kino-teka.ru Open in urlscan Pro
190.115.26.30 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kino-teka.ru/
Submission: On November 21 via api (November 21st 2023, 11:59:51 am UTC) from US — Scanned from US

Summary HTTP 242 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 242 HTTP transactions. The main IP is 190.115.26.30, located in Belize and belongs to IQWEB, AE. The main domain is kino-teka.ru.
TLS certificate: Issued by R3 on October 27th 2023. Valid for: 3 months.

This is the only time kino-teka.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
36	190.115.26.30 190.115.26.30	59692 (IQWEB) (IQWEB)
39	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
8	2607:f8b0:400... 2607:f8b0:4006:81d::200a	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
13	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
43	2607:f8b0:400... 2607:f8b0:4006:80c::2006	15169 (GOOGLE) (GOOGLE)
29	2607:f8b0:400... 2607:f8b0:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
10 20	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
3 7	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
15	54.230.163.129 54.230.163.129	16509 (AMAZON-02) (AMAZON-02)
10	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
2 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	23.51.57.155 23.51.57.155	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:1f18:612... 2600:1f18:612b:4264:daa9:3300:1f77:ca7c	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1 2	63.251.28.133 63.251.28.133	26558 (FREEWHEEL) (FREEWHEEL)
8	54.76.181.172 54.76.181.172	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2004	15169 (GOOGLE) (GOOGLE)
242	21

36 190.115.26.30 (Belize)

ASN59692 (IQWEB, AE)

kino-teka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81d::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2607:f8b0:4006:80c::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:4006:80a::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.251.40.98 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.64.151.101 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.67.179.166 (North Bergen, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.230.163.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-129.ewr53.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.155 (Secaucus, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-155.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:daa9:3300:1f77:ca7c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.200.65.202 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.28.133 (Secaucus, United States) 1 redirects

ASN26558 (FREEWHEEL, US)

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.76.181.172 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com

neural40.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	647 KB
43	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	5 MB
39	doubleclick.net 10 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154	247 KB
36	kino-teka.ru kino-teka.ru	713 KB
23	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 26245 neural40.cdnwebcloud.com — Cisco Umbrella Rank: 33687	49 KB
15	gstatic.com fonts.gstatic.com www.gstatic.com	420 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	7 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	382 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	4 KB
3	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 522	751 B
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 566	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 327	571 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1403	630 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11595	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1279	175 B
0	spotxchange.com Failed sync.search.spotxchange.com Failed
242	18

	Domain	Requested by
43	s0.2mdn.net	kino-teka.ru s0.2mdn.net googleads.g.doubleclick.net
39	pagead2.googlesyndication.com	kino-teka.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
36	kino-teka.ru	kino-teka.ru
29	tpc.googlesyndication.com	kino-teka.ru googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
16	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
15	bucket.cdnwebcloud.com	s0.2mdn.net kino-teka.ru bucket.cdnwebcloud.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	fonts.gstatic.com	fonts.googleapis.com
10	ad.doubleclick.net	kino-teka.ru
8	neural40.cdnwebcloud.com	googleads.g.doubleclick.net
8	fonts.googleapis.com	kino-teka.ru s0.2mdn.net googleads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
3	us-u.openx.net	2 redirects googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
2	ads.stickyadstv.com	1 redirects googleads.g.doubleclick.net
2	ups.analytics.yahoo.com	2 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects kino-teka.ru
1	www.google.com	tpc.googlesyndication.com
1	partners.tremorhub.com	googleads.g.doubleclick.net
0	sync.search.spotxchange.com Failed	googleads.g.doubleclick.net
242	23

This site contains links to these domains. Also see Links.

Domain
vk.com

Subject Issuer	Validity	Valid
kino-teka.ru R3	`2023-10-27` - `2024-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.cdnwebcloud.com Amazon RSA 2048 M03	`2023-08-23` - `2024-09-21`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 28 frames:

Primary Page: https://kino-teka.ru/
Frame ID: 678DA43555D5841A61A60C59B68BDAAC
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 56A3EDE77E1E6CA43BD11E6374C2C316
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&adk=1812271804&adf=3025194257&lmt=1700567984&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983639&bpp=4&bdt=554&idt=379&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4092285420638&frm=20&pv=2&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=422
Frame ID: 09EAC4F2A86EE05A0FECAF4FE5757E30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446
Frame ID: 1038C49D05C68FA486D7FDF8649117F7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
Frame ID: 50A2F598CD41D7FB746FCFBCB9F9EDB1
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWv8BnTdrJ0jaNe_GwciYIkEeD3Rm9qziDpIeECa_1mpIAdu6Jf0pPSho4ZOFpRjB_dsHyw4F1Qqoo65ekJ3NVJZsdnIw
Frame ID: CF87239ED9E13EB3E14EFCA2F4D35F6E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNW_YErGhJWxKekLDlWvmEE70zZMK67oXElIKBc9ER0tbAf2uH8D94EJOPU8184ep29rP5XaaU2G8aKqgS7Y4DWRHsX9iw
Frame ID: 78111FA0AC8C87BB1630DA97573FB90E
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
Frame ID: 1E2F12102A73B97CA803EBBFDE371684
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4C4C68420A2133039412D03AB676210F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 90503215D993784DBB5DC08D94CD5A8A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: BE7FC12F0A6CD73C95299F22A33762DF
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C48E9AED75126E12127C4219E23766C7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 12F5B60283DC394F9F31AD270DE92719
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 955AD882E6AAB9067F43F19DF5094163
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
Frame ID: FDFF544D10E36D8654F2F39CBCC771B5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWTktmzpsp1V3qUQ8Seb-l4rbzaH6My-CSfDUdGjji6chUMLVvRP4Zs0rr7tS0kF6LMrdP5jTpOCEEahXE-nkaMXyZ8QA
Frame ID: D1967CE30EDDAA924738454B4444436D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNX7EoE_l6Q5IkuW0veQCRjvvkp8LLL6yMJok1wupKUw0fk76lF6OE74f--w3cWJ1Kgcht3KvoyvFzn-AOeXeJyN5yayEQ
Frame ID: 44AD4C9245C00D27B2C2C6128723776A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV4OPXZMlMx8FFOtEPVlckm1SgI5HNYA07zQgLRNbKHZFYJrh1myVKCddbPfrPdFi864nL6fn6BPvSlE7G9zw9fKktsRA
Frame ID: 258A7D206D868EA0DF0D88EB5422C183
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 24047DEA5A77FC445B17D5D40FF10A90
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
Frame ID: 068A7BB5FC79410C0E67F6B38EC3F8C0
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 21983B27CF3495E481C0026C79C2ED18
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
Frame ID: F2A7F3F6030B7159C35DAB576D81F3E9
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E4EC1C0E037A9847B7ADEC6D1AF7B0DF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BB681331E7EB3D35FCBF24DDA3A3D6FD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
Frame ID: F62DA12B6B062D80525D84A5E62A088C
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 2B87A4AB6673A2815F4DE3902F92C125
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 285973771A93B32479550404CF9AC43D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE430FEE77D7F82BB04219438E4E0E3C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

КиноТека - онлайн журнал о кино

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

242
Requests

92 %
HTTPS

43 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

7653 kB
Transfer

11630 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://vk.com/tureckie_serialy_online
Title: Форум

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

Request Chain 56

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVybsAFREXQRrT06cvFNWwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

Request Chain 58

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

Request Chain 71

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVybsAFREXQRrT06cvFNWwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

Request Chain 74

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEi0gOoU_Qadc2jDSz_AJWE&google_cver=1

Request Chain 130

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYyZGRiZGItYzY3Mi0yZDc3LWQ5NmYtZWQ4ZjdkNDQ3MTEz

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESENeIJiue5Y-ZRHhYC-J8H1g&google_cver=1

Request Chain 132

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjczNDg1ZmItNTk3MS00MWNiLWFmNDUtNTUzNmQwMjUyN2M1

Request Chain 146

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
https://partners.tremorhub.com/sync?UIGL=CAESEHzjJrG_xLzXWLwBRNSYlBI&google_cver=1

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAW_rJ_QC-fHJYpJn7KDngA&google_cver=1

Request Chain 149

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KeU1ENjBWRTJ1SFF6U2xtOVVNUnUxX2NZdUxCWWhfWH5B

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEP_GseKYwaU1W5andXHfSIE&google_cver=1

Request Chain 151

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDliN2RkZmJkNmRiOGU5YTM0MWJhYTRkNTdlNDRjZQ==&gdpr=0&gdpr_consent=

242 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
kino-teka.ru/ 167 KB
32 KB 922ms
852ms Document
text/html 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard / PHP/5.4.16

Resource Hash

2f25c10fef104c2da07fdae05a86c56518301992a6e3fea545a2519b25c18f22

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-security-policy: upgrade-insecure-requests;
content-type: text/html
date: Tue, 21 Nov 2023 11:59:42 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: ddos-guard
vary: Accept-Encoding
x-powered-by: PHP/5.4.16

GET
H2 200 1698690261_cagdasonurozturk_1615448637_2526888779869714279_300343461-1024x682.jpg
kino-teka.ru/uploads/posts/2023-10/thumbs/ 14 KB
14 KB 76ms
73ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-10/thumbs/1698690261_cagdasonurozturk_1615448637_2526888779869714279_300343461-1024x682.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

94d4cf98ef217d7d9a0c1c58450556bad71cc17a8e8910fad0a11b0da8611166

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:07 GMT
last-modified: Mon, 30 Oct 2023 18:23:29 GMT
server: ddos-guard
age: 123876
etag: "653ff4a1-3939"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14649
expires: Tue, 19 Nov 2024 01:35:07 GMT

GET
H2 200 1653930384_sen-ve-ben-filmi-show-tv-850x478.jpg
kino-teka.ru/uploads/posts/2022-05/thumbs/ 22 KB
23 KB 56ms
55ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2022-05/thumbs/1653930384_sen-ve-ben-filmi-show-tv-850x478.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

65aaec54f22a4f0d11da77b506aef1aee695faf0f7422825d0fc008e3765169f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:07 GMT
last-modified: Mon, 30 May 2022 17:05:35 GMT
server: ddos-guard
age: 123876
etag: "6294f95f-598f"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 22927
expires: Tue, 19 Nov 2024 01:35:07 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 265ms
124ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7bdc686f2e0afaf87d6d2e3b2b8a0d02fdbb55beb0a88c84ed93b141963c592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53093
x-xss-protection: 0
server: cafe
etag: 12393705377537002586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:43 GMT

