgEJ9BYNViEIMhiPrBmlplwhsO1a4n4eJIJ2PL79xOW7Z0nUWQLSkN9qe1xmC1BC8AQ8IRQOexlh0Qcn8ckfsTmxooOdAlLOLMG%2FbwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb5efe46692-AMS
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js?ver=4.5.3
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4352942
x-jsd-version
4.5.3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220114-FRA, cache-ams21078-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIVEh9imhyeSF1GRHrhNHX4fINEayiyMqG9NXKlEGBIBItTCxoFc%2BJijPrcaw7SsJ2eukDAOR4VmSUKe6zAqYEeV8%2FvuRlQvru5MXsSmPGOSNrKGAePMVuw%2F6ZHvpFEJjBFMtwRHkZ7dFus2BKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb5efe76692-AMS
lazyload.js
cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload@2.0.0-rc.2/lazyload.js?ver=2.0.0
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4623408
x-jsd-version
2.0.0-rc.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220104-FRA, cache-ams21023-AMS
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=THOQxOsDkYmUFuJXyFdFb911PcNYbtcGmh8oQsZko1mwp6w6K9U1eveDdU%2FOQaFnYI7l80F%2Bea8iB01CTCrO5%2FK6dlgak3ISHj9AcLMDXlbCVqGLvDPNc7sovp9U8Qd3LTk4xP0RjOyIrTRDO1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8487ddb5efe86692-AMS
jquery-migrate.min.js
nowshowing.to/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 09 Jun 2023 08:19:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23137
etag
W/"6482e08c-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=etxXQO3%2Bjr9h7kUAtiqY1iegU7jydachNwNM4y3NzKIO4phMy31euccetEJPbjaiouDwDpUvYtfFG9IKB69DtjWy%2F9cDwjaY8OOOuxPBK3GV9QRMx7fXC3GkGlj3fhUi7LNDmFG7F1t0Oo3e"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8487ddb5eb177763-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 19:38:43 GMT
jquery.min.js
nowshowing.to/wp-includes/js/jquery/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nowshowing.to/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 28 Aug 2023 19:44:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
23137
etag
W/"64ecf918-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vBPzzR3kbqGVbRK18lQLCEWy82%2BC62Xkq9BT9F3pZ%2BIEKfGeKNm9UJqTE0GQZl1DT3VcLQV%2FIPXMadws1yPD%2BmBLUb25J9a2bUGfnGiZ4Bnx9JcwWnz%2FTr%2B7D30HQ%2Fsgh0MLM0VaJZKa83zZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
8487ddb5eb1b7763-AMS
alt-svc
h3=":443"; ma=86400
expires
Sat, 20 Jan 2024 19:38:43 GMT
c203dcd39860714bd171d7e2834289a3.js
pl19840795.toprevenuegate.com/c2/03/dc/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pl19840795.toprevenuegate.com/c2/03/dc/c203dcd39860714bd171d7e2834289a3.js
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Sat, 20 Jan 2024 14:04:21 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
js
www.googletagmanager.com/gtag/ 		276 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X17DMJXB07
Requested by
Host: nowshowing.to
URL: https://nowshowing.to/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd6efbd2e17c7dac53f1a2d14c80f3d9b7cb2fe3408877fc8fc118044931ad46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93233
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 20 Jan 2024 14:04:20 GMT
laEF1eDMLLhseDBwoEUUCWHBFTQNQZx8LXAYxSAl0PXEcNUEEdyETZ18jI15HEiVISRUEIBsfDk4kGxsOWWcUHFFVdVMMQwcqSAhFEjUTEkIQOB9eRgl8GBdJAS0ZGRZaB0BWA01zRVBEAS8RF0QbZEdIXRxkR0gCWG9FXQAqZEdIRAEvQ0wWWwNQSgMQd0-FRFlp...
d126kahie2ogx0.cloudfront.net/ Frame 0E09 		707 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d126kahie2ogx0.cloudfront.net/laEF1eDMLLhseDBwoEUUCWHBFTQNQZx8LXAYxSAl0PXEcNUEEdyETZ18jI15HEiVISRUEIBsfDk4kGxsOWWcUHFFVdVMMQwcqSAhFEjUTEkIQOB9eRgl8GBdJAS0ZGRZaB0BWA01zRVBEAS8RF0QbZEdIXRxkR0gCWG9FXQAqZEdIRAEvQ0wWWwNQSgMQd0-FRFlpxFAhDBCQCHVEDKAFdAS50Rk8dW3dQSgNAKh0MXgRkRzsWWnEZEVgNZEdIVA0iHhcaTXNFG1saLhgdFloHREoDRnFbTgNReFtKAVxkR0hACScUClpNczNNAF9vRk4VHXxE
Requested by
Host: ndcomemuni.com
URL: https://ndcomemuni.com/YjZsTEQDVA8hewMLDmoxEFpRaXYkE14KIFMEWiclCl8JfisFTlxiJw5ZGSgiEFkCOGoMUxhpdiRaDQkCU1MoAQguXh8pACBBAwkRN3U7BAYkYj0CFThOVAAcI28UHwUOBjwUAQF4OQkBBk8pGB5TDgYFdVd+KSUSK2U+GQErdB8qAAkCBws8EXk7Gyc3fioKEgZgIQEVFVUdHwUKcCkmETZzBwUVLXRVKRYFWlQLBgZ8LR90OHE+FiUgBi4bBVIHFh4SIHMtH3wwcFwdJjhzCAUcME4HHnQFdTsLfSRuPQ01OHMIBRYjcxoddBVhOzsKM2ULARUGBkEKFiRaHDQCI14oDgczdSQaASZ9LQogI2VZfBYJDggbdwZnPysKI30EfAk6UT4nFhhFOxsqJ2wpGiMsbCkoDTR3XCUMClUNGBwscCt9NwN6BCsgJFoDBBYnWSgeKiRUOCsKMFMqOA8jYBQnFlJeLQ8XAWMvIDQsVRYCCiNwVToWCQI6BBwac0omNw1YHHE1JWNcJQkQWloYLzYBDho
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:5c00:4:8941:6900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2549d6ce8221a39f1d4fee1432bb3fe0b1fc8cb0c79603a1e1c18e9008c72270

