URL: https://kinoxits.net/user/slipcongo59/
Submission: On September 16 via manual from US — Scanned from DE

Summary

This website contacted 48 IPs in 10 countries across 53 domains to perform 118 HTTP transactions. The main IP is 87.236.16.8, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is kinoxits.net.
TLS certificate: Issued by R3 on August 5th 2021. Valid for: 3 months.
This is the only time kinoxits.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 87.236.16.8 198610 (BEGET-AS)
1 185.199.110.153 54113 (FASTLY)
1 31.31.198.39 197695 (AS-REG)
6 142.250.185.66 15169 (GOOGLE)
2 142.250.185.232 15169 (GOOGLE)
1 142.250.184.202 15169 (GOOGLE)
2 145.239.131.60 16276 (OVH)
3 11 87.250.251.119 13238 (YANDEX)
1 104.26.4.7 13335 (CLOUDFLAR...)
4 104.21.78.7 13335 (CLOUDFLAR...)
1 185.66.89.131 30860 (YURTEH-AS)
1 138.201.51.138 24940 (HETZNER-AS)
2 104.21.40.131 13335 (CLOUDFLAR...)
2 172.217.19.99 15169 (GOOGLE)
2 104.21.32.44 13335 (CLOUDFLAR...)
3 172.217.18.110 15169 (GOOGLE)
1 2 88.212.201.198 39134 (UNITEDNET)
3 51.89.24.70 16276 (OVH)
1 67.202.114.214 32748 (STEADFAST)
2 142.250.186.130 15169 (GOOGLE)
1 52.222.214.95 16509 (AMAZON-02)
1 52.28.151.162 16509 (AMAZON-02)
1 188.72.221.186 35415 (WEBZILLA)
2 18.66.112.41 16509 (AMAZON-02)
3 18.66.97.88 16509 (AMAZON-02)
1 138.197.56.196 14061 (DIGITALOC...)
1 4 104.111.215.191 16625 (AKAMAI-AS)
2 2 51.79.83.225 16276 (OVH)
1 142.250.185.226 15169 (GOOGLE)
1 142.250.185.130 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
1 104.16.88.26 13335 (CLOUDFLAR...)
1 74.125.206.155 15169 (GOOGLE)
2 172.217.23.100 15169 (GOOGLE)
7 208.100.17.186 32748 (STEADFAST)
1 67.202.105.31 32748 (STEADFAST)
2 15 52.48.137.92 16509 (AMAZON-02)
2 142.250.186.129 15169 (GOOGLE)
1 172.67.220.51 13335 (CLOUDFLAR...)
4 4 51.75.146.200 16276 (OVH)
2 2 46.228.164.13 56396 (AMOBEE)
2 142.250.184.194 15169 (GOOGLE)
1 76.223.111.131 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
1 34.254.143.3 16509 (AMAZON-02)
2 2 52.49.107.116 16509 (AMAZON-02)
1 51.144.7.192 8075 (MICROSOFT...)
1 52.29.0.64 16509 (AMAZON-02)
1 34.255.169.92 16509 (AMAZON-02)
1 1 64.58.232.176 13649 (ASN-VINS)
1 69.169.86.39 29838 (AMC)
1 2 35.176.195.187 16509 (AMAZON-02)
1 1 54.175.198.118 14618 (AMAZON-AES)
2 2 52.48.53.255 16509 (AMAZON-02)
1 63.251.232.170 29791 (VOXEL-DOT...)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
2 2 3.125.99.7 16509 (AMAZON-02)
2 2 151.101.130.49 54113 (FASTLY)
2 2 185.33.221.13 29990 (ASN-APPNEX)
118 48
Apex Domain
Subdomains
Transfer
20 kinoxits.net
kinoxits.net
502 KB
18 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
sync.crwdcntrl.net
24 KB
9 tynt.com
cdn.tynt.com
ic.tynt.com
de.tynt.com
8 KB
8 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
175 KB
7 yandex.com
mc.yandex.com
3 KB
5 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
6 KB
4 id5-sync.com
id5-sync.com
6 KB
4 bluekai.com
tags.bluekai.com
1 KB
4 fontawesome.com
use.fontawesome.com
88 KB
4 yandex.ru
informer.yandex.ru
mc.yandex.ru
114 KB
3 google.com
adservice.google.com
www.google.com
2 KB
3 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
onetag-geo-grouping.s-onetag.com
12 KB
3 dtscout.com
t.dtscout.com
10 KB
3 google-analytics.com
www.google-analytics.com
58 KB
2 adnxs.com
secure.adnxs.com
2 KB
2 everesttech.net
sync-tm.everesttech.net
616 B
2 w55c.net
pm.w55c.net
2 KB
2 sitescout.com
pixel-sync.sitescout.com
941 B
2 tidaltv.com
sync.tidaltv.com
687 B
2 agkn.com
aa.agkn.com
745 B
2 demdex.net
dpm.demdex.net
2 KB
2 tapad.com
pixel.tapad.com
919 B
2 turn.com
d.turn.com
855 B
2 onaudience.com
pixel.onaudience.com
719 B
2 sharethis.com
pd.sharethis.com
sync.sharethis.com
255 B
2 yadro.ru
counter.yadro.ru
2 KB
2 mrelko.com
mrelko.com
1 KB
2 gstatic.com
fonts.gstatic.com
47 KB
2 brdmin.com
brdmin.com
2 KB
2 ibb.co
i.ibb.co
4 MB
2 googletagmanager.com
www.googletagmanager.com
72 KB
1 mathtag.com
sync.mathtag.com
615 B
1 adgrx.com
cm.adgrx.com
408 B
1 stackadapt.com
sync.srv.stackadapt.com
618 B
1 mookie1.com
ib.mookie1.com
990 B
1 ib-ibi.com
global.ib-ibi.com
513 B
1 krxd.net
beacon.krxd.net
338 B
1 cintnetworks.com
c.cintnetworks.com
328 B
1 exelator.com
loadm.exelator.com
324 B
1 adsrvr.org
match.adsrvr.org
265 B
1 dtssrv.com
a.dtssrv.com
558 B
1 googletagservices.com
www.googletagservices.com
28 KB
1 googleadservices.com
partner.googleadservices.com
656 B
1 dtscdn.com
t.dtscdn.com
407 B
1 ssl-services.com
retarget.ssl-services.com
422 B
1 amung.us
whos.amung.us
144 B
1 myangular.life
stats.myangular.life
87 B
1 takedwn.ws
test.takedwn.ws
1 waust.at
waust.at
6 KB
1 googleapis.com
fonts.googleapis.com
1 KB
1 goldfilm.net
goldfilm.net
91 KB
1 github.io
partnercoll.github.io
2 KB
0 clrstm.com Failed
sync.tag.clrstm.com Failed
118 53
Domain Requested by
20 kinoxits.net kinoxits.net
9 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
7 ic.tynt.com kinoxits.net
7 mc.yandex.com 2 redirects kinoxits.net
mc.yandex.ru
6 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
6 pagead2.googlesyndication.com kinoxits.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
4 id5-sync.com 4 redirects
4 tags.bluekai.com 1 redirects kinoxits.net
bcp.crwdcntrl.net
4 use.fontawesome.com kinoxits.net
use.fontawesome.com
3 tags.crwdcntrl.net t.dtscout.com
tags.crwdcntrl.net
3 t.dtscout.com waust.at
t.dtscout.com
3 mc.yandex.ru 1 redirects kinoxits.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 secure.adnxs.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 sync.tidaltv.com 2 redirects
2 aa.agkn.com 1 redirects bcp.crwdcntrl.net
2 dpm.demdex.net 2 redirects
2 pixel.tapad.com 2 redirects
2 cm.g.doubleclick.net bcp.crwdcntrl.net
2 d.turn.com 2 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.google.com kinoxits.net
tpc.googlesyndication.com
2 pixel.onaudience.com 2 redirects
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 counter.yadro.ru 1 redirects kinoxits.net
2 mrelko.com kinoxits.net
2 fonts.gstatic.com fonts.googleapis.com
2 brdmin.com kinoxits.net
brdmin.com
2 i.ibb.co kinoxits.net
2 www.googletagmanager.com kinoxits.net
1 sync.mathtag.com 1 redirects
1 cm.adgrx.com bcp.crwdcntrl.net
1 sync.srv.stackadapt.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 beacon.krxd.net bcp.crwdcntrl.net
1 sync.sharethis.com bcp.crwdcntrl.net
1 c.cintnetworks.com bcp.crwdcntrl.net
1 loadm.exelator.com bcp.crwdcntrl.net
1 match.adsrvr.org bcp.crwdcntrl.net
1 a.dtssrv.com t.dtscout.com
1 de.tynt.com cdn.tynt.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.tynt.com waust.at
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 t.dtscdn.com t.dtscout.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 retarget.ssl-services.com brdmin.com
1 pd.sharethis.com t.dtscout.com
1 get.s-onetag.com t.dtscout.com
1 whos.amung.us waust.at
1 stats.myangular.life kinoxits.net
1 test.takedwn.ws partnercoll.github.io
1 waust.at kinoxits.net
1 informer.yandex.ru kinoxits.net
1 fonts.googleapis.com kinoxits.net
1 goldfilm.net kinoxits.net
1 partnercoll.github.io kinoxits.net
0 sync.tag.clrstm.com Failed bcp.crwdcntrl.net
118 65

This site contains links to these domains. Also see Links.

Domain
bit.ly
ktmobomst.com
www.gravatar.com
www.liveinternet.ru
metrika.yandex.ru
Subject Issuer Validity Valid
kinoxits.net
R3
2021-08-05 -
2021-11-03
3 months crt.sh
www.github.com
DigiCert SHA2 High Assurance Server CA
2020-05-06 -
2022-04-14
2 years crt.sh
goldfilm.net
R3
2021-08-04 -
2021-11-02
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-30 -
2021-11-22
3 months crt.sh
ibb.co
R3
2021-08-06 -
2021-11-04
3 months crt.sh
mc.yandex.ru
Yandex CA
2021-07-28 -
2022-01-07
5 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-04 -
2022-08-03
a year crt.sh
*.takedwn.ws
R3
2021-09-16 -
2021-12-15
3 months crt.sh
*.myangular.life
R3
2021-08-05 -
2021-11-03
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.mrelko.com
R3
2021-09-14 -
2021-12-13
3 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA
2020-02-02 -
2022-05-02
2 years crt.sh
*.dtscout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2020-11-03 -
2021-11-03
a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA
2020-05-21 -
2022-05-21
2 years crt.sh
*.s-onetag.com
Amazon
2021-02-03 -
2022-03-04
a year crt.sh
sharethis.com
Amazon
2021-09-01 -
2022-09-30
a year crt.sh
*.ssl-services.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-31 -
2021-10-30
2 years crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2
2021-04-29 -
2022-05-31
a year crt.sh
t.dtscdn.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2020-11-03 -
2021-11-15
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA
2021-04-25 -
2022-04-26
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2019-10-01 -
2021-09-30
2 years crt.sh
www.google.com
GTS CA 1C3
2021-08-30 -
2021-11-22
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2021-06-02 -
2022-06-07
a year crt.sh
*.cintnetworks.com
DigiCert SHA2 Secure Server CA
2020-09-21 -
2021-10-23
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-01-13 -
2022-01-07
a year crt.sh
ib.mookie1.com
DigiCert SHA2 High Assurance Server CA
2019-10-07 -
2021-11-12
2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-24 -
2022-03-26
a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh

This page contains 8 frames:

Primary Page: https://kinoxits.net/user/slipcongo59/
Frame ID: 4A2F0430EEB4653435FFFA31072B2916
Requests: 88 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html
Frame ID: B5F32891DA8B5E50E1D50F107E620ECC
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=51A016318265416E95F869111E6880A2
Frame ID: AD6F3FF2324EE7378F764148C576E73E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456985064256923&output=html&adk=1812271804&adf=3025194257&lmt=1631826541&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631826541603&bpp=3&bdt=540&idt=344&shv=r20210914&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6036036391358&frm=20&pv=2&ga_vid=214418387.1631826542&ga_sid=1631826542&ga_hid=1488270821&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062524&oid=3&pvsid=1190991508554168&pem=471&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 130C51DBF58B665D256991D6079F8F87
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4CE6CDFA4E64C657EF39E62F2D717EED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC3A8823C1115F0B2557A20C4DF93D5C
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 91AC47E80B63C244638CF4714C47EB7F
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: CC5625D1069D44156085C9CB6AA4B9B3
Requests: 24 HTTP requests in this frame

Screenshot

Page Title

slipcongo59 » Kinoxits.net | таржима кинолар | узбек кинолар | мультфилимлар | янги кинолар | зарубежные кинолар | Фильмы | клипы | новинки музыки | o`zbekcha tarjima | o`zbek tilida | uzbek tilida | tarjima kinolar | uzbek kinolar | multfilmlar | yangi kinolar | yangi qo'shiqlar 2020 | yangi mp3 | uzbek klip

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • <!--LiveInternet counter-->
  • <!--/LiveInternet-->

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

118
Requests

99 %
HTTPS

0 %
IPv6

53
Domains

65
Subdomains

48
IPs

10
Countries

5588 kB
Transfer

6990 kB
Size

69
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://counter.yadro.ru/hit?t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8590995213554082 HTTP 302
  • https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8590995213554082
Request Chain 55
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9398.QfsvW7v8LpnYRTTRFRI5fH3jA3sg40JKP9w86SAOwbfSpuTNCoLGJYY7crdGeLER._tvgT9o8fbVCTtLz3Q5Opf-vxOI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9398.RzioSfDuvR9LSFhcq1wnO-trGstqeHWV5n_RatcGRxHITccBPH64LsgYvr9ImT0JdtfVSCRZKj48QTxlgeg7ww%2C%2C.EYePNWRHkgA7Zv7lThAAfsv6KLY%2C
Request Chain 60
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A016318265416E95F869111E6880A2 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=0d27e21ab2e2831c
Request Chain 71
  • https://mc.yandex.com/watch/71378167?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A1542907067174%3Ahid%3A1025564040%3Az%3A0%3Ai%3A20210916210901%3Aet%3A1631826542%3Ac%3A1%3Arn%3A377670062%3Arqn%3A1%3Au%3A1631826542543420952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631826540616%3Ads%3A181%2C104%2C156%2C1%2C0%2C0%2C%2C516%2C10%2C%2C%2C%2C967%3Adsn%3A181%2C105%2C156%2C1%2C0%2C0%2C%2C520%2C10%2C%2C%2C%2C967%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631826542%3At%3Aslipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip HTTP 302
  • https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A1542907067174%3Ahid%3A1025564040%3Az%3A0%3Ai%3A20210916210901%3Aet%3A1631826542%3Ac%3A1%3Arn%3A377670062%3Arqn%3A1%3Au%3A1631826542543420952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631826540616%3Ads%3A181%2C104%2C156%2C1%2C0%2C0%2C%2C516%2C10%2C%2C%2C%2C967%3Adsn%3A181%2C105%2C156%2C1%2C0%2C0%2C%2C520%2C10%2C%2C%2C%2C967%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631826542%3At%3Aslipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip
Request Chain 93
  • https://id5-sync.com/s/19/9.gif?puid=59295df85e2440707760e857aabe186a&gdpr=1 HTTP 302
  • https://id5-sync.com/c/19/19/9/1.gif?puid=59295df85e2440707760e857aabe186a&gdpr=1&gdpr_consent= HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpuid%3D%24_BK_UUID%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://tags.bluekai.com/site/5907?limit=0&id=4b8170929f8d225f5b022d7a38623f1b&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_UUID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/19/224/7/3.gif?puid=2744828466399490216&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTkyOTVkZjg1ZTI0NDA3MDc3NjBlODU3YWFiZTE4NmE&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg
Request Chain 95
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=59295df85e2440707760e857aabe186a&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=59295df85e2440707760e857aabe186a&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=66db763b-f2bb-48b9-8f0c-c7a07b373948
Request Chain 97
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=59295df85e2440707760e857aabe186a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=59295df85e2440707760e857aabe186a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39830878933850698794508296921699581519
Request Chain 102
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a
Request Chain 103
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048 HTTP 302
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164860103911000410225
Request Chain 104
  • https://sync.srv.stackadapt.com/sync?nid=lotame HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d950d188-d678-4b2c-4e38-37c95f0a47e5$ip$216.131.114.43
Request Chain 105
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6?gdpr=1&gdpr_consent=
Request Chain 107
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=48d06143-b26f-4500-a999-6960617eb50d
Request Chain 108
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=71dc7a34-33d2-45b9-a160-13a74ff5961a-6143b26f-5553
Request Chain 109
  • https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_ HTTP 302
  • https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=GMauBt1l1MqYCX5
Request Chain 110
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUOybwACEFdEjgAT HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOybwACEFdEjgAT&_test=YUOybwACEFdEjgAT
Request Chain 114
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/59295df85e2440707760e857aabe186a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2816886060437418152
Request Chain 115
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=18885738%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D18885738%252Ftpid%253D%2524UID%252Ftp%253DANXS HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/rand=18885738/tpid=4886402180158231544/tp=ANXS

118 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kinoxits.net/user/slipcongo59/
38 KB
12 KB
Document
General
Full URL
https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
a3da8ad234b6bcd892d3efa3950c2e4f677cd5f98422ef1b8775eceb33b3e6b3

Request headers

:method
GET
:authority
kinoxits.net
:scheme
https
:path
/user/slipcongo59/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx-reuseport/1.21.1
date
Thu, 16 Sep 2021 21:09:01 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-powered-by
PHP/5.6.40
set-cookie
PHPSESSID=14308bcfa052de06411c22380334234c; path=/; HttpOnly
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
content-encoding
gzip
actualize.js
partnercoll.github.io/
3 KB
2 KB
Script
General
Full URL
https://partnercoll.github.io/actualize.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.199.110.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
cdn-185-199-110-153.github.com
Software
GitHub.com /
Resource Hash
5c6acfd138a9a1db37b7f8a085421e2413bc511c8b6351504a839031adc66749
Security Headers
Name Value
Strict-Transport-Security max-age=31556952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id
9b2ad6c5f85fd911a3a2121b4d559dc004eb3a33
strict-transport-security
max-age=31556952
content-encoding
gzip
etag
W/"61437f9c-ba5"
age
332
x-cache
HIT
content-length
1454
x-served-by
cache-fra19143-FRA
access-control-allow-origin
*
last-modified
Thu, 16 Sep 2021 17:32:12 GMT
server
GitHub.com
x-github-request-id
6584:7FE2:320CFC:34828A:61437FC2
x-timer
S1631826541.106592,VS0,VE0
date
Thu, 16 Sep 2021 21:09:01 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 varnish
expires
Thu, 16 Sep 2021 17:42:50 GMT
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-proxy-cache
MISS
x-cache-hits
14
playerjs.js
goldfilm.net/
224 KB
91 KB
Script
General
Full URL
https://goldfilm.net/playerjs.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.31.198.39 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
server244.hosting.reg.ru
Software
nginx /
Resource Hash
c8f573d61b63c7f169a1209bb7fda1c740556c3655bd918d3ee949026bc7a6b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Thu, 10 Dec 2020 20:35:55 GMT
server
nginx
etag
W/"5fd286ab-37f9a"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=3888000
strict-transport-security
max-age=31536000;
expires
Sun, 31 Oct 2021 21:09:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
139 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e10d31703a6130844c5eaece9a3a71bd02c83db0f94ad345a77650a7b7be691c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49073
x-xss-protection
0
server
cafe
etag
2438640302130811704
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 16 Sep 2021 21:09:01 GMT
js
www.googletagmanager.com/gtag/
99 KB
40 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-156485311-1
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
25981f9ec633ba8fe0993b278424450b407345b7f22e316e957a0f236c978cdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40408
x-xss-protection
0
expires
Thu, 16 Sep 2021 21:09:01 GMT
styles.css
kinoxits.net/templates/MOVIEBOX_DARK/css/
64 KB
14 KB
Stylesheet
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
ae8cce0b0669afcaeebf073c582790b065c1d333bd48418fdba9f993482980b5

Request headers

:path
/templates/MOVIEBOX_DARK/css/styles.css
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 19:56:23 GMT
server
nginx-reuseport/1.21.1
etag
W/"60258be7-10023"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
engine.css
kinoxits.net/templates/MOVIEBOX_DARK/css/
129 KB
36 KB
Stylesheet
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
b0c10ad565d9d7fc3e082ee33cc7a5d3e8906789640deabcf2de4fabeeead90c

Request headers

:path
/templates/MOVIEBOX_DARK/css/engine.css
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
W/"601b74e4-20237"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
da5f3c964672c3c16cee672fd13145f4219b5e4dc48f2bf851d5af1285cb6128
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 20:51:03 GMT
server
ESF
date
Thu, 16 Sep 2021 21:09:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 16 Sep 2021 21:09:01 GMT
037-KINOXITS.gif
i.ibb.co/KVZF7dt/
4 MB
4 MB
Image
General
Full URL
https://i.ibb.co/KVZF7dt/037-KINOXITS.gif
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
e0696668a639172d10213801ad2d984f4acccaef580057e6d1aecad8dadf325d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Mon, 09 Aug 2021 09:57:39 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
4355181
expires
Thu, 31 Dec 2037 23:55:55 GMT
mosbet%20900x100Catfish.gif
kinoxits.net/banner/
91 KB
92 KB
Image
General
Full URL
https://kinoxits.net/banner/mosbet%20900x100Catfish.gif
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
f4dbca8da16899f9f4180f0bb04c5b14f661bc9fc12c87698c1cee154ce2ef65

Request headers

:path
/banner/mosbet%20900x100Catfish.gif
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Fri, 11 Jun 2021 10:36:51 GMT
server
nginx-reuseport/1.21.1
etag
"60c33cc3-16da2"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
93602
expires
Sat, 16 Oct 2021 21:09:01 GMT
900x100.gif
i.ibb.co/BV8DGXq/
72 KB
72 KB
Image
General
Full URL
https://i.ibb.co/BV8DGXq/900x100.gif
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.239.131.60 , France, ASN16276 (OVH, FR),
Reverse DNS
i.ibb.co
Software
nginx /
Resource Hash
1b1521cbf2c4284a8e107c202e45a4fcf655cb6093f1f3a432724c7cf265e843

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Wed, 08 Sep 2021 05:05:20 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
73529
expires
Thu, 31 Dec 2037 23:55:55 GMT
noavatar.png
kinoxits.net/templates/MOVIEBOX_DARK/dleimages/
2 KB
2 KB
Image
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/dleimages/noavatar.png
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
21103b10d89449ac9db3d5db945080082d43b12c28107b9d19b6a88cf670a0ed