GET
H2 200 jquery.js Show response
kino-teka.ru/engine/classes/js/ 91 KB
33 KB 40ms
40ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/js/jquery.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 19 Nov 2023 04:58:34 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:34 GMT
server: ddos-guard
age: 198070
etag: W/"602264fe-16dc4"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 33216
expires: Mon, 18 Nov 2024 04:58:34 GMT

GET
H2 200 jqueryui.js Show response
kino-teka.ru/engine/classes/js/ 74 KB
21 KB 71ms
70ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/js/jqueryui.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

0c6e66c2bba388fc30ac3113601763fbb6123d7e7dfaad8ba89884eb0f732ad4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 19 Nov 2023 04:58:34 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:34 GMT
server: ddos-guard
age: 198070
etag: W/"602264fe-12897"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 21277
expires: Mon, 18 Nov 2024 04:58:34 GMT

GET
H2 200 dle_js.js Show response
kino-teka.ru/engine/classes/js/ 23 KB
5 KB 71ms
70ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/js/dle_js.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

717feec6630cc7937750fa4ce50f48a6e326f41f606fbe8da4c81507d86b11b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 19 Nov 2023 04:58:33 GMT
content-encoding: br
last-modified: Sun, 02 Jan 2022 10:44:49 GMT
server: ddos-guard
age: 198071
etag: W/"61d18221-5a0e"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 5423
expires: Mon, 18 Nov 2024 04:58:33 GMT

GET
H2 200 lazy.js Show response
kino-teka.ru/templates/city-skyline/assets/js/ 3 KB
1 KB 72ms
71ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/js/lazy.js?v=2

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

cce53cb17e63ec7e7b40e9b7cd0d52709605e19e82e11e069bc26f1ac081eb9f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 48094
etag: W/"602264ff-d36"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 1271
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 active.js Show response
kino-teka.ru/templates/city-skyline/assets/js/ 836 B
429 B 72ms
71ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/js/active.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

aa4cfbe1b8c797d423d02f7988369f80880a4516f59de66000f2e9b9e6a207b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 19 Nov 2023 04:58:34 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 198070
etag: W/"602264ff-344"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 370
expires: Mon, 18 Nov 2024 04:58:34 GMT

GET
H2 200 masha.js Show response
kino-teka.ru/engine/classes/masha/ 24 KB
8 KB 71ms
69ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/masha/masha.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

9c67f45823b3fab39e6b2a29045574b1f3826ddaafc8ac9bbed13f711dc7c161

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:34 GMT
server: ddos-guard
age: 48094
etag: W/"602264fe-61f9"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 7869
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 share42.js Show response
kino-teka.ru/templates/city-skyline/share42/ 3 KB
1 KB 87ms
42ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/share42/share42.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

b53465edbc4a837af37be44faf39670d440880aad65b885adc7fd2f519d127c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 48094
etag: W/"602264ff-ad5"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 1161
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 bootstrap.min.js Show response
kino-teka.ru/templates/city-skyline/assets/js/ 28 KB
7 KB 97ms
35ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/js/bootstrap.min.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

6862e0b8df7c691296fa898f7ec242cd2b6f86c2efd40f727bd1608fa95f4bca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 05:10:41 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 24542
etag: W/"602264ff-6f81"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 7263
expires: Wed, 20 Nov 2024 05:10:41 GMT

GET
H2 200 bbcodes.js Show response
kino-teka.ru/engine/classes/js/ 9 KB
3 KB 106ms
35ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/js/bbcodes.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

c9767d92732dcf37408c30df9d20f8e001a6a97ce1e3b9dd77a501cd2d10c8e5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 05:10:39 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:34 GMT
server: ddos-guard
age: 24544
etag: W/"602264fe-25ba"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 2733
expires: Wed, 20 Nov 2024 05:10:39 GMT

GET
H2 200 highslide.js Show response
kino-teka.ru/engine/classes/highslide/ 33 KB
16 KB 126ms
39ms Script
application/javascript 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/engine/classes/highslide/highslide.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

b0bfa018099415ed4d1dbcca07d833d643f829093fc2e6b5eb141dfa5af81014

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:34 GMT
server: ddos-guard
age: 48094
etag: W/"602264fe-82d4"
vary: Accept-Encoding
content-type: application/javascript
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 16449
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 city.css
kino-teka.ru/templates/city-skyline/assets/css/ 15 KB
3 KB 119ms
33ms Stylesheet
text/css 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/css/city.css

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

2bc25687d4531f68f9b32cfe93b1a9e4e51a1fa7bbba0eb03bf6888ffd90f4a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 48094
etag: W/"602264ff-3a14"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 2937
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 engine.css
kino-teka.ru/templates/city-skyline/style/ 29 KB
5 KB 121ms
35ms Stylesheet
text/css 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/style/engine.css

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

f58207ac07bb5627b3ee55ac5433a7e41770834f69e44e3b16a9e0af1bf4c5cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 22:38:09 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 48095
etag: W/"602264ff-73f7"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 5412
expires: Tue, 19 Nov 2024 22:38:09 GMT

GET
H2 200 glyphicons-halflings-white.png
kino-teka.ru/templates/city-skyline/assets/img/ 9 KB
9 KB 119ms
34ms Image
image/png 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/templates/city-skyline/assets/img/glyphicons-halflings-white.png

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 05:10:36 GMT
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 24547
etag: "602264ff-2249"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 8777
expires: Wed, 20 Nov 2024 05:10:36 GMT

GET
DATA 200
OK truncated
/ 120 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079

43 B
528 B

180ms
179ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 11:59:43 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Sun, 20 Nov 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 11:59:43 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kino-teka.ru/;0.5697516103887079
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sun, 20 Nov 2022 21:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 219ms
81ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,500,300&subset=latin,cyrillic-ext,cyrillic

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/assets/css/city.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82c2a404f9c92985646a78fb50ecd69ad0117c4eb9302c2a23f46003166b6b1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:59:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:43 GMT

GET
H2 200 entypo.css
kino-teka.ru/templates/city-skyline/assets/css/api/ 12 KB
2 KB 33ms
32ms Stylesheet
text/css 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/css/api/entypo.css

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/assets/css/city.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

6fe7af09f32b38a8d8c00cc0f31314155079b9bbf475f1908c1b7e02b0492d04

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/templates/city-skyline/assets/css/city.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sun, 19 Nov 2023 04:58:35 GMT
content-encoding: br
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 198068
etag: W/"602264ff-2ebf"
vary: Accept-Encoding
content-type: text/css
ddg-cache-status: HIT
cache-control: max-age=31536000
content-length: 2303
expires: Mon, 18 Nov 2024 04:58:35 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v36/ 26 KB
26 KB 299ms
164ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,500,300&subset=latin,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kino-teka.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:01:40 GMT
x-content-type-options: nosniff
age: 529083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26640
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 01:00:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Nov 2024 09:01:40 GMT

GET
H2 200 223.jpg
kino-teka.ru/templates/city-skyline/assets/img/ 124 KB
124 KB 38ms
37ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/templates/city-skyline/assets/img/223.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/assets/css/city.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

af760fe3bdb5cad983bea6c95edb390d292be835f6a6759463090edf2654c176

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/templates/city-skyline/assets/css/city.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:07 GMT
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 123876
etag: "602264ff-1f108"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 127240
expires: Tue, 19 Nov 2024 01:35:07 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v36/ 47 KB
48 KB 195ms
63ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600,500,300&subset=latin,cyrillic-ext,cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kino-teka.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 03:32:18 GMT
x-content-type-options: nosniff
age: 30445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48432
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 03:32:18 GMT

GET
H2 200 rating.png
kino-teka.ru/templates/city-skyline/dleimages/ 1 KB
1 KB 54ms
54ms Image
image/png 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/templates/city-skyline/dleimages/rating.png

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/style/engine.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

4e722f1dcbcb8b17103cc4718bdc78e9a4562729c768d5fcbc35ec8be3bd3b1d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/templates/city-skyline/style/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 11:10:33 GMT
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 89350
etag: "602264ff-418"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1048
expires: Tue, 19 Nov 2024 11:10:33 GMT

GET
H2 200 top-news2.jpg
kino-teka.ru/templates/city-skyline/images/ 499 B
601 B 48ms
48ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/templates/city-skyline/images/top-news2.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/style/engine.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

87bd0bfdbb922427b3bb33861cabb9a65d7c8a042f7c75f27a962789eca47d39

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/templates/city-skyline/style/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Sat, 18 Nov 2023 17:28:12 GMT
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 239491
etag: "602264ff-1f3"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 499
expires: Sun, 17 Nov 2024 17:28:12 GMT

GET
H2 200 entypo.woff
kino-teka.ru/templates/city-skyline/assets/css/fonts/entypo/ 44 KB
44 KB 46ms
46ms Font
application/font-woff 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://kino-teka.ru/templates/city-skyline/assets/css/fonts/entypo/entypo.woff

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/assets/css/api/entypo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

434d5a30d2359d95efc266dbe0fffcac2c1846e133d4713bebb7c337bdfb84ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

Referer: https://kino-teka.ru/templates/city-skyline/assets/css/api/entypo.css
Origin: https://kino-teka.ru
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 06:31:55 GMT
content-encoding: gzip
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 106068
etag: W/"b060-5bae4d1a0d7f5"
vary: Accept-Encoding
content-type: application/font-woff
ddg-cache-status: HIT
accept-ranges: bytes
content-length: 45152

GET
H2 200 marker.png
kino-teka.ru/templates/city-skyline/dleimages/ 2 KB
2 KB 33ms
33ms Image
image/png 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/templates/city-skyline/dleimages/marker.png

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/templates/city-skyline/style/engine.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

1aff52209ca02c03b907aaea98626726f385cfcd35177b52cf45513a199accef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/templates/city-skyline/style/engine.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 05:10:46 GMT
last-modified: Tue, 09 Feb 2021 10:33:35 GMT
server: ddos-guard
age: 24537
etag: "602264ff-61c"
content-type: image/png
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1564
expires: Wed, 20 Nov 2024 05:10:46 GMT