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://ndcomemuni.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
content-encoding
gzip
via
1.1 847372cac152a2575995d0b13be85a88.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
max-age=31556926
content-length
504
x-amz-cf-id
xOn3GZnfscryYT14qaHLmlXvjrRr4rJ8sdguGGuLzkGW6mpQymjQWA==
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-X17DMJXB07&gtm=45je41h0v9173432484&_p=1705759461140&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=700673833.1705759461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705759461&sct=1&seg=0&dl=https%3A%2F%2Fnowshowing.to%2F&dt=Nowshowing.to%20%E2%80%93%20Watch%20Movies%20and%20Series%20with%20Quality%20Links.&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2349
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X17DMJXB07
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 20 Jan 2024 14:04:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nowshowing.to
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
popunder.gif
sforourcompa.org/ 		35 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sforourcompa.org/popunder.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
public
date
Sat, 20 Jan 2024 14:04:21 GMT
cf-cache-status
HIT
last-modified
Fri, 19 Jan 2024 08:24:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
106796
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qb43PO%2FYv09upEoMg%2BAEG7snneytcqCtS6JEIF89KbJvG6%2F4MtBh71QgxxFDgwvoEWGKxswaxLDJY0%2FUPMuG8kBhmMYtvfz%2FXaLFD4gruNFcAYRMK9XJhsJh4pUOA6rqkEav"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800, immutable
cf-ray
8487ddb87b8806dc-AMS
alt-svc
h3=":443"; ma=86400
660-poster.jpg
nowshowing.to/wp-content/uploads/2024/01/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nowshowing.to/wp-content/uploads/2024/01/660-poster.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a89490ac726bb368848c5ef6a22197864a24b33c34472c1deff3b60aa4dba8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30758
alt-svc
h3=":443"; ma=86400
content-length
36059
last-modified
Fri, 19 Jan 2024 10:43:31 GMT
server
cloudflare
etag
"65aa5253-8cdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fa9mH62XWqceoIvgcitvtFfCt8539dzfoVQ1AMe2RbuIpu2v7s3d4rgwMsiJQ78hwba8XxOdXLfyEGcQoiiFtfpKRu%2BpIw6FS07cGf%2FKsKuFd8rLO7%2FGHwiSeb0lK4jPf4c8KG5%2FCfODSAA"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8487ddba6fea7763-AMS
expires
Mon, 19 Feb 2024 05:31:43 GMT
647-poster.jpg
nowshowing.to/wp-content/uploads/2024/01/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nowshowing.to/wp-content/uploads/2024/01/647-poster.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcb75b98f053a5402b3d5b4d5a98abd80b42994c0b55f67591080ea46c7fcd58