Request headers

:path
/templates/MOVIEBOX_DARK/dleimages/noavatar.png
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e4-7df"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2015
expires
Sat, 16 Oct 2021 21:09:01 GMT
default.js
kinoxits.net/engine/skins/
0
0
Script
General
Full URL
https://kinoxits.net/engine/skins/default.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash

Request headers

:path
/engine/skins/default.js
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
server
nginx-reuseport/1.21.1
content-length
297
content-type
text/html; charset=iso-8859-1
logo.png
kinoxits.net/templates/MOVIEBOX_DARK/images/
31 KB
31 KB
Image
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/images/logo.png
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
8a427847e1150f6a630e0d196f85b5da5b1d3652fe11d2c3dc85c63ff219035f

Request headers

:path
/templates/MOVIEBOX_DARK/images/logo.png
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e4-7ce9"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
31977
expires
Sat, 16 Oct 2021 21:09:01 GMT
3_1_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/71378167/
1 KB
1 KB
Image
General
Full URL
https://informer.yandex.ru/informer/71378167/3_1_FFFFFFFF_EFEFEFFF_0_pageviews
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
10e4800bb8797bfe5648743ab240b419817efd521026fa21a0dded2cfc541490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
last-modified
Thu, 16-Sep-2021 21:09:01 GMT
content-type
image/png
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1287
x-xss-protection
1; mode=block
expires
Thu, 16-Sep-2021 21:09:01 GMT
c.js
waust.at/
12 KB
6 KB
Script
General
Full URL
https://waust.at/c.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2964
last-modified
Mon, 03 May 2021 17:48:47 GMT
server
cloudflare
etag
W/"6090377f-2f8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOw5uB%2BTA%2FwgQUFk2geeINvyHI62h%2B5mYybDuRcGSjzV9jFz%2FyHrNd8sMkI%2FGE163StQmzZ9GE9kF%2FnqLaL2aPXUbLv1bWwzOaSdZyQO3oxg7mIS0tbUjYEJ"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
68fd12cc6eed410d-PRG
expires
Fri, 17 Sep 2021 20:19:37 GMT
default.css
kinoxits.net/engine/editor/css/
2 KB
915 B
Stylesheet
General
Full URL
https://kinoxits.net/engine/editor/css/default.css?v=26
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d

Request headers

:path
/engine/editor/css/default.css?v=26
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 18:51:46 GMT
server
nginx-reuseport/1.21.1
etag
W/"601af0c2-9ab"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
jquery.js
kinoxits.net/engine/classes/js/
84 KB
29 KB
Script
General
Full URL
https://kinoxits.net/engine/classes/js/jquery.js?v=26
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

:path
/engine/classes/js/jquery.js?v=26
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 18:51:46 GMT
server
nginx-reuseport/1.21.1
etag
W/"601af0c2-14e4a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
jqueryui.js
kinoxits.net/engine/classes/js/
94 KB
27 KB
Script
General
Full URL
https://kinoxits.net/engine/classes/js/jqueryui.js?v=26
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
a8fb761046658f69cf76644463af836dc85c492bcabc43793ab6fbe4f9e2f21b

Request headers

:path
/engine/classes/js/jqueryui.js?v=26
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 18:51:46 GMT
server
nginx-reuseport/1.21.1
etag
W/"601af0c2-177c0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
dle_js.js
kinoxits.net/engine/classes/js/
33 KB
7 KB
Script
General
Full URL
https://kinoxits.net/engine/classes/js/dle_js.js?v=26
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
17b7e53b981c41f5183fd23e96462bb23774706dfbac95f47492a8a14250415c

Request headers

:path
/engine/classes/js/dle_js.js?v=26
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Wed, 03 Feb 2021 18:51:46 GMT
server
nginx-reuseport/1.21.1
etag
W/"601af0c2-84bd"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
libs.js
kinoxits.net/templates/MOVIEBOX_DARK/js/
86 KB
25 KB
Script
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/js/libs.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
92ceaee1d3af4a639f5c1fab550009f1224b30e3dfd9caecad23c471541d57e3

Request headers

:path
/templates/MOVIEBOX_DARK/js/libs.js
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:15:34 GMT
server
nginx-reuseport/1.21.1
etag
W/"601b74e6-159f1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
share.js
kinoxits.net/templates/MOVIEBOX_DARK/js/
97 KB
33 KB
Script
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/js/share.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
6257df35087b8470c682924d6cb3769e316d5375dba54fba14ffe95f2fb1d2cc

Request headers

:path
/templates/MOVIEBOX_DARK/js/share.js
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 04:15:34 GMT
server
nginx-reuseport/1.21.1
etag
W/"601b74e6-183d6"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=604800
expires
Thu, 23 Sep 2021 21:09:01 GMT
fe271d92aa.js
use.fontawesome.com/
9 KB
4 KB
Script
General
Full URL
https://use.fontawesome.com/fe271d92aa.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baf2c878746725481a09ba009c48e1175c54de4032b7fa50f2aaa4253542efbf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1322
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
V0XWJ51B1E1HHBJN
x-amz-id-2
zxpM6O2j91wJCwtFOz1D0oJl6hkduDFeNAmHINJ7oVvk63j8/zQDeX0cs4mr0kh4FXr1a9JCcFU=
last-modified
Thu, 01 Jul 2021 20:44:43 GMT
server
cloudflare
etag
W/"8c6940d05a8f6c8050213b6af539b94a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVdPTCl%2FIBA74qaMOk4la9TYcpxnC%2F8gnAQD%2FSkKrRil1YUdAaOKr3FkCwVRnO9BrjaJe81%2Fs6Mqx0D98gm6uaE5i3ZpAZwlVmaJXeC9BaXGB8EjNHO3477s6GxmlCqp40vk1x5M"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
68fd12cc88ae411a-PRG
ping
test.takedwn.ws/
0
0
Fetch
General
Full URL
https://test.takedwn.ws/ping
Requested by
Host: partnercoll.github.io
URL: https://partnercoll.github.io/actualize.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.66.89.131 , Ukraine, ASN30860 (YURTEH-AS, UA),
Reverse DNS
dedicated.vsys.host
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Sep 2021 21:02:10 GMT
Server
nginx
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Content-Type
text/plain
player
stats.myangular.life/
0
87 B
Image
General
Full URL
https://stats.myangular.life/player?hit=script&sub=actualize&host=kinoxits.net
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.201.51.138 Fellbach, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.138.51.201.138.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 16 Sep 2021 21:09:01 GMT
server
nginx
content-length
0
content-type
text/plain; charset=utf-8
gtm.js
www.googletagmanager.com/
81 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N7HRDSR
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d6374f10846703935ce201e4e361ec6b54c1e488b0971570ed392a7b7a67a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33161
x-xss-protection
0
expires
Thu, 16 Sep 2021 21:09:01 GMT
NTI5OA==.js
brdmin.com/js/
1 KB
1 KB
Script
General
Full URL
https://brdmin.com/js/NTI5OA==.js?r=8486568256.159193
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.40.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.18
Resource Hash
515048287a859ea3f2a6c53d0638e23ad55ef0f8938bc5bd06ff0950c50cfd7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.18
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSGXSNETOz%2BNddoWzZbW25MQ1PTLFzDFI4mmGn4LF%2FdEPnrYjmW7X9kG07ajh3YtV0j0QQZidyx%2FxVkaJUt6P26CcQFD2%2B7cY%2F82azcyWe7sSCAu2SD69ojsG%2B3%2B"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
68fd12cc482e4126-PRG
content-type
application/x-javascript; charset=utf-8
bg2.png
kinoxits.net/templates/MOVIEBOX_DARK/images/
4 KB
4 KB
Image
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/images/bg2.png
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
3329a1b7df435c94f0ce0ad7fb684813d4556d8bcf4e32ccd867b84d1ec71d95

Request headers

:path
/templates/MOVIEBOX_DARK/images/bg2.png
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e4-1099"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
4249
expires
Sat, 16 Oct 2021 21:09:01 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v14/
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v14/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f3.1e100.net
Software
sffe /
Resource Hash
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kinoxits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:10:07 GMT
x-content-type-options
nosniff
age
320334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33620
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:46:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:10:07 GMT
w.php
mrelko.com/j/
280 B
828 B
Script
General
Full URL
https://mrelko.com/j/w.php?id=2544&r=0.8173797981384903
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.18
Resource Hash
fb70608a915d6d59374a363ddb7f64ada485222ff0638c36345fffd2e49d523f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.18
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1de86iYd%2F7P%2FslnewZIPvvepv73vuCSsekEbb8Vm29Px6ExkaTclxz2Ouhxgwnt776V2SZ2eevB6BafwhNLtXhez4SAhue9ZnnqH5mJEl0tisVOBm4d5SO9ELaiE"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
access-control-allow-credentials
true
cf-ray
68fd12cc5d01f9de-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
w.php
mrelko.com/j/
280 B
482 B
Script
General
Full URL
https://mrelko.com/j/w.php?id=2546&r=0.1624206462479234
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.32.44 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.18
Resource Hash
fb70608a915d6d59374a363ddb7f64ada485222ff0638c36345fffd2e49d523f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.18
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MhPw4vBjFmVnJY5psTw%2BxRVlLsQkdR7fFa6FVfsEDJWcL6xKpzMJYsJcAuygiVOByAbCz5zWgUUeK4u0rNVIrtADA1ACqGL5YOWYoEVm8AbJF0WCwL8b8wEVjxfO"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
access-control-allow-credentials
true
cf-ray
68fd12cc5d03f9de-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
default.js
kinoxits.net/engine/skins/
0
0
Script
General
Full URL
https://kinoxits.net/engine/skins/default.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash

Request headers

:path
/engine/skins/default.js
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
server
nginx-reuseport/1.21.1
content-length
297
content-type
text/html; charset=iso-8859-1
fa-regular-400.woff2
kinoxits.net/templates/MOVIEBOX_DARK/webfonts/
0
0
Font
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff2
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash

Request headers

sec-fetch-mode
cors
origin
https://kinoxits.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
:path
/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
kinoxits.net
referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
Origin
https://kinoxits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
server
nginx-reuseport/1.21.1
content-length
327
content-type
text/html; charset=iso-8859-1
iJWKBXyIfDnIV7nFrXyi0A.woff2
fonts.gstatic.com/s/rubik/v14/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v14/iJWKBXyIfDnIV7nFrXyi0A.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:300,400,500&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.19.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s27-in-f3.1e100.net
Software
sffe /
Resource Hash
d860a9894b043142169904d0f318c1913accd3a6587aafbd8f412b1005a01e6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://kinoxits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:52:39 GMT
x-content-type-options
nosniff
age
231382
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14312
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 19:47:40 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:52:39 GMT
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-156485311-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1324
date
Thu, 16 Sep 2021 20:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 16 Sep 2021 22:46:57 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043...
  • https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u0...
223 B
709 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8590995213554082
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
98af3f0a94a76ed97e44190351f46840fdc90eee98a62820fecee3ab37949221
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:07 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
223
Expires
Wed, 16 Sep 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:07 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t19.1;r;s1600*1200*24;uhttps%3A//kinoxits.net/user/slipcongo59/;hslipcongo59%20%BB%20Kinoxits.net%20%7C%20%u0442%u0430%u0440%u0436%u0438%u043C%u0430%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0443%u0437%u0431%u0435%u043A%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u043C%u0443%u043B%u044C%u0442%u0444%u0438%u043B%u0438%u043C%u043B%u0430%u0440%20%7C%20%u044F%u043D%u0433%u0438%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0437%u0430%u0440%u0443%u0431%u0435%u0436%u043D%u044B%u0435%20%u043A%u0438%u043D%u043E%u043B%u0430%u0440%20%7C%20%u0424%u0438%u043B%u044C%u043C%u044B%20%7C%20%u043A%u043B%u0438%u043F%u044B%20%7C%20%u043D%u043E%u0432%u0438%u043D%u043A%u0438%20%u043C%u0443%u0437%u044B%u043A%u0438%20%7C%20o;0.8590995213554082
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Wed, 16 Sep 2020 21:00:00 GMT
tag.js
mc.yandex.ru/metrika/
191 KB
65 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 17:17:01 GMT
etag
"614349a8-1031b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
66331
expires
Thu, 16 Sep 2021 22:09:01 GMT
/
t.dtscout.com/i/
8 KB
9 KB
Script
General
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip70.ip-51-89-24.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
63b46510b5d3c55d7a030f570f0c9a6c695e7ba1788ff6bb89933d96ea966e2d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:01 GMT
X-T
0.58
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
ger1
Expires
Thu, 16 Sep 2021 21:09:00 GMT
bar-bg.png
kinoxits.net/templates/MOVIEBOX_DARK/images/
313 B
498 B
Image
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/images/bar-bg.png
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e

Request headers

:path
/templates/MOVIEBOX_DARK/images/bar-bg.png
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e4-139"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
313
expires
Sat, 16 Oct 2021 21:09:01 GMT
bar-blue.png
kinoxits.net/templates/MOVIEBOX_DARK/images/
253 B
438 B
Image
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/images/bar-blue.png
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9

Request headers

:path
/templates/MOVIEBOX_DARK/images/bar-blue.png
pragma
no-cache
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:32 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e4-fd"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
253
expires
Sat, 16 Oct 2021 21:09:01 GMT
watch.js
mc.yandex.ru/metrika/
135 KB
48 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/templates/MOVIEBOX_DARK/js/share.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
95f0585d0b7430c230a44f6834a3b0a51a5b6a0484dabef371131d502f8dbda6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 17:17:01 GMT
etag
"614351dd-be68"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
48744
expires
Thu, 16 Sep 2021 22:09:01 GMT
fa-regular-400.woff
kinoxits.net/templates/MOVIEBOX_DARK/webfonts/
187 KB
187 KB
Font
General
Full URL
https://kinoxits.net/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 /
Resource Hash
69faef17aa881302dc2d4232c5e8f40c30dd40eed4dccb52b71a6cdd1382746b

Request headers

sec-fetch-mode
cors
origin
https://kinoxits.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=14308bcfa052de06411c22380334234c
:path
/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
kinoxits.net
referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kinoxits.net/templates/MOVIEBOX_DARK/css/engine.css
Origin
https://kinoxits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 04 Feb 2021 04:15:34 GMT
server
nginx-reuseport/1.21.1
etag
"601b74e6-2eb44"
content-type
application/font-woff
cache-control
max-age=2592000
accept-ranges
bytes
content-length
191300
expires
Sat, 16 Oct 2021 21:09:01 GMT
fe271d92aa.css
use.fontawesome.com/
1 KB
760 B
Stylesheet
General
Full URL
https://use.fontawesome.com/fe271d92aa.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/fe271d92aa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.78.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04d91e7bf873b687ac00e3167cc352221c500320f92efd05a8abf94241ffaa56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1321
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
ZQVYAN6EMB2XSDPT
x-amz-id-2
D8UUC6dmVZ+fjdZP6B/ZEuhf3bRB5qd6wlTW7xgJl2/p19GQ/R/CVGf5lE4LU7EWwITCNTb4/Kk=
last-modified
Thu, 01 Jul 2021 20:44:43 GMT
server
cloudflare
etag
W/"0d33b41381408750565b8436efed8740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XfR4gTxT2wD8TLVIwr3JZeFlwzHgnW%2B%2F9JD9G0g1Xog2bJE%2BQSaST0AC7RRUbZCSFUW%2FPq95maLhMiPcjL4x6epR4n1MewbVa6bS%2BvutW%2BcEI8RWblPxGkvezTkvEjCs6xCwN29Z"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
68fd12cce91a411a-PRG
/
whos.amung.us/pingjs/
28 B
144 B
Script
General
Full URL
https://whos.amung.us/pingjs/?k=j6pd4fwo87&t=slipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F&c=c&x=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&y=&a=0&d=0.967&v=27&r=8488
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.114.214 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
5e9693bea9223f79694d7740ad7ae708def8664f304c37f0a23ade0c57417794

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/
253 KB
94 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
6c193e4e32bb3d3484f37c96f4c3934b4c8c6fef40166d396cfbdad8238973dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95711
x-xss-protection
0
server
cafe
etag
8739367326336392834
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 16 Sep 2021 21:09:01 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/ Frame B5F3
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210914/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kinoxits.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 16 Sep 2021 01:08:38 GMT
expires
Thu, 30 Sep 2021 01:08:38 GMT
content-type
text/html; charset=UTF-8
etag
13836150016441684253
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4591
x-xss-protection
0
age
72023
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
js
www.google-analytics.com/gtm/
97 KB
39 KB
Script
General
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W65VNBP&t=gtag_UA_156485311_1&cid=214418387.1631826542
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
Google Tag Manager /
Resource Hash
1bbdb0862512fc89f9cb0d844756d3fc41fb5b56b264d776a0b96f35020d1aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39544
x-xss-protection
0
expires
Thu, 16 Sep 2021 21:09:01 GMT
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/fe271d92aa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.78.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/fe271d92aa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6224494
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id
XT8EEQ799WEQ0A99
x-amz-id-2
UX8EF85MXbZCgv03gsWyjbu6v7d4So+iKMHg+uDGn+SCX+5g45jOVFU/kdJq5zsZNRVC6+l8t58=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"36082410df2ef7f83932219089dc1443"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER2TfdchEDuEae4bdj5qhMDfKGKka5dwQ8snMoPLJ7OYnPrKfxR1%2BlifYShR7%2B2959ygnWf9xG3c9mzxezO%2Fl1UsQvhyEP8T9XWA267nUNdhXlu8x5hF7vA8J7rHzSte2qRXV9Jg"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
68fd12cd5eee2788-PRG
/
t.dtscout.com/idg/ Frame AD6F
1 KB
752 B
Document
General
Full URL
https://t.dtscout.com/idg/?su=51A016318265416E95F869111E6880A2
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip70.ip-51-89-24.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
195b9acc2c5e784c493128cdc8a77250398ea7e1b596710d7f44c38b7e4c1bce

Request headers

Host
t.dtscout.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kinoxits.net/
Accept-Encoding
gzip, deflate, br
Cookie
m=1; b=1; st=1; oa=1; df=1631826541; l=51A016318265416E95F869111E6880A2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Thu, 16 Sep 2021 21:09:01 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Expires
Thu, 16 Sep 2021 21:09:00 GMT
Cache-Control
no-cache
Content-Encoding
gzip
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/
30 KB
10 KB
Script
General
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-95.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 13:27:46 GMT
server
AmazonS3
age
12070
etag
W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Thu, 16 Sep 2021 17:47:52 GMT
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
6HA3jbYuoIe3L-juBPM02roU9sSCNAADwv1SVuLjTxonJXiXTmxiUg==
dtscout
pd.sharethis.com/pd/
0
88 B
Script
General
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.151.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-151-162.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Thu, 16 Sep 2021 21:09:01 GMT
/
t.dtscout.com/pv/
50 B
318 B
Script
General
Full URL
https://t.dtscout.com/pv/?_a=v&_h=kinoxits.net&_ss=ftkftyurkf&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=wj48&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.89.24.70 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip70.ip-51-89-24.eu
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a0516f9a3f8c118fdc614ce0fb1d66c6b9792749ad4542b6a2abd5c366cc759f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:01 GMT
X-T
0.164
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Thu, 16 Sep 2021 21:09:00 GMT
gl.php
retarget.ssl-services.com/p/
21 B
422 B
Script
General
Full URL
https://retarget.ssl-services.com/p/gl.php?callback=retCallback_5298&format_id=5&geo=DE
Requested by
Host: brdmin.com
URL: https://brdmin.com/js/NTI5OA==.js?r=8486568256.159193
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.72.221.186 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software
nginx/1.8.0 / PHP/7.4.11
Resource Hash
2824c1eaa9cb75658f8ea301f1693cedeb32aad55d715a60fd35da32da899862

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:01 GMT
Server
nginx/1.8.0
X-Powered-By
PHP/7.4.11
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0
Connection
close
Expires
Mon, 26 Jul 1997 05:00:00 GMT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/fe271d92aa.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.78.7 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://use.fontawesome.com/fe271d92aa.css
Origin
https://kinoxits.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
8B1K86Q8D0PAZF8P
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
77160
x-amz-id-2
cd+e9CzbvLkfe+5187SYxPbCcUsFiNC1qdyNI/VtxkKnlfieon83LyneShwbsMClG8kriyCwix8=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"af7ae505a9eed503f8b8e6982036873e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U5XForvnSMR5CXtBKkXW%2BxXKBy0szOJipknnuSNB%2B1nndv6wlrs7eUQ9EAQitvBEHAxMuzcxNfl%2B6aTOulyB%2FLHOPPXoykGh3sLb23bzfZeprCKKV49gV5c4udh2l6O7YD1s2tQL"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
68fd12cdb8fa2778-PRG
/
onetag-geo.s-onetag.com/
555 B
968 B
Fetch
General
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 14:43:48 GMT
via
1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront), 1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
age
23113
x-amzn-requestid
cc68d5bc-d709-41ef-a1f2-b04710ef8d57
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P2, FRA56-P5
x-amz-apigw-id
Fwq1uFpyiYcF2qA=
content-length
555
x-amz-cf-id
K8OoCf8PzpcveVUgZ-a7grC_U2v13NcV9K3ZBztX-8N4S8B1xTPBLw==
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9398.QfsvW7v8LpnYRTTRFRI5fH3jA3sg40JKP9w86SAOwbfSpuTNCoLGJYY7crdGeLER._tvgT9o8fbVCTtLz3Q5Opf-vxOI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9398.RzioSfDuvR9LSFhcq1wnO-trGstqeHWV5n_RatcGRxHITccBPH64LsgYvr9ImT0JdtfVSCRZKj48QTxlgeg7ww%2C%2C.EYePNWRHkgA7Zv7lThAAfsv6KLY%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9398.RzioSfDuvR9LSFhcq1wnO-trGstqeHWV5n_RatcGRxHITccBPH64LsgYvr9ImT0JdtfVSCRZKj48QTxlgeg7ww%2C%2C.EYePNWRHkgA7Zv7lThAAfsv6KLY%2C
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9398.RzioSfDuvR9LSFhcq1wnO-trGstqeHWV5n_RatcGRxHITccBPH64LsgYvr9ImT0JdtfVSCRZKj48QTxlgeg7ww%2C%2C.EYePNWRHkgA7Zv7lThAAfsv6KLY%2C
date
Thu, 16 Sep 2021 21:09:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:01 GMT
last-modified
Thu, 16 Sep 2021 17:17:01 GMT
etag
"614349a8-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 16 Sep 2021 22:09:01 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/
38 KB
12 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 14:24:35 GMT
content-encoding
gzip
etag
W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
age
24267
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
9qqpgp1MU3Az8j2Gik60j1SaCpnqvQsgMIaU7MmjyGbvH4uPxlWK2Q==
/
t.dtscdn.com/widget/
0
407 B
Script
General
Full URL
https://t.dtscdn.com/widget/?d=51A016318265416E95F869111E6880A2&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
138.197.56.196 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:15:51 GMT
X-T
1.01
x-server
web13.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Thu, 16 Sep 2021 21:15:50 GMT
27675
tags.bluekai.com/site/
62 B
329 B
Image
General
Full URL
https://tags.bluekai.com/site/27675?id=51A016318265416E95F869111E6880A2&ret=html&phint=__bk_t%3Dslipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&phint=__bk_k%3DKinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&phint=__bk_l%3Dhttps%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&r=10637066
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:02 GMT
X-N
S
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
BK-Server
491f
Content-Type
image/gif
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=51A016318265416E95F869111E6880A2
  • https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=0d27e21ab2e2831c
62 B
304 B
Image
General
Full URL
https://tags.bluekai.com/site/33141?&id=0d27e21ab2e2831c
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:02 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/33141?&id=0d27e21ab2e2831c
content-length
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1488270821&t=pageview&_s=1&dl=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&ul=en-us&de=UTF-8&dt=slipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAAC~&jid=1410883808&gjid=467498884&cid=214418387.1631826542&tid=UA-156485311-1&_gid=646915146.1631826542&_r=1&gtm=2ou9f0&z=1682011292
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f110.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://kinoxits.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/
1 KB
835 B
Fetch
General
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 12:08:22 GMT
content-encoding
gzip
server
restify
age
32439
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://kinoxits.net
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
qQPRn7Mj-ToJ0xKxr1OZ2uKeRfcnK0anYOZntseAL_LkEThzeMAvXA==
via
1.1 0afa2d721972ae312ad1dd54e47c43cb.cloudfront.net (CloudFront)
ws.php
brdmin.com/j/
314 B
891 B
Script
General
Full URL
https://brdmin.com/j/ws.php?id=5298&ret=&r=0.8506555945703336
Requested by
Host: brdmin.com
URL: https://brdmin.com/js/NTI5OA==.js?r=8486568256.159193
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.40.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.18
Resource Hash
777d4ed23d3dfa13b1bf4028f0da2802c81562b7a8ab5bd070f77b3779c61c52