GET
H2 200 1693425208_59f00159-1b18-4a1a-b48f-0adbc1a82ad3-1.jpg
kino-teka.ru/uploads/posts/2023-08/thumbs/ 17 KB
17 KB 40ms
38ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-08/thumbs/1693425208_59f00159-1b18-4a1a-b48f-0adbc1a82ad3-1.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

0a25aca4031ba44ebc1e52dafa76f9e63ca9208280dd831f9c1d830a8f250b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Wed, 30 Aug 2023 19:53:02 GMT
server: ddos-guard
age: 123875
etag: "64ef9e1e-446d"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17517
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1698523154_birderdimvar-dizi-afis1-1.jpg
kino-teka.ru/uploads/posts/2023-10/thumbs/ 33 KB
33 KB 40ms
38ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-10/thumbs/1698523154_birderdimvar-dizi-afis1-1.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

42949c5bb06a4b4440975003ec98ef9e3be7b5695281e1bd760b721d827a6ea6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Sat, 28 Oct 2023 19:58:23 GMT
server: ddos-guard
age: 123875
etag: "653d67df-8243"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33347
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1624866815_4304.jpg
kino-teka.ru/uploads/posts/2021-06/thumbs/ 37 KB
37 KB 35ms
34ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-06/thumbs/1624866815_4304.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

3c0be3a87bf30a61205ea128e82caf22f878d118864781146a3cf31fd05c82e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Mon, 28 Jun 2021 07:53:15 GMT
server: ddos-guard
age: 123875
etag: "60d97feb-925c"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37468
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1621766748_kinoteka_quererlotodo.jpg
kino-teka.ru/uploads/posts/2021-05/thumbs/ 36 KB
36 KB 43ms
42ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-05/thumbs/1621766748_kinoteka_quererlotodo.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

807cc269016d5246d8ded6f0b1caf2f6b5c414784b410be348a183fe4df8b85a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 17 Nov 2023 02:12:12 GMT
last-modified: Sun, 23 May 2021 10:45:41 GMT
server: ddos-guard
age: 380851
etag: "60aa3255-8e8a"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36490
expires: Sat, 16 Nov 2024 02:12:12 GMT

GET
H2 200 1610890950_17126934_1013165485450286_3547789809953013760_n.jpg
kino-teka.ru/uploads/posts/2021-01/thumbs/ 13 KB
14 KB 42ms
41ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-01/thumbs/1610890950_17126934_1013165485450286_3547789809953013760_n.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

99135164a7de3481feedb959114ae5d493afae805f186322564b007d5bca8469

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 08:19:04 GMT
last-modified: Tue, 09 Feb 2021 10:33:24 GMT
server: ddos-guard
age: 13240
etag: "602264f4-35a7"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13735
expires: Wed, 20 Nov 2024 08:19:04 GMT

GET
H2 200 1693480209_5141.jpg
kino-teka.ru/uploads/posts/2023-08/thumbs/ 24 KB
24 KB 42ms
41ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-08/thumbs/1693480209_5141.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

624d274f65f0e1d6f27e9fa137be24f8851428155ac2c7bb35b68c93a2ea1651

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Thu, 31 Aug 2023 11:09:44 GMT
server: ddos-guard
age: 123875
etag: "64f074f8-601d"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24605
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1698689365_kirli-sepeti-4-5.jpg
kino-teka.ru/uploads/posts/2023-10/thumbs/ 19 KB
19 KB 37ms
36ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-10/thumbs/1698689365_kirli-sepeti-4-5.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

dd303f3b7e59dff356b30bcb883478be0e6b9a2996589ba4caebf08200643b50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Mon, 30 Oct 2023 18:07:55 GMT
server: ddos-guard
age: 123875
etag: "653ff0fb-4a12"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18962
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 400 KB
135 KB 168ms
164ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1d9a8be83f500a0eb9bbf5d12be504e869a05109a5c791dc96c9f830feefb4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138489
x-xss-protection: 0
server: cafe
etag: 16492166420004369612
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:43 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 56A3 9 KB
4 KB 197ms
62ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 30080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 03:38:23 GMT
etag: 16674218716276178799
expires: Tue, 05 Dec 2023 03:38:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 1624866815_4304.jpg
kino-teka.ru/uploads/posts/2021-06/thumbs/ 37 KB
37 KB 33ms
33ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-06/thumbs/1624866815_4304.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

3c0be3a87bf30a61205ea128e82caf22f878d118864781146a3cf31fd05c82e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Mon, 28 Jun 2021 07:53:15 GMT
server: ddos-guard
age: 123875
etag: "60d97feb-925c"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 37468
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1698689365_kirli-sepeti-4-5.jpg
kino-teka.ru/uploads/posts/2023-10/thumbs/ 19 KB
19 KB 35ms
34ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-10/thumbs/1698689365_kirli-sepeti-4-5.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

dd303f3b7e59dff356b30bcb883478be0e6b9a2996589ba4caebf08200643b50

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Mon, 30 Oct 2023 18:07:55 GMT
server: ddos-guard
age: 123875
etag: "653ff0fb-4a12"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 18962
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1698523154_birderdimvar-dizi-afis1-1.jpg
kino-teka.ru/uploads/posts/2023-10/thumbs/ 33 KB
33 KB 39ms
39ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-10/thumbs/1698523154_birderdimvar-dizi-afis1-1.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

42949c5bb06a4b4440975003ec98ef9e3be7b5695281e1bd760b721d827a6ea6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Sat, 28 Oct 2023 19:58:23 GMT
server: ddos-guard
age: 123875
etag: "653d67df-8243"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33347
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1693425208_59f00159-1b18-4a1a-b48f-0adbc1a82ad3-1.jpg
kino-teka.ru/uploads/posts/2023-08/thumbs/ 17 KB
17 KB 34ms
34ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-08/thumbs/1693425208_59f00159-1b18-4a1a-b48f-0adbc1a82ad3-1.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

0a25aca4031ba44ebc1e52dafa76f9e63ca9208280dd831f9c1d830a8f250b57

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Wed, 30 Aug 2023 19:53:02 GMT
server: ddos-guard
age: 123875
etag: "64ef9e1e-446d"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 17517
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1693480209_5141.jpg
kino-teka.ru/uploads/posts/2023-08/thumbs/ 24 KB
24 KB 35ms
34ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2023-08/thumbs/1693480209_5141.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

624d274f65f0e1d6f27e9fa137be24f8851428155ac2c7bb35b68c93a2ea1651

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Mon, 20 Nov 2023 01:35:08 GMT
last-modified: Thu, 31 Aug 2023 11:09:44 GMT
server: ddos-guard
age: 123875
etag: "64f074f8-601d"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24605
expires: Tue, 19 Nov 2024 01:35:08 GMT

GET
H2 200 1610890950_17126934_1013165485450286_3547789809953013760_n.jpg
kino-teka.ru/uploads/posts/2021-01/thumbs/ 13 KB
13 KB 38ms
38ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-01/thumbs/1610890950_17126934_1013165485450286_3547789809953013760_n.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

99135164a7de3481feedb959114ae5d493afae805f186322564b007d5bca8469

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Tue, 21 Nov 2023 08:19:04 GMT
last-modified: Tue, 09 Feb 2021 10:33:24 GMT
server: ddos-guard
age: 13240
etag: "602264f4-35a7"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 13735
expires: Wed, 20 Nov 2024 08:19:04 GMT

GET
H2 200 1621766748_kinoteka_quererlotodo.jpg
kino-teka.ru/uploads/posts/2021-05/thumbs/ 36 KB
36 KB 38ms
38ms Image
image/jpeg 190.115.26.30
IQWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kino-teka.ru/uploads/posts/2021-05/thumbs/1621766748_kinoteka_quererlotodo.jpg

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

190.115.26.30 , Belize, ASN59692 (IQWEB, AE),

Reverse DNS

Software

ddos-guard /

Resource Hash

807cc269016d5246d8ded6f0b1caf2f6b5c414784b410be348a183fe4df8b85a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
date: Fri, 17 Nov 2023 02:12:12 GMT
last-modified: Sun, 23 May 2021 10:45:41 GMT
server: ddos-guard
age: 380851
etag: "60aa3255-8e8a"
content-type: image/jpeg
ddg-cache-status: HIT
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 36490
expires: Sat, 16 Nov 2024 02:12:12 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 09EA 612 KB
136 KB 554ms
553ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&adk=1812271804&adf=3025194257&lmt=1700567984&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983639&bpp=4&bdt=554&idt=379&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4092285420638&frm=20&pv=2&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=422

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb222bfa2fbbf061499b5fd0686535023ae9e232fd0d01f695c6713da6722b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 138535
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:44 GMT
expires: Tue, 21 Nov 2023 11:59:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1038 105 KB
44 KB 634ms
633ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d4f2b2b91cd6e72c5b546078acb9a1a7075a8f38aeaeb7db6a7b906b15776bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44820
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:44 GMT
expires: Tue, 21 Nov 2023 11:59:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 50A2 105 KB
44 KB 359ms
359ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ff884e2910bc6f60b08372ebcda9f2800ad3dd5c2190e5a615fbdc48dbff0f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44873
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:44 GMT
expires: Tue, 21 Nov 2023 11:59:44 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 50A2 42 B
63 B 124ms
123ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfRHqZ1fc2enUtHJz6elCaU04h9m9V8Be7pUcARO5jGyYJRv47FG6rwtTI0K6c0rKvT8ATAToYWVtMR_zfMhCMnU0NyGNDW2HcUkDR9dEl3UOJBvQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CF87 624 B
246 B 90ms
89ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWv8BnTdrJ0jaNe_GwciYIkEeD3Rm9qziDpIeECa_1mpIAdu6Jf0pPSho4ZOFpRjB_dsHyw4F1Qqoo65ekJ3NVJZsdnIw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:44 GMT
expires: Tue, 21 Nov 2023 11:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 50A2 111 KB
39 KB 197ms
63ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 50A2 7 KB
3 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 13:46:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 50A2 23 KB
9 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:55:10 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 50A2 41 KB
14 KB 264ms
124ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:23:33 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50A2 3 KB
1 KB 217ms
85ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 50A2 20 KB
9 KB 203ms
71ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 50A2 202 KB
64 KB 231ms
94ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:44 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CF87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