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342929
alt-svc
h3=":443"; ma=86400
content-length
41404
last-modified
Tue, 16 Jan 2024 03:50:50 GMT
server
cloudflare
etag
"65a5fd1a-a1bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwSOt92c9QzGLgPk9vsR8HDfEiOLgAgbvt1tDYdv1j3ftJKXm3E%2BzYG16rDyIjxGUNedN8dFOyHVKffKbkZVs05PxA3nQTxKtTRDGPDTk5PN05I9%2FTSHmrRje8bIy74iOj3kNkFWaoVnY%2Bn4"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8487ddba6fed7763-AMS
expires
Thu, 15 Feb 2024 14:48:52 GMT
641-poster.jpg
nowshowing.to/wp-content/uploads/2024/01/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nowshowing.to/wp-content/uploads/2024/01/641-poster.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b3644f4c474c9ef24a4c3cb474098b7d15922b1bd9a904bd4071823eeb5fd0c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
342929
alt-svc
h3=":443"; ma=86400
content-length
78926
last-modified
Tue, 16 Jan 2024 03:40:37 GMT
server
cloudflare
etag
"65a5fab5-1344e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NONQ%2B7vTjox5awU08N2zULaAbcgsoEQKOxw%2FM8vTzPMRRO5fAoDTvrFcnDqIiVf4ZlFSNbRBJrlaVyV%2F3wpq%2Fx9PHyVXYZHKvO%2FWGNx1C9spyu39%2BQHsTc3VuGlP14%2B8djMEVBX6fU9kZ6vV"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8487ddba6fef7763-AMS
expires
Thu, 15 Feb 2024 14:48:52 GMT
rekCNEEsETYQ9EhGgJ3M964Il4e.jpg
image.tmdb.org/t/p/original/ 		190 KB
190 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.tmdb.org/t/p/original/rekCNEEsETYQ9EhGgJ3M964Il4e.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
a776f1b9e0502f2b8a523370abc10ee22bb805ad8fbaabfd4f539314789fad43

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cdn-edgestorageid
1054
perma-cache
HIT
cdn-storageserver
NY-267
cdn-cachedat
01/01/2024 10:36:51
cdn-pullzone
775336
content-length
194325
last-modified
Fri, 13 May 2022 07:34:22 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
268
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"627e09fe-2f715"
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control
public, max-age=31919000
cdn-requestid
8dc6bfa4b53bc0029f194e8b711c3fca
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
20XvVstRJuNo2cvDh1RLpeMR49r.jpg
image.tmdb.org/t/p/original/ 		246 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.tmdb.org/t/p/original/20XvVstRJuNo2cvDh1RLpeMR49r.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
4ef3a7fac7f03613687cbc42fa6abc92365ff129d743cf78ecf7d38c37b612e0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cdn-edgestorageid
863
perma-cache
MISS
cache-tag
20XvVstRJuNo2cvDh1RLpeMR49r
cdn-cachedat
12/22/2023 23:06:48
cdn-pullzone
775336
imagery
degrade=77, sample=1x1, difference=2.018
alt-svc
h3=":443"
content-length
251712
last-modified
Fri, 22 Dec 2023 19:22:13 GMT
server
BunnyCDN-DE1-1055
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
9080f92c9140b8eeb9f8f3998f05c9e3
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control
public, max-age=31919000
cdn-requestid
ce04467b5af81f44c6c87a1ae9e0dd59
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True
1at82hkJW1fCtKDgHeJS1i7Umg7.jpg
image.tmdb.org/t/p/original/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.tmdb.org/t/p/original/1at82hkJW1fCtKDgHeJS1i7Umg7.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1055:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1055 /
Resource Hash
a267883f242a45362da6fed7f2d8ea02886d12c7e1b41a8692ab888e5a8766b1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://nowshowing.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 14:04:21 GMT
cdn-edgestorageid
723
perma-cache
HIT
cdn-storageserver
NY-346
cdn-cachedat
01/18/2024 03:28:39
cdn-pullzone
775336
content-length
79418
last-modified
Thu, 18 Jan 2024 00:30:11 GMT
server
BunnyCDN-DE1-1055
cdn-fileserver
704
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
"65a87113-1363a"
content-type
image/jpeg
cdn-cache
HIT
cdn-uid
29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cache-control
public, max-age=31919000
cdn-requestid
0f06f48be8e5abd113bdf990f00c737f
accept-ranges
bytes
cdn-requestcountrycode
NL
cdn-status
200
cdn-requestpullsuccess
True