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.18
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrEBNzfpJBwPjc7dUUUhJCpNStiDGs%2B6Ni5OV1nI4%2BtSKzXw%2Br%2FKHpvMeRk%2B3iY34R8Yh85yCn8pyjevh1njg5abYbTGJLP8o71M9jBtXuHu92ZQJiR5LeRMxWEF"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials
true
cf-ray
68fd12cf4dea4119-PRG
content-type
application/x-javascript; charset=utf-8
cookie.js
partner.googleadservices.com/gampad/
202 B
656 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=kinoxits.net&callback=_gfp_s_&client=ca-pub-8456985064256923
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
e543d9dda136f7f82629e5deb951141b8fdb036a24062e912ce59bb7b0e823c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=kinoxits.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Sep 2021 21:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 130C
603 B
68 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8456985064256923&output=html&adk=1812271804&adf=3025194257&lmt=1631826541&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631826541603&bpp=3&bdt=540&idt=344&shv=r20210914&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6036036391358&frm=20&pv=2&ga_vid=214418387.1631826542&ga_sid=1631826542&ga_hid=1488270821&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062524&oid=3&pvsid=1190991508554168&pem=471&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8456985064256923&output=html&adk=1812271804&adf=3025194257&lmt=1631826541&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1631826541603&bpp=3&bdt=540&idt=344&shv=r20210914&mjsv=m202109150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6036036391358&frm=20&pv=2&ga_vid=214418387.1631826542&ga_sid=1631826542&ga_hid=1488270821&ga_fc=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747621%2C31062524&oid=3&pvsid=1190991508554168&pem=471&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=358
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kinoxits.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Thu, 16 Sep 2021 21:09:01 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 16-Sep-2021 21:24:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 16 Sep 2021 21:09:01 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
server
sffe
etag
"1631705383510867"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Thu, 16 Sep 2021 21:09:02 GMT
tc.js
cdn.tynt.com/
17 KB
7 KB
Script
General
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:45 GMT
server
cloudflare
age
173393
etag
W/"61295205-431d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
68fd12cf98ce2774-PRG
expires
Sun, 19 Sep 2021 21:09:02 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
collect
stats.g.doubleclick.net/j/
2 B
430 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-156485311-1&cid=214418387.1631826542&jid=1410883808&gjid=467498884&_gid=646915146.1631826542&_u=aGBAAUACQAAAAC~&z=1378074683
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Sep 2021 21:09:02 GMT
content-type
text/plain
access-control-allow-origin
https://kinoxits.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/71378167/
Redirect Chain
  • https://mc.yandex.com/watch/71378167?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%...
  • https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A...
331 B
413 B
XHR
General
Full URL
https://mc.yandex.com/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A1542907067174%3Ahid%3A1025564040%3Az%3A0%3Ai%3A20210916210901%3Aet%3A1631826542%3Ac%3A1%3Arn%3A377670062%3Arqn%3A1%3Au%3A1631826542543420952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631826540616%3Ads%3A181%2C104%2C156%2C1%2C0%2C0%2C%2C516%2C10%2C%2C%2C%2C967%3Adsn%3A181%2C105%2C156%2C1%2C0%2C0%2C%2C520%2C10%2C%2C%2C%2C967%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631826542%3At%3Aslipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
9fb35e6600a7157c95ffc0c74e006c763a5b3f42ecb7a412da87f7c28a88d27b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:02 GMT
x-content-type-options
nosniff
last-modified
Thu, 16-Sep-2021 21:09:02 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kinoxits.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Thu, 16-Sep-2021 21:09:02 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:02 GMT
last-modified
Thu, 16-Sep-2021 21:09:02 GMT
location
/watch/71378167/1?wmode=7&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwjn9%3Afp%3A882%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A644%3Acn%3A1%3Adp%3A0%3Als%3A1542907067174%3Ahid%3A1025564040%3Az%3A0%3Ai%3A20210916210901%3Aet%3A1631826542%3Ac%3A1%3Arn%3A377670062%3Arqn%3A1%3Au%3A1631826542543420952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1631826540616%3Ads%3A181%2C104%2C156%2C1%2C0%2C0%2C%2C516%2C10%2C%2C%2C%2C967%3Adsn%3A181%2C105%2C156%2C1%2C0%2C0%2C%2C520%2C10%2C%2C%2C%2C967%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1631826542%3At%3Aslipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C%20tarjima%20kinolar%20%7C%20uzbek%20kinolar%20%7C%20multfilmlar%20%7C%20yangi%20kinolar%20%7C%20yangi%20qo%27shiqlar%202020%20%7C%20yangi%20mp3%20%7C%20uzbek%20klip
strict-transport-security
max-age=31536000
access-control-allow-origin
https://kinoxits.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 16-Sep-2021 21:09:02 GMT
ga-audiences
www.google.com/ads/
42 B
522 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-156485311-1&cid=214418387.1631826542&jid=1410883808&_u=aGBAAUACQAAAAC~&z=393484477
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0&t=slipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C&cu=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2
de.tynt.com/deb/
4 B
202 B
Script
General
Full URL
https://de.tynt.com/deb/v2?id=w!j6pd4fwo87&dn=TC&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip31.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Fri, 17 Sep 2021 21:09:02 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0&t=slipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C&cu=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0&t=slipcongo59%20%C2%BB%20Kinoxits.net%20%7C%20%D1%82%D0%B0%D1%80%D0%B6%D0%B8%D0%BC%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D1%83%D0%B7%D0%B1%D0%B5%D0%BA%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%BC%D1%83%D0%BB%D1%8C%D1%82%D1%84%D0%B8%D0%BB%D0%B8%D0%BC%D0%BB%D0%B0%D1%80%20%7C%20%D1%8F%D0%BD%D0%B3%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%B7%D0%B0%D1%80%D1%83%D0%B1%D0%B5%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%BA%D0%B8%D0%BD%D0%BE%D0%BB%D0%B0%D1%80%20%7C%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%7C%20%D0%BA%D0%BB%D0%B8%D0%BF%D1%8B%20%7C%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%BA%D0%B8%20%D0%BC%D1%83%D0%B7%D1%8B%D0%BA%D0%B8%20%7C%20o%60zbekcha%20tarjima%20%7C%20o%60zbek%20tilida%20%7C%20uzbek%20tilida%20%7C
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
controller.php
kinoxits.net/engine/ajax/
2 B
207 B
XHR
General
Full URL
https://kinoxits.net/engine/ajax/controller.php?mod=adminfunction
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/engine/classes/js/jquery.js?v=26
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.236.16.8 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
ssl.vm5.beget.com
Software
nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode
cors
origin
https://kinoxits.net
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
PHPSESSID=14308bcfa052de06411c22380334234c; _ga=GA1.2.214418387.1631826542; _gid=GA1.2.646915146.1631826542; _ym_uid=1631826542543420952; _ym_d=1631826542; __dtsu=51A016318265416E95F869111E6880A2; _gat_gtag_UA_156485311_1=1; _ym_isad=2; __gads=ID=2b2ef472ee0f616b-2276507d40cb00fc:T=1631826542:RT=1631826542:S=ALNI_MbNueRsulkRCFsv4eaG4wGvszGoqQ; _ym_visorc=w
content-length
109
:path
/engine/ajax/controller.php?mod=adminfunction
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
kinoxits.net
referer
https://kinoxits.net/user/slipcongo59/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://kinoxits.net/user/slipcongo59/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:02 GMT
server
nginx-reuseport/1.21.1
x-powered-by
PHP/5.6.40
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2
expires
Thu, 19 Nov 1981 08:52:00 GMT
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
p
ic.tynt.com/b/
0
227 B
Image
General
Full URL
https://ic.tynt.com/b/p?id=w!j6pd4fwo87&lm=0&ts=1631826542072&dn=TC&iso=0
Requested by
Host: kinoxits.net
URL: https://kinoxits.net/user/slipcongo59/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip186.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/user/slipcongo59/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:02 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210914&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
d77bbbe7a0b2f28e8258ab3b63faa5b4f1490aa6e56df74fa451b03f236da5e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Sep 2021 21:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8445
x-xss-protection
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/
4 KB
1 KB
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Sep 2021 12:34:14 GMT
content-encoding
gzip
age
30889
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 16 Mar 2021 13:30:17 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 0c688bb347bc402edc1209f13e04d88c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
6AqGg6TR5IL1xsBnVWdk-bAqGwBUnJnGQUjKjONc5N5EME-Cqn0mYg==
data
bcp.crwdcntrl.net/6/
602 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
b573ece91583c8b698a08e0ae76c46678388190c11a7851ca1fd94f5548826cb