43 B
738 B

75ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWv8BnTdrJ0jaNe_GwciYIkEeD3Rm9qziDpIeECa_1mpIAdu6Jf0pPSho4ZOFpRjB_dsHyw4F1Qqoo65ekJ3NVJZsdnIw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKtSpeYNtC7G4Y%2BxerNitumwRRctaGhT95zBveV327WYiNQfUkgzLYydzQW%2Bxz2mIfPYu7Vc1%2FQI5scrOMNsxnSi%2B9Pu9o1RC53b0I5RMHRmuKD%2BgTiqMX2z3dl%2FtqopYlbr%2FJt7%2Fo2nMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8298c4b1f952221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CF87
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVybsAFREXQRrT06cvFNWwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

43 B
740 B

74ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWv8BnTdrJ0jaNe_GwciYIkEeD3Rm9qziDpIeECa_1mpIAdu6Jf0pPSho4ZOFpRjB_dsHyw4F1Qqoo65ekJ3NVJZsdnIw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aCPJOzWdPH9dyRIeil1SSxRvPeQFW8kBEOaEt6Ltcvw%2BX%2BRAue%2FHJWbWXZQ%2FiSPWd7OSG5w1i1%2BQc%2FzQyYKrD0EWhlrBwiXor1kDjX3K69zvpJv6txEmGgDbCj4ktz%2BeHHIqvMJEHhHqXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8298c4b2da33221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CF87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

43 B
840 B

71ms
68ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWv8BnTdrJ0jaNe_GwciYIkEeD3Rm9qziDpIeECa_1mpIAdu6Jf0pPSho4ZOFpRjB_dsHyw4F1Qqoo65ekJ3NVJZsdnIw

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
an-x-request-uuid: 9914a8f5-fbdc-4b1e-8a5a-9de5fac460c4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CF87
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

170 B
188 B

80ms
79ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

Requested by

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
an-x-request-uuid: e179aba7-735b-4c15-888a-8e841d72b0db
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D
x-proxy-origin: 38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1038 42 B
63 B 149ms
146ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ClZoPpx2h8KwsR0zMGjydu6i9DrXo0l9cgV3zJu1e4cxZu-gQbNnSC-ItuPSA-qMsygiBBbmy5CGrRZBLCHiGAClA0efYEjm2P2WvJdSlMviyUc88

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1038 3 KB
1 KB 100ms
89ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7949
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 1038 20 KB
8 KB 85ms
76ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1038 202 KB
64 KB 221ms
202ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:44 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 160 KB
55 KB 107ms
106ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef518d719c3db9bde4ad6c5b9e49c85318c858e6fe235ecb4b9b4b0f1f187d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55784
x-xss-protection: 0
server: cafe
etag: 922065242754027239
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:44 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7811 624 B
245 B 99ms
97ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNW_YErGhJWxKekLDlWvmEE70zZMK67oXElIKBc9ER0tbAf2uH8D94EJOPU8184ep29rP5XaaU2G8aKqgS7Y4DWRHsX9iw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:44 GMT
expires: Tue, 21 Nov 2023 11:59:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 1038 111 KB
39 KB 114ms
112ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 1038 7 KB
3 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79980
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 13:46:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 1038 23 KB
9 KB 75ms
74ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:55:10 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 1038 41 KB
14 KB 120ms
120ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:23:33 GMT

GET
DATA 200
OK truncated
/ Frame 50A2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce2c8ce6adc4b9dbbf38bfeb9132f8efa60cc2983ba37d2e88df532e47b52eb9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1038 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68bb7d2f3d9874b59ec2ecb9195a9a1f278acc2edb490131287a65ff6cc599d3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7811
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

43 B
742 B

73ms
73ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNW_YErGhJWxKekLDlWvmEE70zZMK67oXElIKBc9ER0tbAf2uH8D94EJOPU8184ep29rP5XaaU2G8aKqgS7Y4DWRHsX9iw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmX6QPw%2FOOxJUeA8uUN9bM9lil5ZbUc%2B%2FZnMSm2FAJCmwKRHxcqJZKoKgV0T%2BP1P5Uj2KyTB5kCMR930JO4lKR%2FrP4%2FreAZsIzWdxbLj5d9VEOx7fTAWqZ6T6K1Xdqwm%2F19vHBtI%2FRwGZg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8298c4b2da32221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 7811
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZVybsAFREXQRrT06cvFNWwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1

43 B
743 B

75ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNW_YErGhJWxKekLDlWvmEE70zZMK67oXElIKBc9ER0tbAf2uH8D94EJOPU8184ep29rP5XaaU2G8aKqgS7Y4DWRHsX9iw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sgr%2BU3VqRWo99%2FFjNgrp6W4esHwmqxFsAV95j%2Fd8VZZa9n8ur58AAmbcloRUDpnpKkundBJ%2F1u8ha5hROmkU0qcmQXV3GLG%2F9k%2FnxWQpBvLuUvKC6FW%2F%2FIKtEy%2BLnJnub5K%2FPviYhcz78w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8298c4b36ad5221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHnXXjqlnNdTPmkA9bDa8xs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7811
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

43 B
841 B

71ms
70ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNW_YErGhJWxKekLDlWvmEE70zZMK67oXElIKBc9ER0tbAf2uH8D94EJOPU8184ep29rP5XaaU2G8aKqgS7Y4DWRHsX9iw

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
an-x-request-uuid: a4f36975-5d70-4c8b-973e-c46281bc6f79
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELRKRrEMVeHCH-xSCt1FEMM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7811
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

170 B
188 B

80ms
80ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D

Requested by

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:44 GMT
an-x-request-uuid: c02aed94-bb04-439d-85b2-c8b18665cd5e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA5MDA5NjMwMDQ5OTc0OTk5Mg%3D%3D
x-proxy-origin: 38.132.118.70; 38.132.118.70; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 50A2 1 KB
975 B 297ms
61ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2438896051
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KVDWxce--hw2Lko33mobA5vPqUU2uYgoUykQJDaDbGLv1DfJDVDM1A==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 118 KB
27 KB 203ms
63ms Document
text/html 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e0750e177506d8879cb13ee2c97d4caa4b74833c0b590d9e8a08d2844547aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 313765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27677
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 20:50:20 GMT
expires: Sat, 16 Nov 2024 20:50:20 GMT
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 50A2 0
0 305ms
137ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvMrqwZU5os6iZdeEmIJQHhZAFClBzThxBIPyoZyjimWnkQsgOKWbf-UMLQzZcdEeufvtsByaM8ll7Q0op_W5XR8CJaago9rep2F1szw-EYRsVHQsPx6P-bBAKHaRFzPZszi-5xSiNpxGUJZ6AqfqpMPtV-liUFTQ43BavuX8J0klx1LeNO8IUQQHkIEd84jPs2t9jxPyhyLv-Qqbyj9BZD-6RKqmy1lTsfoVlyzLaKjViVSbAeIzxgmDJ6asfuGJrEQa3RI-s5g2So4gc62IKCSTus-S_jTSGYtptLT0oDVDF4juANF1ccEFc5ekKEvco6MBMwCL9qdsIcH_QmbYOVHl6eFT_9nLlfz6-dWpIOhQ0f9AU8VrJZTC0fD-Ly9gczFttan7COW6t5PvX3ka5sQh9ZinQqzYr2SHk_aFSHH1iPIDfNn1GiPjGPx1rcqa5UyXuJfcjg_gjtAVCxrOrx143lsHi7QpAJXGTA5a9fHp1qrKdXq8ayige9TvQWFeVqVp7FqKONLC90d4VeLEPLXl3-CzQ7cpNWYQffmEHSL1hyShLq2UciEionxIj3VsWBTLmkTAXCJNsw0DLxpeG6A_2le5oxar4O4H2i_Mk1whZ_RgkXhaYpI9bkKs2eBiN2ZI6DowmuGvkLc4NuCrmr64iCCfylhiOyNXPSXBw600vcVHbFRcmwKLkJ5YsITKYIfKSlNPGTsEPPUBMGMfEWyRbxuYhBSfUUoFjGYkVmA71_7UMc2Ouu523VliiRqSO7DNQcKx3kotFZPM1u_Kbmk5sZxhsFsWGUzBUiH-LfpyWphND1CANGuOTjvh_IsDF3RlwsRWKzuQFFcLZtLAbqC10oFopvsxvrqrKGmbr9OmQpV0M5LOfPUoeq1fgu1u5MlQRI5zSsClui4PzTrOQ6mKVp5aytoBrhGL8t-zG8NPw1tVd0atEeuAuFKt3ImI_1fmVNV3Zoj9mEzrr5U7JQ0e7ooZ3tgu8Yz9kWEQ2lnbu9urU1H7jgPpzXsPpvRqP0CIJSxM2K3UThBQLxzKXzcUd2buAVye132Mv_TD-rz6m-M1mBEpOAc7O8Mfia5BqOi8K8qWfil6WZqfwAPqyLu7s5WBtnZrl71taABsWNuzRdry_fJZ_tFqLekxZxVem_XtboWXgk3b9OhIYU_f8vfDKVVj2m7IpnOCwwa4spclJ9Fudvz0Bd51JALsEW6IFUmW6cSGHAlQFNJqWEOjnjWqPPerPsCQl2fp0E0Qaz5Nc4bXaVl2AdSPAPEQgl1TWCg0b-yH1pUtYZOJ9uFhQBHBj5y-dvz4x_Z1LQXPjxZkY5Z5C-omAuOx-_cOYJ4TWLCjRGERuaPDPeDrQiVD0IRShhf1UFBEC9TGVXSRbxvX0kl5mOdLV5nLydHuugHUo&sai=AMfl-YR8oHQv78W63xefWl6r3HQMAOlXhzjP7EOH026rE_YgtXuxbNSjQxCU-N3YXplU8XFujdfmMWUhuZC0mGxDDOyYF8RoiMhA79aNrGelDtyzaj2w0wQ05RynigGz1NozbU8KzD1KtuhqJku-jWecAfY04cU9LRCAN8MWmGG4aPpQk9vuCybvX46dD0hAugRn9UxgNQpVEiOljzQWFU_Y6l6vlMyk_csvi7PjSwB3_uAgt4AVbxBEYKRhOz1FvGXqfELRsO1Uh_gXJVyVkS4BlUEd01EtAYBN4El3dpxL-w6v11fKONAevR614rjc_H_szcwyQKWjIUYGAoEOyHZMoYIkhP3hegswSPirvzISVZ5LiTyC-2iH0SYtHxJmrNkHnWnfyftaii_PzZQ8rYYomE-W4BHna3vdz8ciHynFJR6qYAdL3GQaV2ctp0sA4fr7Ys-sclelmFO-H1A5JQsrnrlHcQr55TR0L1myxOUJjxaxcb6TNsHSx1XZwoBlbM7E1p7_NF_d-LZxxQ&sig=Cg0ArKJSzB3jfBCWYnWOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=336&cbvp=1&cstd=325&cisv=r20231109.55342&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 50A2 1 KB
1 KB 278ms
60ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2438896051
Requested by: Host: kino-teka.ru
URL: https://kino-teka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: JLHZjFkPXekHylLOJ-neI5rH9nnqOk_SB-EWrIPji3K-oYUfd2-FSA==