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| LAST_CORRECT_EVENT_TIME object| utr_1010508 number| userTrackingInterval number| _1920686317 object| __cfQR number| iinf function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| ajax_url function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig undefined| $ function| jQuery function| lazyload function| LazyLoad object| bootstrap function| Swiper function| rateToStars object| Suggestions function| imgError boolean| __cfRLUnblockHandlers

3 Cookies

Domain/Path Name / Value
pogothere.xyz/ Name: csu
Value: 1752725638121714@1@1705759460
.nowshowing.to/ Name: _ga_X17DMJXB07
Value: GS1.1.1705759461.1.0.1705759461.0.0.0
.nowshowing.to/ Name: _ga
Value: GA1.1.700673833.1705759461

3 Console Messages

Source Level URL
Text
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp3ZRJp53hJIOR5lu3Gep7Mv1mFyxnm8QFjrM2TUe_I-KXkQjsdeFepmeBzLYQWClvtE0tkntA&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-267662982%3A1705759460859739&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKXGp0s_xzN0LYElIJ4cun4CSBhM2FRPPH5L83CUgl1tuDbeR3GXreNcGL3GMpLBVd3BbPZkT4QcQ&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S101254348%3A1705759460855089&theme=glif
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pl19840795.toprevenuegate.com/c2/03/dc/c203dcd39860714bd171d7e2834289a3.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdn.jsdelivr.net
d126kahie2ogx0.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
image.tmdb.org
ndcomemuni.com
nowshowing.to
pl19840795.toprevenuegate.com
pogothere.xyz
region1.google-analytics.com
sforourcompa.org
www.facebook.com
www.googletagmanager.com
18.165.183.95
188.114.96.3
192.243.59.20
2001:4860:4802:34::36
2400:52e0:1e00::1055:1
2600:9000:20c3:5c00:4:8941:6900:21
2606:4700::6810:5914
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200a
2a00:1450:4013:c00::54
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
1c19beb125c32c12c5a384171a0f4346647b1ed3d96b14cc934ae15d0b2f7c9e
1fbd6706e78d8b65bbfc2799c913b1f8cc303f56932305e05d5bfe5d3886316c
2549d6ce8221a39f1d4fee1432bb3fe0b1fc8cb0c79603a1e1c18e9008c72270
36231d9ccbf4581029b3733c99c07b587ce56a7113b74ae7c0c0a083aec38029
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
44d3b949af071f8bef6a569dc9d2d058a711d9259ce08eaea1d0f6c242b797fc
4ef3a7fac7f03613687cbc42fa6abc92365ff129d743cf78ecf7d38c37b612e0
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
62c170ac04d107913f55e966dce8f26e068a236ba2c3bbc9a4f168f1c13342e5
6b3644f4c474c9ef24a4c3cb474098b7d15922b1bd9a904bd4071823eeb5fd0c
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
88a89490ac726bb368848c5ef6a22197864a24b33c34472c1deff3b60aa4dba8
8c79360c2abb357d98c85cf875c36b615f61f4641aa2a44f37bc265509a683da
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
906ba97c9e3365be3f9b418f3d56349e0ec5c128d99b5134c0c586d5a4586f09
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
a267883f242a45362da6fed7f2d8ea02886d12c7e1b41a8692ab888e5a8766b1
a5bc2fbb0ec4cf88008e030382b16d7c234f062e0ec77dfb6949ae0a0a886ff4
a776f1b9e0502f2b8a523370abc10ee22bb805ad8fbaabfd4f539314789fad43
aef306d8dc297f057d650b2e03a3c79b8f8aa29aeaa9f7f19b4f4a5c5d3e88f1
b4b8fc6d37e27d8d7f879f415a59f885409cc855d37dfcab205e57f2c31b23c6
b86cd8d6c6825912fea62976fcaca4d8d17ad82a960150ccb5b3f39c14b985cf
bfc6a422ff120aa9f97f799b541eef116a6b222cf13e1ea8574ca16a8fdd6c1e
c3516265a260e835297c6de1e324c32785354b8db198a060946deefe1e2ae0d0
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
dd6efbd2e17c7dac53f1a2d14c80f3d9b7cb2fe3408877fc8fc118044931ad46
e35f5dba17d24efbc210940c57509df1ef65995ea18bb89a4408b121d5652d90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
f0d7826773f13838852cbd5bc1d75da9e0ed8726088c84792a677d45cbcd6cbe
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
fcb75b98f053a5402b3d5b4d5a98abd80b42994c0b55f67591080ea46c7fcd58