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://kinoxits.net
cache-control
no-cache
x-server
10.45.8.237
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
602
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109150101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Thu, 16 Sep 2021 21:09:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4CE6
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kinoxits.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Thu, 16 Sep 2021 20:22:09 GMT
expires
Fri, 16 Sep 2022 20:22:09 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2814
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame BC3A
783 B
534 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
GSE /
Resource Hash
804e6d6f64c0bb06ada493b82a359c950c5c1ba9c65e66cde1cf09c479c4a0e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TC9HkvvCm6rLNdTVELdiwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kinoxits.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Thu, 16 Sep 2021 21:09:03 GMT
date
Thu, 16 Sep 2021 21:09:03 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TC9HkvvCm6rLNdTVELdiwQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js
pagead2.googlesyndication.com/bg/ Frame 4CE6
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/XcVhRkqPIT2L3eK0A2yH-xZ56-A5-6Pxm_m8s2he-Ag.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 15:35:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
20035
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13291
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 14:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 16 Sep 2022 15:35:08 GMT
a
a.dtssrv.com/
0
558 B
Ping
General
Full URL
https://a.dtssrv.com/a?i=51A016318265416E95F869111E6880A2&k=lotpano&v=62c8315604eb47f6e962ae8d8c6a16d539383ef7c77191cf38a8fbe437fdaab8
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.220.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 16 Sep 2021 21:09:03 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYeOwIc4Slaq5EjqSH9IAz1b7dznqXGJtsAQ5LcvOeT4kcM2ikCBbfTO%2B4KbK4sTm3bQM92dRjRdxoDGdpa2v%2Fm6B1KlgwyJEp7i3DJfo1o3aDqALUzzMrLLO%2B%2FsDBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
68fd12d78b93412b-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 91AC
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method
GET
:authority
tags.crwdcntrl.net
:scheme
https
:path
/lt/shared/2/lt.iframe.html?c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kinoxits.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=59295df85e2440707760e857aabe186a; _cc_cc="ACZ4XmNQMLU0sjRNSbMwTTUyMTEwNzA3NzNItTA1T0xMSjW0MEtkAIJE5035IBoCeD5%2BtmT8KMvwn5GR4dniOSww9vI%2FhTDm341T4MLHjx5ihonv3ndZAMb%2B0HAfzj6MZMz0E%2BowJR9PnNKAsd8tQdi0ZsNTbpg4AHvDPVQ%3D"; _cc_aud="ABR4XmNgYGBIdN6UD6QggJmBgWsGmLmoFUQyPqwHkgBaiATz"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/

Response headers

content-type
text/html
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption
AES256
server
AmazonS3
content-encoding
gzip
date
Thu, 16 Sep 2021 17:42:49 GMT
cache-control
max-age: 86400
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
vdhuVV6sqkA-5H8kkOC7DugGAMFz8q-Uh5NTFliDksuRiOcdvUlxVA==
age
12376
sodar
pagead2.googlesyndication.com/pagead/ Frame BC3A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210914&jk=1190991508554168&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pixels
bcp.crwdcntrl.net/ Frame CC56
4 KB
4 KB
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
9b174cdcfe01777da966ad727b4ebaa7f4c58347ae137b713601c1588d64c176

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://tags.crwdcntrl.net/
accept-encoding
gzip, deflate, br
cookie
_cc_dc=1; _cc_id=59295df85e2440707760e857aabe186a; _cc_cc="ACZ4XmNQMLU0sjRNSbMwTTUyMTEwNzA3NzNItTA1T0xMSjW0MEtkAIJE5035IBoCeD5%2BtmT8KMvwn5GR4dniOSww9vI%2FhTDm341T4MLHjx5ihonv3ndZAMb%2B0HAfzj6MZMz0E%2BowJR9PnNKAsd8tQdi0ZsNTbpg4AHvDPVQ%3D"; _cc_aud="ABR4XmNgYGBIdN6UD6QggJmBgWsGmLmoFUQyPqwHkgBaiATz"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://tags.crwdcntrl.net/

Response headers

date
Thu, 16 Sep 2021 21:09:03 GMT
content-type
text/html
content-length
3730
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.19.116
server
Jetty(9.4.38.v20210224)
pixel
cm.g.doubleclick.net/ Frame CC56
Redirect Chain
  • https://id5-sync.com/s/19/9.gif?puid=59295df85e2440707760e857aabe186a&gdpr=1
  • https://id5-sync.com/c/19/19/9/1.gif?puid=59295df85e2440707760e857aabe186a&gdpr=1&gdpr_consent=
  • https://bcp.crwdcntrl.net/map/c=1882/tp=BKAI/gdpr=1/gdpr_consent=?https://tags.bluekai.com/site/5907?limit=0&id=${masked_profileid}&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F321%2F8%2F2.gif%3Fpui...
  • https://tags.bluekai.com/site/5907?limit=0&id=4b8170929f8d225f5b022d7a38623f1b&redir=https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/19/321/8/2.gif?puid=$_BK_UUID
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0ODM4ODY2Ni90LzI/dpuid/ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg/url/https%3A%2F%2Fid5-sync.com%2Fc%2F19%2F224%2F7%2F3.gif%3Fpuid%3D%24%21%7BTURN_...
  • https://id5-sync.com/c/19/224/7/3.gif?puid=2744828466399490216&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=2831/tp=GDMP?https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVM...
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTkyOTVkZjg1ZTI0NDA3MDc3NjBlODU3YWFiZTE4NmE&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTkyOTVkZjg1ZTI0NDA3MDc3NjBlODU3YWFiZTE4NmE&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=NTkyOTVkZjg1ZTI0NDA3MDc3NjBlODU3YWFiZTE4NmE&google_redir={xENCODEDURL}&id5id=ID5-ZHMOWAMMvCzOhs1dqfstTALGYVMuxDxRg2MRXH-XAg
cache-control
no-cache
x-server
10.45.18.203
content-length
0
expires
0
generic
match.adsrvr.org/track/cmf/ Frame CC56
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tpid=66db763b-f2bb-48b9-8f0c-c7a07b373948
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame CC56
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=59295df85e2440707760e857aabe186a&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=59295df85e2440707760e857aabe186a&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=66db763b-f2bb-48b9-8f0c-c7a07b373948
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=66db763b-f2bb-48b9-8f0c-c7a07b373948
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.24.213
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=66db763b-f2bb-48b9-8f0c-c7a07b373948
date
Thu, 16 Sep 2021 21:09:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
loadm.exelator.com/load/ Frame CC56
0
324 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=260&buid=59295df85e2440707760e857aabe186a&j=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
tpid=39830878933850698794508296921699581519
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame CC56
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=59295df85e2440707760e857aabe186a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=59295df85e2440707760e857aabe186a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39830878933850698794508296921699581519
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39830878933850698794508296921699581519
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.208
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-2-v016-0d1e4967b.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3ggJZp2mTVE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=39830878933850698794508296921699581519
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
identity
c.cintnetworks.com/ Frame CC56
0
328 B
Image
General
Full URL
https://c.cintnetworks.com/identity?a=5461&id=Lotame:59295df85e2440707760e857aabe186a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.144.7.192 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:03 GMT
Vary
Origin
P3P
CP="This is not a P3P policy! See https://cint.com/cookie-usage/ for more info."
Arr-Disable-Session-Affinity
true
Cache-Control
max-age=60, private, must-revalidate
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=5
Content-Length
0
sync
sync.tag.clrstm.com/lotame/ Frame CC56
0
0