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C4C 38 KB
13 KB 68ms
67ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 313114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:01:11 GMT
expires: Sat, 16 Nov 2024 21:01:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 9050 38 KB
13 KB 65ms
62ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 313114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:01:11 GMT
expires: Sat, 16 Nov 2024 21:01:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame BE7F 9 KB
4 KB 73ms
63ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:23:29 GMT
etag: 16674218716276178799
expires: Mon, 04 Dec 2023 21:23:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame C48E 9 KB
4 KB 69ms
62ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:23:29 GMT
etag: 16674218716276178799
expires: Mon, 04 Dec 2023 21:23:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 12F5 9 KB
4 KB 69ms
63ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:23:29 GMT
etag: 16674218716276178799
expires: Mon, 04 Dec 2023 21:23:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 955A 9 KB
4 KB 70ms
67ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 52576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:23:29 GMT
etag: 16674218716276178799
expires: Mon, 04 Dec 2023 21:23:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 1038 1 KB
976 B 169ms
63ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3355132417
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ukAiuDSsaSE6S-YqOFcQnNUKWGlW4J07VaZxl4KBELC5yj9VwN7Lpw==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 110 KB
27 KB 210ms
189ms Document
text/html 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ccdbd9ccaeb4b82dd9f121eca2a244fcf78b39049392001374ed122e895877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 391366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27402
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 23:16:59 GMT
expires: Fri, 15 Nov 2024 23:16:59 GMT
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 1038 0
0 179ms
132ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuf_b1sa0gM4PDxzkUGTi4vukh6dUYck-eXHwkDFJVjOlBBOT3PpHRTId4WW6JkQqIwqjU491SFodwfLCG3nxpvstYAHl_PptKgCNlM7DkK3vjBCurtEKhLvX0J6nHnAGyFHm7D4dfPUvcdC2SfnchFr-hFCVFG59KBcxKlZJFhTbIZvBGYp-UpnEhHeKp68XJ8k9Quh-W9s8sFbbAjBKwpIvi4_jSbW2esKMBY5A_3_NcrUPgfR9MhhtJcOq7eutPmsR7M38CSMRYGpTRYD9yR4MWWZV29yo7tHty2Vv4aAbU7wSBWsd8yz5ld36MLHRBD7vj7-XjVl_AevdHAUbNdHD6lVmDXnllZJwK5HmaUL-E2DYxLPlH2Fib2faY6lGD22PFjIKz-lZMln6ydAOrGDRVCaUrHSyk9L74duHnGkRN_8i7PqF4voLVaisxyMLy7vvCllqYzwZ9fbtFTb11qQuvyBSrx3i83HM08tiLoG7PXByFslAFF84ydqvPF0YzkDEqXy6Rs5rtZ_XYHxPLc_sGpWhrEe_yS2Yj_6NsTElzyuNBEFkwutQ6DneA1_xh1S7nnFw1iBy_rJAvuKEcxlkQpcleXHUhOYv8D6oEmpc6ehK0rPfKmY_8S34LkNizMnnbLMbSnd2zfYxlh2KK9qQut1PeKOlnA0cVIdtW-kSJVnVyhh1Nv429g1PPJj_hDt5Z6OeuSgGBILRVxJQ4NxXAsbcFxJ65YMQuGtKWkDB8J-GYHxF84vX4QDk1Pxr5xleEPVIUrk1p3ZaUVXf9ooxYCnKVPGhd9Q_flv-TXwPKc3GUIVqFh7yic5F3XoankkVhQmqsoeKcKlfFoZmQ63vFTLWySi-iZzsmRfBKghurCY9OKSZ9Jkb52U3KDCPOhJ6WIFPlc91TcNH6skYhTggx-ekzYh2KD-duyqCaAWKcjHCec2sXWU1G6M-W1BNj_v3Zx-GsmvOfxOoSNs5TXtQsGkj-3xNf1TBbI-ezwvvukadAQvTwo-I43NMGXw_IDccWwNLe0uE65bWaNk2WmGlnRRREdP67MBhTwZ3b2uVmZHUi2uaPUa5GkyVaoQ_hMjUdzTV3GUSCpWp02JZUaFIZcrwrEGY4c7SjMYyGSlq74RU4QoKHFpTBYpRcdcJ3O9o9pMW1yJT1xNzVKtSNsa8H7hV3nyPySfU2wXCCTRsTIE-lj1aWHGxEOGBeGF8Oux9zUXrewenlfW-3oJx5gGnVAQqwkpnq__jH2cgrLCJalFRNocV3xUWlatjmj_UjDi7UqKjw4fTe9l47K2nhQFNChog7ApNUjISCYPW3qGh_U6XxuI0jjGJabYE9Bhi8lSNeMdRCVCJxQa5XdZOlGoH9iGxMz6B20e6_Y&sai=AMfl-YRGGdRr_HpebPegYk38UpvOV3MGsGrI_SG8Jb7W7lZsW5ZB9q6Ps0pOQ60UdEExVG7ZEjmeggVzFO9soRTfp2BiwItvkSjH67TGwDWZBGNRrd5O6gFCuiD_Hi-66XdIWVVG2klJQEZi-T-3_3mj_y9Lr2ZJfheachS2opnWVIz8MNUhNpBICjEXeWDE2ikyrASNWbV-W-aewYZ2E_xTd0hkjYQvLo44Zl4EPVr-ki8DnEfDR1lABlzTQu_rksRq0cbWFPMxO2-XlPy-RsvsuHXvV6ht2_6mMXIUeAzEhyK5UfEoL9FfVeq6CzCEXCPWwP-IglvVyPwwTuFW3erLAmOwipdU7yMiBVjY9HyQ2RotujTDPOELr12eIm7apNLWJV3Z1N1eXxhzNHvdUfSMmeSmaXpbK2i5l3yPB6rEOdhU5QwYc8UFSizaFOOF01xsOYLXSpt82FXxgtRgbqT6wZQZSfDDATwfUh-m0DTp3qMLa6iJqHA6Qhwvyo1ab1MJUCE63t4Xpb8wSA&sig=Cg0ArKJSzBPuD1AFGEZbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&cbvp=1&cstd=289&cisv=r20231109.72092&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 1038 1 KB
1 KB 162ms
62ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3355132417
Requested by: Host: kino-teka.ru
URL: https://kino-teka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: KxMD8IN2e-ur2mVyGC_vAMv57bN8C77ga-nayAyu9_Ro-7c1qdXVRg==

GET
H2 200 css
fonts.googleapis.com/ Frame 1E2F 7 KB
769 B 80ms
78ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032aa85e34ac48be986af94160989dabe9ffe53e47c55a1d50e0c61669a3114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 10:16:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 1E2F 32 KB
11 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:38:56 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BE7F 4 KB
744 B 84ms
83ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 10:00:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE7F 205 B
296 B 233ms
71ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312984
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BE7F 604 B
1 KB 232ms
70ms Image
image/png 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:04:30 GMT
x-content-type-options: nosniff
age: 528915
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 14 Nov 2024 09:04:30 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BE7F 15 KB
7 KB 64ms
62ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22663
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 05:42:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame BE7F 21 KB
9 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 05:42:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D196 640 B
262 B 88ms
87ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWTktmzpsp1V3qUQ8Seb-l4rbzaH6My-CSfDUdGjji6chUMLVvRP4Zs0rr7tS0kF6LMrdP5jTpOCEEahXE-nkaMXyZ8QA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C48E 111 KB
39 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C48E 7 KB
3 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 13:46:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame C48E 23 KB
9 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:55:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame C48E 41 KB
14 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:23:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C48E 3 KB
1 KB 120ms
118ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C48E 20 KB
8 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 42 B
63 B 134ms
132ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A4z_J5Ck2MLeZge4t16os4p2gkbb_VYvy2O0yzh7ylTmy_BBRDX3k1S_XG0djQKSJNjL8T4LMj7mrpfrchvKtGOo0zgw_VuDon9pU1M7CeobJ-aOU

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C48E 202 KB
64 KB 76ms
75ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 44AD 482 B
213 B 107ms
107ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNX7EoE_l6Q5IkuW0veQCRjvvkp8LLL6yMJok1wupKUw0fk76lF6OE74f--w3cWJ1Kgcht3KvoyvFzn-AOeXeJyN5yayEQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 12F5 111 KB
39 KB 63ms
62ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 12F5 7 KB
3 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 13:46:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 12F5 23 KB
9 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:55:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 12F5 41 KB
14 KB 99ms
98ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:23:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 12F5 3 KB
1 KB 125ms
123ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 12F5 20 KB
8 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12F5 42 B
63 B 136ms
133ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ap287Wo1Ia_y0ItlZMFGRjBDiD3gXDHNTKd6SKsEfX9ZlODw8Z4IO1Elyp89w8AqMFGJ1EAwxjePlj0i37dU8M0MQJLYlbtLpeA_H3hczr6YFnO2Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12F5 202 KB
64 KB 129ms
127ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 258A 342 B
178 B 98ms
97ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV4OPXZMlMx8FFOtEPVlckm1SgI5HNYA07zQgLRNbKHZFYJrh1myVKCddbPfrPdFi864nL6fn6BPvSlE7G9zw9fKktsRA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 158
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 955A 111 KB
39 KB 121ms
118ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 04:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 04:20:13 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 955A 7 KB
3 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:46:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 13:46:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 955A 23 KB
9 KB 84ms
84ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 15:55:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 15:55:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 955A 41 KB
14 KB 103ms
101ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70572
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 16:23:33 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 955A 3 KB
1 KB 122ms
119ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 955A 20 KB
8 KB 83ms
80ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 955A 42 B
63 B 126ms
123ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvF2eLww78TV1A--0Wd7_cYjTrWFdm7DzjjBJ0F3OgfdbI6f2ufXPErIdA-vjiD27aY_Qpke6g2q6Vw5S7Cw_qFn9Xh6HTTrmy8sjWTXjLUAVdEH0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 955A 202 KB
64 KB 162ms
161ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FDFF 7 KB
746 B 153ms
152ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032aa85e34ac48be986af94160989dabe9ffe53e47c55a1d50e0c61669a3114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:26:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame FDFF 32 KB
11 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:38:56 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C4C 39 KB
15 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 9050 39 KB
15 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52575
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 50A2 19 KB
7 KB 65ms
64ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700567985440
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2438896051
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:14:38 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 67508
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: m8myrP0BH4ojXTEXfPuOVB-YYBCVYY-L0tDx9K_tnnn90Z4nUrpGzw==

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 1038 19 KB
7 KB 69ms
69ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700567985441
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3355132417
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:14:38 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 67508
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 6GmMvz1MghALyW-qQXnSf2SGU5uUhdQafOc_rlJefC58ksMp-rQuGA==

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D196
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEi0gOoU_Qadc2jDSz_AJWE&google_cver=1

43 B
61 B

49ms
49ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEi0gOoU_Qadc2jDSz_AJWE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWTktmzpsp1V3qUQ8Seb-l4rbzaH6My-CSfDUdGjji6chUMLVvRP4Zs0rr7tS0kF6LMrdP5jTpOCEEahXE-nkaMXyZ8QA
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEi0gOoU_Qadc2jDSz_AJWE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D196
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYyZGRiZGItYzY3Mi0yZDc3LWQ5NmYtZWQ4ZjdkNDQ3MTEz

170 B
188 B

77ms
77ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYyZGRiZGItYzY3Mi0yZDc3LWQ5NmYtZWQ4ZjdkNDQ3MTEz

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWTktmzpsp1V3qUQ8Seb-l4rbzaH6My-CSfDUdGjji6chUMLVvRP4Zs0rr7tS0kF6LMrdP5jTpOCEEahXE-nkaMXyZ8QA

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWYyZGRiZGItYzY3Mi0yZDc3LWQ5NmYtZWQ4ZjdkNDQ3MTEz
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

um
sync.teads.tv/ Frame D196
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESENeIJiue5Y-ZRHhYC-J8H1g&google_cver=1

23 B
279 B

153ms
75ms

Image
image/gif

23.51.57.155
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESENeIJiue5Y-ZRHhYC-J8H1g&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNWTktmzpsp1V3qUQ8Seb-l4rbzaH6My-CSfDUdGjji6chUMLVvRP4Zs0rr7tS0kF6LMrdP5jTpOCEEahXE-nkaMXyZ8QA
Protocol: H2
Server: 23.51.57.155 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-155.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Tue, 21 Nov 2023 11:59:45 GMT
pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESENeIJiue5Y-ZRHhYC-J8H1g&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D196
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjczNDg1ZmItNTk3MS00MWNiLWFmNDUtNTUzNmQwMjUyN2M1

170 B
188 B

78ms
78ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjczNDg1ZmItNTk3MS00MWNiLWFmNDUtNTUzNmQwMjUyN2M1

Requested by

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: pekko-http/1.0.0
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=YjczNDg1ZmItNTk3MS00MWNiLWFmNDUtNTUzNmQwMjUyN2M1
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 1E2F 32 KB
32 KB 77ms
68ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H2 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 1E2F 33 KB
34 KB 89ms
81ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:20:24 GMT
x-content-type-options: nosniff
age: 398361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 21:20:24 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2404 14 KB
1 KB 94ms
93ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:45:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2404 2 KB
822 B 63ms
63ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 19:46:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2404 23 KB
9 KB 78ms
78ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 19:46:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 19:46:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2404 3 KB
1 KB 79ms
77ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 09:47:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7950
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Dec 2023 09:47:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2404 20 KB
8 KB 79ms
78ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 21:43:34 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2404 202 KB
64 KB 91ms
89ms Script
text/javascript 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 2404 37 KB
15 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 21:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 17 Feb 2024 21:43:34 GMT

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame C48E 1 KB
975 B 67ms
67ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=407117313
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ncRtwcrQRBA6mMXPRrhGzJ-xZL-ctU_mL4H90LKcOJmntQntIMP88w==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 113 KB
28 KB 78ms
73ms Document
text/html 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e037d4e0c461f11ae88c84b123cbbfea930e6f2f8f367b21d4e51c810174d4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 70598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28785
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 16:23:07 GMT
expires: Tue, 19 Nov 2024 16:23:07 GMT
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame C48E 0
0 135ms
133ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsslDe88JdtFM7XaZWVwOyYlr_5xYH7wkqXUuF_8VuUKt9mfNoBdAXnv-Bbb4DxvMUWGKX7s8kPA3n_0A1IVMiRgHQblarIbwWDQlGcJnu4vn5QD5BFCZLN2jO7850zzlqHbESHfBlFTnZwvN3YH9a9hdfJ3O5ffcasoLg5SAlIVkI68C0n6tUDxDTGkZ54FffSenB3e0y5NfWDd5aayirnHpUpeW8jEDlPdl-gOkOOaMMpmHgzR1SeHGmxDIMSKNPphje9gjID0vnLWuq5MAWqx2BWOw2tdYetusZ0KbcGfwOM7xbCtlWb2usSXgwSVGl1TObCCsJQuO49RFlqDjb-Y6Vnxc3Wn5rUIlFfZelwDzmEjQOqPjh6zoj26182ma2v_YgxT1C0brWp2Njvp7b8iTuaOq1_PJj3LfLciOoG09QPMXKIxFEhek_Q6i_3Ziq6klRx9zFAFkLlTWK4CICETgTx3N_3iOWrjSNBdu6zq1sVd7jC2L0lF7k-5UFJ7iZ33bziXk109omRxdT83eWJSlIG9L-NC9ZU0vn161akaSCNbizXLoOplUOhikrrk5c0iAETHsV2wlmE7uVcOnHkL7Tc5RyVCcBD_bezqU30elRwfQYvqvyvDSQd8FzqvBnkJpdvAQBANWduWZTFQ_e3Im7KQZ-g4GXONW6IMNtDk79rRyhz_DAsm6hUNhwQOxhAppPFxk4IGhtD2qdF8KU7CnYdBKlZJToGVjVMHMc-nxpnN7EP-0_-m1GbsUL1wbjQZxZc2XrsjKkizuVrxjIeLDQGkPN1dm8j7gsZOR3tJregHzJ2mfVaMZLvpgozFpm49yGCpLhGN3YeTyebCF8etkDtyOeXv9Q5RwAd2HZd2TjnWNZeNKz0hGqmPiZBmP2cn0pvKGRCEwMePowXZRhG4sYDsyKloqXDBeNeP31yiUF5cbX5ROnM0dRAqm39kfP8wiYvdAqCbToWPN1Z3NLV8aZDJH8ZT-EXpnCA2ifz4AC-BnzD7wLuwM9_je16W0ezl9fp2Ckq0WV0n03HJV_Cu7f_WQXiVE3Yv9LPlWQWAa2f62CYDxx69JL-aVfPlFLXZltYJxL7jUr3BEtiljBR8a4nb5TCvOXtce8GjtqqBDJ3zLgW0zvMcgkosHejdPDb_AP9LAALW5d5f-clcc7375qD2gu8ZT8r1PrcicpxoeiN3E6taBBUC8EYYYMLEI0_nXablCe5DK1lJQ7QUvB3pjx6ks5wNACUm5Vv3Y062LrmnDvct817klhFNmyvUOpQvINxlxuhxesSGse8wuaDjDISrMQHAlrda-CdmEwW0msT8WKODTYKJxHuko9niJfHO6SoD3oFK40FkGtujzAhkKs7MHE8rxhLvvkgDyw&sai=AMfl-YQPM2qP89Jt51t6DFKBjWvIlxNYAcKK57W10S749mO2iHxNP-pfI-niRGvI_XH1aObB0A_-kq_h5QEjxa4ZlSp2TxduaMhN_PBFcI4fJ_zSoUGQU0NRTtA6ouLzJVy-1d_Cg3ugzcPWfOBURygtVLwA4GNS_VK1RPT64G72b6btphKAIbwH5O5UVNTq6qRpi_hg936bq4YyX3HdCWfpnbxegE47DS2IqRGf_5n9oLX267HOKC-OSjxZmg1GPC2XyjniJWir69rDRj8D1fBYUKXihTXwViSYJO_a_9eI644zJhvuVnE9yGGMtO_rj0pZ2N-NKVFupJfA6x8aOGAqo0zFWamKktGNChwPMROWa16y7ei1h-Fqeh2pjQ6h8I8Z2cfYO31UtcYw8Gr48ufBXO4Kamun24GSYhO6R-rrvqXZopWXM6IHHYKcUvB3Szw77x93x3aqILotDQ8ilt5LZgmKlMeiOcGGvWGPukCUn88zfQnQql3rpl-BFISPAf61SVjsihSTsqs-OA&sig=Cg0ArKJSzCev5hMW2GZGEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=200&cbvp=1&cstd=198&cisv=r20231109.35174&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame C48E 1 KB
1 KB 60ms
59ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=407117313
Requested by: Host: kino-teka.ru
URL: https://kino-teka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Gk2gAebjAiKKZuX80G-xt25O0Je2Po5kO1__9D2Ip0utGBUC6N6fGQ==

GET
H2

200

sync
partners.tremorhub.com/ Frame 44AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
https://partners.tremorhub.com/sync?UIGL=CAESEHzjJrG_xLzXWLwBRNSYlBI&google_cver=1

43 B
175 B

196ms
58ms

Image
image/gif

2600:1f18:612b:4264:daa9:3300:1f77:ca7c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIGL=CAESEHzjJrG_xLzXWLwBRNSYlBI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNX7EoE_l6Q5IkuW0veQCRjvvkp8LLL6yMJok1wupKUw0fk76lF6OE74f--w3cWJ1Kgcht3KvoyvFzn-AOeXeJyN5yayEQ
Protocol: H2
Server: 2600:1f18:612b:4264:daa9:3300:1f77:ca7c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 21 Nov 2023 11:59:45 GMT
server: nginx
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://partners.tremorhub.com/sync?UIGL=CAESEHzjJrG_xLzXWLwBRNSYlBI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 283
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

partner
sync.search.spotxchange.com/ Frame 44AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAW_rJ_QC-fHJYpJn7KDngA&google_cver=1