lotame
sync.sharethis.com/ Frame CC56
42 B
167 B
Image
General
Full URL
https://sync.sharethis.com/lotame?uid=59295df85e2440707760e857aabe186a&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.0.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-0-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:03 GMT
Connection
keep-alive
Content-Length
42
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame CC56
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=59295df85e2440707760e857aabe186a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.169.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-169-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Sep 2021 21:09:03 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1631826543
x-served-by
beacon-n004-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame CC56
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a
120 B
990 B
Image
General
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
69.169.86.39 Cranford, United States, ASN29838 (AMC, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
NY16
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Thu, 16 Sep 2021 21:09:03 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=59295df85e2440707760e857aabe186a
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS07
Content-Type
text/html; charset=utf-8
Content-Length
217
tpid=164860103911000410225
bcp.crwdcntrl.net/5/c=368/tp=NEUS/ Frame CC56
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9202276048
  • https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164860103911000410225
49 B
509 B
Image
General
Full URL
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164860103911000410225
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.1.170
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://bcp.crwdcntrl.net/5/c=368/tp=NEUS/tpid=164860103911000410225
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
tpid=0-d950d188-d678-4b2c-4e38-37c95f0a47e5$ip$216.131.114.43
bcp.crwdcntrl.net/map/c=6569/tp=STKA/ Frame CC56
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d950d188-d678-4b2c-4e38-37c95f0a47e5$ip$216.131.114.43
49 B
263 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d950d188-d678-4b2c-4e38-37c95f0a47e5$ip$216.131.114.43
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.0
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-d950d188-d678-4b2c-4e38-37c95f0a47e5$ip$216.131.114.43
Date
Thu, 16 Sep 2021 21:09:03 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
tpid=5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame CC56
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
  • https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6?gdpr=1&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6?gdpr=1&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.20.51
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Apache-Coyote/1.1
location
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
bridge
cm.adgrx.com/ Frame CC56
43 B
408 B
Image
General
Full URL
https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.170 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
ams-mon-1.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:03 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
qmap
sync.crwdcntrl.net/ Frame CC56
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=48d06143-b26f-4500-a999-6960617eb50d
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=48d06143-b26f-4500-a999-6960617eb50d
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.92
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Thu, 16 Sep 2021 21:09:03 GMT
Server
MT3 3944 2bcb57b master cdg-pixel-x25 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=48d06143-b26f-4500-a999-6960617eb50d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Sep 2021 21:09:02 GMT
tpid=71dc7a34-33d2-45b9-a160-13a74ff5961a-6143b26f-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame CC56
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=71dc7a34-33d2-45b9-a160-13a74ff5961a-6143b26f-5553
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=71dc7a34-33d2-45b9-a160-13a74ff5961a-6143b26f-5553
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.244
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:02 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=71dc7a34-33d2-45b9-a160-13a74ff5961a-6143b26f-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=GMauBt1l1MqYCX5
sync.crwdcntrl.net/map/c=1818/tp=DTXU/ Frame CC56
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=lotame&rurl=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1818%2Ftp%3DDTXU%2Ftpid%3D_wfivefivec_
  • https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=GMauBt1l1MqYCX5
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=GMauBt1l1MqYCX5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.31.209
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:03 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://sync.crwdcntrl.net/map/c=1818/tp=DTXU/tpid=GMauBt1l1MqYCX5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
tpid=YUOybwACEFdEjgAT&_test=YUOybwACEFdEjgAT
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame CC56
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUOybwACEFdEjgAT
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOybwACEFdEjgAT&_test=YUOybwACEFdEjgAT
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOybwACEFdEjgAT&_test=YUOybwACEFdEjgAT
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.13.95
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631826544.682056,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUOybwACEFdEjgAT&_test=YUOybwACEFdEjgAT
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame CC56
170 B
523 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame CC56
62 B
304 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=4b8170929f8d225f5b022d7a38623f1b
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 16 Sep 2021 21:09:03 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
g.json
aa.agkn.com/adscores/ Frame CC56
103 B
414 B
Script
General
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.176.195.187 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-176-195-187.eu-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
tpid=2816886060437418152
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame CC56
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/59295df85e2440707760e857aabe186a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2816886060437418152
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2816886060437418152
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.10.89
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2816886060437418152
pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=18885738/tpid=4886402180158231544/ Frame CC56
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=18885738%2Ftpid%3D%24UID%2Ftp%3DANXS
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%3D281%252Frand%3D18885738%252Ftpid%253D%2524UID%252Ftp%253DANXS
  • https://sync.crwdcntrl.net/map/c=281/rand=18885738/tpid=4886402180158231544/tp=ANXS
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/rand=18885738/tpid=4886402180158231544/tp=ANXS
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C106%2C100%2C94%2C92%2C90%2C81%2C80%2C78%2C65%2C54%2C50%2C42%2C38%2C33%2C30%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.137.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-137-92.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.25.241
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Sep 2021 21:09:03 GMT
X-Proxy-Origin
216.131.114.43; 216.131.114.43; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9080fcc-8ae0-4b73-9c11-8309af224212
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/rand=18885738/tpid=4886402180158231544/tp=ANXS
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210914&jk=1190991508554168&bg=!f3ylfDjNAAaUnz4elJ87ACkAdvg8WvRGiDfyKo0YlGhk6PXeHej3XfvaMUG_z1uqKqxSeuQwYeRRqAIAAABjUgAAAAhoAQcKAL5SuJRCDXBmrMMACuSktbIJIC3jKzekqkGGxJdYt-18N0vmqfCqIDXny7eJ2vFNmT6aiNr7nhP3VsQvcoC2jBihhwlQrpyZzwr1I7iQ9VsNf67g-SqH6F-CGylw4dR8IW0siVHpXegGp793oqwGF0mgJM9nUe-MiCvNQ_h61glZkKCHvDG_uUGIq8DrvUdEZxGPDXpHiB7htr0AQGtNeJRkh1f9M5eCqEULZAccNq-louLHyo2k4W8F0is_4Z6emQKDfqcA3pGUo4lnZ_twBLL-gvQSmybuQJCZKv7lxo8GfUEUZ2FVr1ZyDy4IC_AFMc-zfS-GE0lRAhJY-T0jyMIuPhiFr7cLC8vM0tKJs3cq_TE1qdImUy1_lQ6cOctH1c697fs1qAQd7RZyyL5r0iN7zOhWN9tLdNgQ6h2cD8PZ7T-7gH1bYtGCZAWMxBLfmIBRAupnf_MCG-jGq1yqhu1nWZUf-lztn6Zq49ghIaY6b269zn7iYHmm7JOUC5xLqVRA8XybSKibxtgVjArsVzbLuBb3Foq2HxMlXkICOO_Saf0lO4Bv_D_4nVV5u9FynI0_haZWyzOn2-zOOTKhQ9O57DSCJAYSbg-sd5hDbHvH-DdYGY_0APT_EM3EQStRga_IJx29TzlhrV_TCgDAbRxSZuC_pdIfjARYM9WSQhZbSNGMpeGEni42XIYBCxbZh6KLAgpgTwiyZ9mBS18UKWNWcNWPluP3TSgpUpGgg51QXC_7VPjP-9ek-_8QsTwJ_SuoE-3PdOScwybfuTkWqzQCxT9lMcd4paJlOeHZduYWOrJ52oACKCnUC1nTScos1qXdHhywiLeTHtKubbYakG---QY4p_94aSjoSKPP9aq1DJRQfni_r5pyzaX5VFIT67rGqjTt7Sv3gyWzoI2SeV6Tsa-WAM7kFP9J3WQOQc5IhY2nPMGzk9d4Usm6iRaF9WEhXRKrSbxfxqW8ErzXhqhBDH8cKHQs0IxpVivKvIXSddwSJyCR5AwDUs0r4GhfK8dVdHUCYMOr_SQIUNvorMaKToBfu83Wjl4bOOjCOPNDyobLiqFL57RjGzDEY9GZf6Ot_ILym8Nka-Ns6CNAJ_1_abaLiA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://kinoxits.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
71378167
mc.yandex.com/webvisor/
43 B
145 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/71378167?wmode=0&wv-part=1&wv-hit=1025564040&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&rn=528638342&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1631826545%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A20210916210904%3Au%3A1631826542543420952%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631826545
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:04 GMT
last-modified
Thu, 16-Sep-2021 21:09:04 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://kinoxits.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Sep-2021 21:09:04 GMT
71378167
mc.yandex.com/webvisor/
43 B
157 B
XHR
General
Full URL
https://mc.yandex.com/webvisor/71378167?wmode=0&wv-part=1&wv-hit=1025564040&page-url=https%3A%2F%2Fkinoxits.net%2Fuser%2Fslipcongo59%2F&rn=1068726920&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1631826545%3Aw%3A1600x1200%3Av%3A644%3Az%3A0%3Ai%3A20210916210904%3Au%3A1631826542543420952%3Avf%3A25rt5xty9edhsiwjn9%3Awe%3A1%3Ati%3A2%3Ast%3A1631826545
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kinoxits.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Sep 2021 21:09:05 GMT
last-modified
Thu, 16-Sep-2021 21:09:05 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://kinoxits.net
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Thu, 16-Sep-2021 21:09:05 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.tag.clrstm.com
URL
https://sync.tag.clrstm.com/lotame/sync?uid=59295df85e2440707760e857aabe186a

Verdicts & Comments Add Verdict or Comment

339 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster number| __actualize.js object| pljssglobal undefined| pljssglobalid function| Playerjs function| gtag object| dataLayer function| timerStart function| setIndicator object| s function| hideshow object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| ym object| _wau object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady function| $ function| jQuery function| showOverlay function| hideOverlay function| doRateLD object| Ya object| FontAwesomeCdnConfig string| cssUrl string| dle_root string| dle_admin string| dle_login_hash number| dle_group string| dle_skin string| dle_wysiwyg string| quick_wysiwyg object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt string| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_complaint string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree string| dle_captcha_type boolean| allow_dle_delete_news boolean| dle_search_delay string| dle_search_value function| _init function| _open object| c_cache object| dle_poll_voted function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| ajax_fast_reply function| DLESendPM function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt string| dle_user_profile string| dle_user_profile_link function| ShowPopupProfile function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| subscribe function| media_upload function| dropdownmenu function| hidemenu function| delayhidemenu function| clearhidemenu object| titlesArr object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| gaplugins object| gaGlobal object| gaData object| a object| cv object| _dtspv function| retCallback_5298 function| genShowScript_5298 boolean| timeoutOver_5298 number| retTimeout_5298 object| __connect object| yaCounter71378167 object| yaCounter26812653 object| lotame_3825 number| char object| google_optimize function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| x string| x1 string| x2 object| Tynt function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_d function| lt3825_e function| lt3825_da function| lt3825_ea object| lt3825_fa object| lt3825_ object| lt3825_4 function| lt3825_aa function| lt3825_a function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_l function| lt3825_ga function| lt3825_k function| lt3825_m function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_s function| lt3825_t function| lt3825_u function| lt3825_ha function| lt3825_ia function| lt3825_w function| lt3825_ja function| lt3825_x function| lt3825_y function| lt3825_v function| lt3825_z function| lt3825_A function| lt3825_B function| lt3825_C function| lt3825_D function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_H function| lt3825_I function| lt3825_J function| lt3825_L function| lt3825_M function| lt3825_N function| lt3825_K function| lt3825_ka function| lt3825_la function| lt3825_P function| lt3825_O function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_ma function| lt3825_na function| lt3825_oa function| lt3825_pa function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_qa function| lt3825_sa function| lt3825_ra function| lt3825_X function| lt3825_ta function| lt3825_ua function| lt3825_Y function| lt3825_Z function| lt3825__ function| lt3825_va function| lt3825_wa function| lt3825_xa function| lt3825_ya function| lt3825_0 function| lt3825_za function| lt3825_Aa function| lt3825_Ba function| lt3825_1 function| lt3825_Da function| lt3825_Ca function| lt3825_Ea function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_2 function| lt3825_3 function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_Qa function| lt3825_5 function| lt3825_6 function| lt3825_Ta function| lt3825_Ua function| lt3825_Sa function| lt3825_Ra function| lt3825_Wa function| lt3825_Va function| lt3825_Ya function| lt3825_Xa function| lt3825_7 function| lt3825_Za function| lt3825__a function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_4a function| lt3825_7a function| lt3825_6a function| lt3825_3a function| lt3825_9a function| lt3825_5a function| lt3825_8a function| lt3825_ab function| lt3825_$a function| lt3825_bb function| lt3825_8 function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_kb function| lt3825_$ function| lt3825_jb function| lt3825_lb function| lt3825_9 object| _33Across function| __uspapi function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