0
0

GET partner
sync.search.spotxchange.com/ Frame 44AD 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 258A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KeU1ENjBWRTJ1SFF6U2xtOVVNUnUxX2NZdUxCWWhfWH5B

170 B
188 B

79ms
78ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KeU1ENjBWRTJ1SFF6U2xtOVVNUnUxX2NZdUxCWWhfWH5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV4OPXZMlMx8FFOtEPVlckm1SgI5HNYA07zQgLRNbKHZFYJrh1myVKCddbPfrPdFi864nL6fn6BPvSlE7G9zw9fKktsRA

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1KeU1ENjBWRTJ1SFF6U2xtOVVNUnUxX2NZdUxCWWhfWH5B
date: Tue, 21 Nov 2023 11:59:45 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

user-registering
ads.stickyadstv.com/ Frame 258A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEP_GseKYwaU1W5andXHfSIE&google_cver=1

43 B
648 B

215ms
70ms

Image
image/gif

63.251.28.133
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEP_GseKYwaU1W5andXHfSIE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEYgIKG_AEwAQ&v=APEucNV4OPXZMlMx8FFOtEPVlckm1SgI5HNYA07zQgLRNbKHZFYJrh1myVKCddbPfrPdFi864nL6fn6BPvSlE7G9zw9fKktsRA
Protocol: HTTP/1.1
Server: 63.251.28.133 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 11:59:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1700567985849002-255

Redirect headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEP_GseKYwaU1W5andXHfSIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 258A
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDliN2RkZmJkNmRiOGU5YTM0MWJhYTRkNTdlNDRjZQ==&gdpr=0&gdpr_consent=

170 B
188 B

80ms
79ms

Image
image/png

142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDliN2RkZmJkNmRiOGU5YTM0MWJhYTRkNTdlNDRjZQ==&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 21 Nov 2023 11:59:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=ZDliN2RkZmJkNmRiOGU5YTM0MWJhYTRkNTdlNDRjZQ==&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1700567985824086-321

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 2198 38 KB
13 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 313114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:01:11 GMT
expires: Sat, 16 Nov 2024 21:01:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 50A2 0
0 126ms
125ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvMrqwZU5os6iZdeEmIJQHhZAFClBzThxBIPyoZyjimWnkQsgOKWbf-UMLQzZcdEeufvtsByaM8ll7Q0op_W5XR8CJaago9rep2F1szw-EYRsVHQsPx6P-bBAKHaRFzPZszi-5xSiNpxGUJZ6AqfqpMPtV-liUFTQ43BavuX8J0klx1LeNO8IUQQHkIEd84jPs2t9jxPyhyLv-Qqbyj9BZD-6RKqmy1lTsfoVlyzLaKjViVSbAeIzxgmDJ6asfuGJrEQa3RI-s5g2So4gc62IKCSTus-S_jTSGYtptLT0oDVDF4juANF1ccEFc5ekKEvco6MBMwCL9qdsIcH_QmbYOVHl6eFT_9nLlfz6-dWpIOhQ0f9AU8VrJZTC0fD-Ly9gczFttan7COW6t5PvX3ka5sQh9ZinQqzYr2SHk_aFSHH1iPIDfNn1GiPjGPx1rcqa5UyXuJfcjg_gjtAVCxrOrx143lsHi7QpAJXGTA5a9fHp1qrKdXq8ayige9TvQWFeVqVp7FqKONLC90d4VeLEPLXl3-CzQ7cpNWYQffmEHSL1hyShLq2UciEionxIj3VsWBTLmkTAXCJNsw0DLxpeG6A_2le5oxar4O4H2i_Mk1whZ_RgkXhaYpI9bkKs2eBiN2ZI6DowmuGvkLc4NuCrmr64iCCfylhiOyNXPSXBw600vcVHbFRcmwKLkJ5YsITKYIfKSlNPGTsEPPUBMGMfEWyRbxuYhBSfUUoFjGYkVmA71_7UMc2Ouu523VliiRqSO7DNQcKx3kotFZPM1u_Kbmk5sZxhsFsWGUzBUiH-LfpyWphND1CANGuOTjvh_IsDF3RlwsRWKzuQFFcLZtLAbqC10oFopvsxvrqrKGmbr9OmQpV0M5LOfPUoeq1fgu1u5MlQRI5zSsClui4PzTrOQ6mKVp5aytoBrhGL8t-zG8NPw1tVd0atEeuAuFKt3ImI_1fmVNV3Zoj9mEzrr5U7JQ0e7ooZ3tgu8Yz9kWEQ2lnbu9urU1H7jgPpzXsPpvRqP0CIJSxM2K3UThBQLxzKXzcUd2buAVye132Mv_TD-rz6m-M1mBEpOAc7O8Mfia5BqOi8K8qWfil6WZqfwAPqyLu7s5WBtnZrl71taABsWNuzRdry_fJZ_tFqLekxZxVem_XtboWXgk3b9OhIYU_f8vfDKVVj2m7IpnOCwwa4spclJ9Fudvz0Bd51JALsEW6IFUmW6cSGHAlQFNJqWEOjnjWqPPerPsCQl2fp0E0Qaz5Nc4bXaVl2AdSPAPEQgl1TWCg0b-yH1pUtYZOJ9uFhQBHBj5y-dvz4x_Z1LQXPjxZkY5Z5C-omAuOx-_cOYJ4TWLCjRGERuaPDPeDrQiVD0IRShhf1UFBEC9TGVXSRbxvX0kl5mOdLV5nLydHuugHUo&sai=AMfl-YR8oHQv78W63xefWl6r3HQMAOlXhzjP7EOH026rE_YgtXuxbNSjQxCU-N3YXplU8XFujdfmMWUhuZC0mGxDDOyYF8RoiMhA79aNrGelDtyzaj2w0wQ05RynigGz1NozbU8KzD1KtuhqJku-jWecAfY04cU9LRCAN8MWmGG4aPpQk9vuCybvX46dD0hAugRn9UxgNQpVEiOljzQWFU_Y6l6vlMyk_csvi7PjSwB3_uAgt4AVbxBEYKRhOz1FvGXqfELRsO1Uh_gXJVyVkS4BlUEd01EtAYBN4El3dpxL-w6v11fKONAevR614rjc_H_szcwyQKWjIUYGAoEOyHZMoYIkhP3hegswSPirvzISVZ5LiTyC-2iH0SYtHxJmrNkHnWnfyftaii_PzZQ8rYYomE-W4BHna3vdz8ciHynFJR6qYAdL3GQaV2ctp0sA4fr7Ys-sclelmFO-H1A5JQsrnrlHcQr55TR0L1myxOUJjxaxcb6TNsHSx1XZwoBlbM7E1p7_NF_d-LZxxQ&sig=Cg0ArKJSzB3jfBCWYnWOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1056&vt=11&dtpt=720&dett=3&cstd=325&cisv=r20231109.55342&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 12F5 1 KB
975 B 71ms
70ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2954076990
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: wal1tmPfRm10C1OGwcytzCWtLHDT-xmQ9HkJGzBzqB-FLraCvksByg==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 113 KB
28 KB 98ms
63ms Document
text/html 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e037d4e0c461f11ae88c84b123cbbfea930e6f2f8f367b21d4e51c810174d4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 70598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28785
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 16:23:07 GMT
expires: Tue, 19 Nov 2024 16:23:07 GMT
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 12F5 0
0 148ms
138ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvhoJ1yNOJJLdvFFS0Wbswx1O5AYpz0UrSKU3R_UqPTzFUDO9wlHtHGhZ1ms8Pn0rt0vf1SPK9G9FgC6p8FF770Owh0_AFLK1TDgDBoiXLd1JR4Plw1TcgxCmqbFqebr47sPA3dWFC38aCEsnb9Hu7PSZVfaCV3IAtVya_NsGIf1RbCVnrJ1QL5FHUDnc3NvqWfuJF20zvrSn4nWRolcopOn43B0-37QXp3UBRigaRuCfJCm4aUibiq8gCtEQTQVlpRz05OkSUVsDb2eWilxh9iOQOzUGTHzYx4kviHQhbigEiMgLiGVK5BhDfE61GDz5LDNw5X_EUwfbIYQOieGBXwEbGEJUZpTuqqdCULBSwdz-SUGjjyTLXFTqzAZIXWuwHQoT59yovqKfN367OIx1GsLYR9THKKfxL7wucjiCZWSZSHdHDGroaaL3V10VlA3fQrlK-Hk23GV-04D5atr3BOHP7As9vQFyJcWwlgmXIDfgEe0BxvhGuPW7JCO5z6rhzBlz8QsMqD-K4OYSpsGrfdEcqUha96L9pldVcZCA5waGd4Ts7shALMrLk33Z62JN2KhFpREVg-fjWWP80H4f1mOx062EH0AC-x7ePPuLKyDWn9iR5qXXsxtqtNkH993Ypsvtq_Rj1nIAsyIV836iD_Q6KQzEP6zuGGEt3yfaeXPNzeQ9sElLjd4Ybq_a6C-yN0MHFWq9qdrV0qWjtYImi3Fzw83Ymmd20s01fMDT4GQGHBUYLSTuVAL1SQQxckoWbH0LnYIM-kmvTc5MRcouMIY5ztTrmXAMWEC1PZxxafu27HRLigDkB4mKTU5Ro6938HtUlnhpp_1LloXt8fmsWL6ptFNuiLbazN14nnnjVBoaTYZEwvyxFxQIViDCB2wAR8NALgHXQepoHLA9Ka8MFVE_ut3Rwk59Cl3rRCBAPFqJMruAr0-E4zb4ljF65U5BZaHojnxAMk-nzk3U_OMdEEh14Xs0UfxErpe7zm0rS3Ck7xTRJBhSGrwTmC_-YDas49lWnrAD0f4CS9PR3J1RPu54BiX14z6H5ejAzYrFzbiL_XVmsyAV0eVfHo5JEfGN_7Da8aVka82hWzpTiAJYkVWlL4Kd9qbqsYuuW4lGT7t923t5X_UPiAYNtxWiT5VVAAj6rtayoH3YE-NIHvOxfbfTxEgpJOuT8UkSEA2r29gsJW3yTeSNSB-Nxeo5CkoNCLEzHv2xiuFYpc353-_X-p9oehw7eOaZHUiP2pkUt2wf4LwZn1AF0nKPv3iagI8GA1Z7ajeGlh-PatTCM6tkKE-CSynThyPkq_3vpqvxFnMciuRG8NDsTb3G514LCa0A6Kqp90cmBBnF1p8E5ZBiPTMpvQw7ZqBlvbSC11&sai=AMfl-YQxtRq-wJWDXcxH2PxPrS3GtLIuYEafDZNlt7NhM3EMXfCQ1sZibLKObFi7Ir05DJQO75ww-CPBsQWwFHXQLUCQNNf8I9Bsq1Yve-y2Dl4YpG6w1xUm7hrnev2BRx6yuk1g7EXz1EOVy114LBU-UisvLkU2wIjZZdrZLPCFiJ-kUOlp_9PcBCuSFkj95LvqehhXXYm9OKBu_nXqijtjnfowWhLDp0VPZJWgHCy0JT-zeQrvEAZux7XF8u3DQHmsh-Hct_fyDYPl5WpEdirtEST9toGaw-_NIjfAtEkbVTvVxxD-k79gVYBGOz6Mh8Ez84S31Ve5Xq6puqWwnF_K3zogHUljNV0i94M_CiJYkzbvZLtMgU3WqzCkT_l007f2z487e9tjenODDDxRvOtZPOoMNpWMF25BSO5MlsdKcDySvEqQ8OMObd4E1ftRP95Sp1FM5ZOUZNZ8eP_mEdbQqVcDl_AfPkdEgbIYcPEmfnwgxoyAta360K31wKw1z7rumDiGdDvGcCuPTA&sig=Cg0ArKJSzDhtp5VASmV_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=338&cbvp=1&cstd=336&cisv=r20231109.55694&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 11:59:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 12F5 1 KB
1 KB 71ms
59ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2954076990
Requested by: Host: kino-teka.ru
URL: https://kino-teka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 2Y8M2bbCljPnTBllYp5T6Eqb72GvBR-yFu4SWnIpMHUGg1QXzas79g==