69 Cookies

Domain/Path Name / Value
kinoxits.net/ Name: PHPSESSID
Value: 14308bcfa052de06411c22380334234c
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: b
Value: 1
.dtscout.com/ Name: st
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1631826541
.dtscout.com/ Name: l
Value: 51A016318265416E95F869111E6880A2
.kinoxits.net/ Name: _ga
Value: GA1.2.214418387.1631826542
.kinoxits.net/ Name: _gid
Value: GA1.2.646915146.1631826542
.kinoxits.net/ Name: _ym_uid
Value: 1631826542543420952
.kinoxits.net/ Name: _ym_d
Value: 1631826542
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 263066309fake
.kinoxits.net/ Name: __dtsu
Value: 51A016318265416E95F869111E6880A2
.kinoxits.net/ Name: _gat_gtag_UA_156485311_1
Value: 1
.kinoxits.net/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3335024710fake
.yadro.ru/ Name: FTID
Value: 1XGx9p3qEoOA1XGx9p001T4Q
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yadro.ru/ Name: VID
Value: 2CKsK80Fi68A1XGx9p00129l
.yandex.com/ Name: yandexuid
Value: 4298041511631826542
.yandex.com/ Name: yuidss
Value: 4298041511631826542
mc.yandex.com/ Name: yabs-sid
Value: 1811524071631826542
.yandex.com/ Name: i
Value: 8uJLB2EHqnXNYHmJk9Zh5adZmY9UdhakCy27pKJu4WAJojXwDroT/XEA+8flextHpVaJVx+2VtVx6PG9NYcC6C1v23w=
.yandex.com/ Name: ymex
Value: 1663362542.yrts.1631826542#1663362542.yrtsi.1631826542
.kinoxits.net/ Name: __gads
Value: ID=2b2ef472ee0f616b-2276507d40cb00fc:T=1631826542:RT=1631826542:S=ALNI_MbNueRsulkRCFsv4eaG4wGvszGoqQ
.kinoxits.net/ Name: _ym_visorc
Value: w
.onaudience.com/ Name: cookie
Value: cca6d5d9c96fd960
.onaudience.com/ Name: done_redirects109
Value: 1
.dtscdn.com/ Name: uid
Value: 51A016318265416E95F869111E6880A2
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 59295df85e2440707760e857aabe186a
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLU0sjRNSbMwTTUyMTEwNzA3NzNItTA1T0xMSjW0MEtkAIJE5035IBoCeD5%2BtmT8KMvwn5GR4dniOSww9vI%2FhTDm341T4MLHjx5ihonv3ndZAMb%2B0HAfzj6MZMz0E%2BowJR9PnNKAsd8tQdi0ZsNTbpg4AHvDPVQ%3D"
.kinoxits.net/ Name: _cc_id
Value: 59295df85e2440707760e857aabe186a
.kinoxits.net/ Name: _cc_cc
Value: ACZ4XmNQMLU0sjRNSbMwTTUyMTEwNzA3NzNItTA1T0xMSjW0MEtkAIJE5035IBoCeD5%2BtmT8KMvwn5GR4dniOSww9vI%2FhTDm341T4MLHjx5ihonv3ndZAMb%2B0HAfzj6MZMz0E%2BowJR9PnNKAsd8tQdi0ZsNTbpg4AHvDPVQ%3D
.kinoxits.net/ Name: _cc_aud
Value: ABR4XmNgYGBIdN6UD6QggJmBgWsGmLmoFUQyPqwHkgBaiATz
.kinoxits.net/ Name: panoramaId_expiry
Value: 1632431343157
.kinoxits.net/ Name: panoramaId
Value: 62c8315604eb47f6e962ae8d8c6a16d539383ef7c77191cf38a8fbe437fdaab8
.tapad.com/ Name: TapAd_TS
Value: 1631826543358
.tapad.com/ Name: TapAd_DID
Value: 66db763b-f2bb-48b9-8f0c-c7a07b373948
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.id5-sync.com/ Name: id5
Value: 9fe46b40-2f38-4e9f-834f-8333b576a4a3#1631826525670#2
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.krxd.net/ Name: _kuid_
Value: OXbbqwa7
.agkn.com/ Name: ab
Value: 0001%3AIr%2BrEZe5bkPRPxcbhRUaPF98GccEctfd
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIdN6UD6QggJmBYVErmMk1A0QyPqwHkgBeKwTz"
.mathtag.com/ Name: uuid
Value: 48d06143-b26f-4500-a999-6960617eb50d
.demdex.net/ Name: demdex
Value: 39830878933850698794508296921699581519
.dpm.demdex.net/ Name: dpm
Value: 39830878933850698794508296921699581519
.tidaltv.com/ Name: tidal_ttid
Value: 5d21dc33-4d5b-40bc-b9f3-6b70deeb75c6
.w55c.net/ Name: wfivefivec
Value: GMauBt1l1MqYCX5
.sitescout.com/ Name: ssi
Value: 71dc7a34-33d2-45b9-a160-13a74ff5961a#1631826543593
.w55c.net/ Name: matchlotame
Value: 5
.sitescout.com/ Name: _ssuma
Value: eyI3IjoxNjMxODI2NTQzNjI0fQ
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjA3tzI0NAAA9Yzi0wkAAAA="
.turn.com/ Name: uid
Value: 2744828466399490216
.id5-sync.com/ Name: 3pi
Value: 224#1631826525978#-628480540|321#1631826525881#-1897356074|19#1631826525679#-1831907177#59295df85e2440707760e857aabe186a|398#1631826525978#485026599
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YUOybwACEFdEjgAT
.adnxs.com/ Name: uuid2
Value: 4886402180158231544
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-d950d188-d678-4b2c-4e38-37c95f0a47e5.CTswckK0JeexFOdLnm40w07XwoTTaDV5IGX1i6PssfI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A0-d950d188-d678-4b2c-4e38-37c95f0a47e5%24ip%24216.131.114.43.kCUHMXjEeXn3qDdJvubb98ZYcDqlhz1OQxEUwL9kxEQ
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: t1lvwn2gdq4cshe31ryrvgaj
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: tidgubpyrzeu42qxvfdhosup
.ib.mookie1.com/ Name: ibkukiuno
Value: s=70b9e22e-c9f5-44e0-a466-b82d5619e14a&h=&v=3984394051&l=-8585697803278129642&op=&hl=0&vlu=3&tcs=1&dcc=-8585697803278129642
.ib.mookie1.com/ Name: ibkukinet
Value: 3632493099=-8585697803278129642

5 Console Messages

Source Level URL
Text
network error URL: https://kinoxits.net/engine/skins/default.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kinoxits.net/engine/skins/default.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://kinoxits.net/templates/MOVIEBOX_DARK/webfonts/fa-regular-400.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9398.RzioSfDuvR9LSFhcq1wnO-trGstqeHWV5n_RatcGRxHITccBPH64LsgYvr9ImT0JdtfVSCRZKj48QTxlgeg7ww%2C%2C.EYePNWRHkgA7Zv7lThAAfsv6KLY%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync.tag.clrstm.com/lotame/sync?uid=59295df85e2440707760e857aabe186a
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
aa.agkn.com
adservice.google.com
bcp.crwdcntrl.net
beacon.krxd.net
brdmin.com
c.cintnetworks.com
cdn.tynt.com
cm.adgrx.com
cm.g.doubleclick.net
counter.yadro.ru
d.turn.com
de.tynt.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
global.ib-ibi.com
goldfilm.net
googleads.g.doubleclick.net
i.ibb.co
ib.mookie1.com
ic.tynt.com
id5-sync.com
informer.yandex.ru
kinoxits.net
loadm.exelator.com
match.adsrvr.org
mc.yandex.com
mc.yandex.ru
mrelko.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
partnercoll.github.io
pd.sharethis.com
pixel-sync.sitescout.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
retarget.ssl-services.com
secure.adnxs.com
stats.g.doubleclick.net
stats.myangular.life
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.sharethis.com
sync.srv.stackadapt.com
sync.tag.clrstm.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
test.takedwn.ws
tpc.googlesyndication.com
use.fontawesome.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
sync.tag.clrstm.com
104.111.215.191
104.16.88.26
104.21.32.44
104.21.40.131
104.21.78.7
104.26.4.7
138.197.56.196
138.201.51.138
142.250.181.226
142.250.184.194
142.250.184.202
142.250.185.130
142.250.185.226
142.250.185.232
142.250.185.66
142.250.186.129
142.250.186.130
145.239.131.60
151.101.130.49
172.217.18.110
172.217.19.99
172.217.23.100
172.67.220.51
18.66.112.41
18.66.97.88
185.199.110.153
185.29.134.248
185.33.221.13
185.66.89.131
188.72.221.186
208.100.17.186
3.125.99.7
31.31.198.39
34.254.143.3
34.255.169.92
35.176.195.187
35.227.248.159
46.228.164.13
51.144.7.192
51.75.146.200
51.79.83.225
51.89.24.70
52.222.214.95
52.28.151.162
52.29.0.64
52.48.137.92
52.48.53.255
52.49.107.116
54.175.198.118
63.251.232.170
64.58.232.176
66.155.71.25
67.202.105.31
67.202.114.214
69.169.86.39
74.125.206.155
76.223.111.131
87.236.16.8
87.250.251.119
88.212.201.198
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d91e7bf873b687ac00e3167cc352221c500320f92efd05a8abf94241ffaa56
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10e4800bb8797bfe5648743ab240b419817efd521026fa21a0dded2cfc541490
17b7e53b981c41f5183fd23e96462bb23774706dfbac95f47492a8a14250415c
195b9acc2c5e784c493128cdc8a77250398ea7e1b596710d7f44c38b7e4c1bce
1b1521cbf2c4284a8e107c202e45a4fcf655cb6093f1f3a432724c7cf265e843
1bbdb0862512fc89f9cb0d844756d3fc41fb5b56b264d776a0b96f35020d1aa6
21103b10d89449ac9db3d5db945080082d43b12c28107b9d19b6a88cf670a0ed
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
25981f9ec633ba8fe0993b278424450b407345b7f22e316e957a0f236c978cdd
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2824c1eaa9cb75658f8ea301f1693cedeb32aad55d715a60fd35da32da899862
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3329a1b7df435c94f0ce0ad7fb684813d4556d8bcf4e32ccd867b84d1ec71d95
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
515048287a859ea3f2a6c53d0638e23ad55ef0f8938bc5bd06ff0950c50cfd7f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5c6acfd138a9a1db37b7f8a085421e2413bc511c8b6351504a839031adc66749
5dc561464a8f213d8bdde2b4036c87fb1679ebe039fba3f19bf9bcb3685ef808
5e9693bea9223f79694d7740ad7ae708def8664f304c37f0a23ade0c57417794
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
6257df35087b8470c682924d6cb3769e316d5375dba54fba14ffe95f2fb1d2cc
63b46510b5d3c55d7a030f570f0c9a6c695e7ba1788ff6bb89933d96ea966e2d
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
694b3d44092af2be786c584ad80546df912fb0bf621e760a9bfd8d0c8f986be9
69faef17aa881302dc2d4232c5e8f40c30dd40eed4dccb52b71a6cdd1382746b
6c193e4e32bb3d3484f37c96f4c3934b4c8c6fef40166d396cfbdad8238973dc
777d4ed23d3dfa13b1bf4028f0da2802c81562b7a8ab5bd070f77b3779c61c52
804e6d6f64c0bb06ada493b82a359c950c5c1ba9c65e66cde1cf09c479c4a0e1
815772b443b23ef0ef0929fd6305b13cae6a6345c7d55613a9d8d03e2f9efdb8
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8a427847e1150f6a630e0d196f85b5da5b1d3652fe11d2c3dc85c63ff219035f
8a9820e7a05173822b9285ee2c2815e16b058bd2c40bc7ca8ba5387f7a6840ae
8d6374f10846703935ce201e4e361ec6b54c1e488b0971570ed392a7b7a67a08
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92ceaee1d3af4a639f5c1fab550009f1224b30e3dfd9caecad23c471541d57e3
95f0585d0b7430c230a44f6834a3b0a51a5b6a0484dabef371131d502f8dbda6
98af3f0a94a76ed97e44190351f46840fdc90eee98a62820fecee3ab37949221
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b174cdcfe01777da966ad727b4ebaa7f4c58347ae137b713601c1588d64c176
9fb35e6600a7157c95ffc0c74e006c763a5b3f42ecb7a412da87f7c28a88d27b
a0516f9a3f8c118fdc614ce0fb1d66c6b9792749ad4542b6a2abd5c366cc759f
a3da8ad234b6bcd892d3efa3950c2e4f677cd5f98422ef1b8775eceb33b3e6b3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a8fb761046658f69cf76644463af836dc85c492bcabc43793ab6fbe4f9e2f21b
a97000b74006f16532e2d380cbed2e3dabd80ea9b85625fcb123d96cb9a0369a
ae8cce0b0669afcaeebf073c582790b065c1d333bd48418fdba9f993482980b5
b0c10ad565d9d7fc3e082ee33cc7a5d3e8906789640deabcf2de4fabeeead90c
b573ece91583c8b698a08e0ae76c46678388190c11a7851ca1fd94f5548826cb
baf2c878746725481a09ba009c48e1175c54de4032b7fa50f2aaa4253542efbf
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
c5c44afc84eb882c171355b664f14b251d5c34db9023b719ba29dac938b6554e
c8f573d61b63c7f169a1209bb7fda1c740556c3655bd918d3ee949026bc7a6b2
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d77bbbe7a0b2f28e8258ab3b63faa5b4f1490aa6e56df74fa451b03f236da5e5
d860a9894b043142169904d0f318c1913accd3a6587aafbd8f412b1005a01e6b
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
da5f3c964672c3c16cee672fd13145f4219b5e4dc48f2bf851d5af1285cb6128
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0696668a639172d10213801ad2d984f4acccaef580057e6d1aecad8dadf325d
e10d31703a6130844c5eaece9a3a71bd02c83db0f94ad345a77650a7b7be691c
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e543d9dda136f7f82629e5deb951141b8fdb036a24062e912ce59bb7b0e823c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4dbca8da16899f9f4180f0bb04c5b14f661bc9fc12c87698c1cee154ce2ef65
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f55a11baf33fb17425e40acd9266d2277424db4e0ae3bf3c703418de8b13101d
fb70608a915d6d59374a363ddb7f64ada485222ff0638c36345fffd2e49d523f
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62