GET
H3 200 css
fonts.googleapis.com/ Frame 068A 7 KB
673 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032aa85e34ac48be986af94160989dabe9ffe53e47c55a1d50e0c61669a3114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 10:22:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:45 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 068A 32 KB
11 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:38:56 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E4EC 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 313114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:01:11 GMT
expires: Sat, 16 Nov 2024 21:01:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 955A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 59dad3681e3bd2766fdd65d83f70aff2c533479f65e72680787f729c850296f7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BB68 38 KB
13 KB 67ms
64ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 313114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 21:01:11 GMT
expires: Sat, 16 Nov 2024 21:01:11 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 50A2 74 B
322 B 512ms
146ms Image
image/png 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?997864136120=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 1038 74 B
323 B 504ms
143ms Image
image/png 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?1418690289070=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 955A 1 KB
975 B 60ms
60ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3988134971
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: CyIW2fgTmddkw7_kSCCXwJkWgDmSi1c6ppoB5aR5nHFcx9Un2xCjXA==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 107 KB
27 KB 67ms
64ms Document
text/html 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce0fa80edea35761531b5332e98466f58aefa46d4d4525d60e79694e1be9bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 457118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27262
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 05:01:07 GMT
expires: Fri, 15 Nov 2024 05:01:07 GMT
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 955A 0
0 137ms
133ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu7Seuu7elqsQtHf_4tR9IqmMoODUlnDUZHxoZdCak2fUE96y1BFvbCRbKQ6vKkKJhBU1P6ukj-MxRpTA41yoyr836XpdPpHR9jcei6vZyDEBE-KAdkAOJwoaLnMOzsuZYAX1zavx7ngsR_QZF3Iu6PYFGXx_e2vDu8hfQ5rkMdydcrRKO8bIZWii0s9t3vA0Jzo0k4XVdCDdP8hT-ARwBCzngceW8QgqMGm9AvsLbVG0KU6lyY5v5Svfsr7BM2vK_mwm6sE-g5Ri_9Ry8F-uGzSqQml4H7IMShnWiWUu-lhIPTNwyiNUOjuQ2WvoU8WDar1ks3AUlU736P8JWut9pHkqNGkoQWjCn15ZyF4ICsE7LvV8dqqmrDvFA9iOromxhmK8-MPyM0Ryt2sDyYtoMLe_VcOwtFBJtSLQjs-QbEBXGo7D5nX8BrGpXcYEdi6tpXyVWWgnA7pVu489aFOuQ3lIQRfKZzSHgdDq2CaOpF3kbCG3YAhReFb_LlD5AC-4q6-4JhNE4RgDkZPuZVIFS2AD-TcEjvFpzFT_2OWYqZT5H7Cj2WePxG3subl7--SrivLKdjCV403gbkdOeudTOVNjFK9fDtB9yyJCYChxkEEIGgOp5Jx-ywh_Txp3k5qfDeyFBf9l03xK6YUILsythUIhQ8K4nvKE6oBj0Tg5JW42YSyML8paHUbVuwfQfP2L08bZ4ATBR0hW3vAxX9Yn2E949IDHIabazfYIsTWBeypXMcP4EmjDz-0DDn9OAk9oTaJJqkL6TSb-D6xqMAa0_RgPLHYxQtOnKvL_hpmg5HhTZ7PfeIc0jiLXwnFQl0hmgqJkH_0AjP39K_B1j04iPwTmUzhW1IbHZlx0L6eZYtKyW51UAMsc1pU1qjSagRkbEHTLnwbsdN7nCHOv4ASUB0pZy_zlu1CmOjhNBi1dTUH36MwtMmD92-C2permH8wpCxh8ZkAD94R4537qjXyiOJmOdE9CUTigedCHQHAX0jnC4HQCF5OSCY9NAHYWLicb0NZBsToUkRdg8MPG7wRwyQ8ldkz8lL9D6gnEVRrI11IjnEON0NvXjuFWjhGaYCAnk_sZMchOIAo6J7NFU9x5Z9WzQUEPqjRokVwuIVDxNZ6o6KXepR31z32F77OYrlWmBLGfSdr4QkjvPu0LcPdXryst5o2iXenailoxi9qxsgPj3YxTQlcutYVcbYcp3rFitpC3MH66A7F1vteqe4IF6qb8BOVjy0_INlmC80sTnmNlF--2WKVnYLFJMJ_uu0s0LTeyO0tATTo0SfwJV0GwDMtRII4aMCjgEJ8-EvfohBqYKEfCYeH7QsHbIPJ6T9aC4uxo47tyGLK5fQlCDcZYfwxqn3rNuKzyXO2LzYlg&sai=AMfl-YS9k85-FoPB2huUEfqeCIZxmwVjJYFJftfM1hcX7Jf0kVyov9b9EYOXEGrcRKhesZNPZFNAFPU2z-1qPy-gsHMA_MTiuhLK0JJAGbdfGJOSIkMhYhQPrjtSDo4c0trzrf6vTITqt7AK8UFZgJeHS-P_CjobP5dFtIdCY270zDWYDCxDcTUMY1Sjigynv4_EnoIQXOrWPk53wAw__ImCAp65us_hAMfZsaQZDzwMW2R1CZs3G0SnOISQbxCSdtycjPQsoPTH6YiilglLu6FPG--cXdELFmNDU3cvqBKq9maNjdnox8zqcFsbcP5Ik01h3jGI9CXhVbiLNuC8PC2Z3aiiQ3h5yLUo9XOVwtpSM7C47BOO1wYDwrMn7ZoXpTarfUTARNptppSPbcJVrlkdXrLmp_BhX1ykvlzM1259FkOxmdCvj4nWXt6eGrdGh5eK2OAwdJOyEA6__HaGskICY1fz0Zca1ohP-xl8nDTrunZ9xnI2eq3-6KHCJYsCJovEs835Q15Fu9DTJg&sig=Cg0ArKJSzPclstl26HiwEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=544&cbvp=1&cstd=541&cisv=r20231109.88377&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 n_one_vway_bahia-principe-es_np.js
bucket.cdnwebcloud.com/ Frame 955A 1 KB
1 KB 63ms
59ms Image
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3988134971
Requested by: Host: kino-teka.ru
URL: https://kino-teka.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 13:10:03 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 82183
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: p7ef_V-CN5Msvzm-dRcG1JCXi4WlhL3kYY0gMuMzO0EH8ywAEz7ZRw==

GET
H3 200 css
fonts.googleapis.com/ Frame F2A7 7 KB
673 B 79ms
78ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032aa85e34ac48be986af94160989dabe9ffe53e47c55a1d50e0c61669a3114f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:03:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:46 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame F2A7 32 KB
11 KB 147ms
146ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:38:56 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame C48E 19 KB
7 KB 62ms
62ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700567986068
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=407117313
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:14:38 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 67509
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oM3xpGoWORm8CjR2YNwDSd_DqcXSiBJu4_dA0Uc9I--B_H4EbC7v4A==

GET
H3 200 css
fonts.googleapis.com/ Frame F62D 8 KB
699 B 78ms
77ms Stylesheet
text/css 2607:f8b0:4006:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,500,italic,600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

afa3526bf5919d08afdcd76f6073328f2b3a22c2d9a7b7da23549565dedeb649

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 21 Nov 2023 11:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 21 Nov 2023 11:12:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 21 Nov 2023 11:59:46 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame F62D 32 KB
11 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 07:38:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Nov 2023 07:38:56 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame FDFF 32 KB
32 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame FDFF 33 KB
34 KB 68ms
68ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:20:24 GMT
x-content-type-options: nosniff
age: 398362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 21:20:24 GMT

GET
H3 200 foto1.png
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 139 KB
140 KB 72ms
69ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/foto1.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5289248527779775064e4eb5783fdcde8af072da511b7f53cf0b88681474b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:04:09 GMT
x-content-type-options: nosniff
age: 312937
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142801
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:04:09 GMT

GET
H3 200 foto2.png
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 172 KB
172 KB 83ms
79ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/foto2.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a46f02f4f55f50b063cecaef0b5d4764b65062e29a8bc839f4b334bc7fc829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:21:36 GMT
x-content-type-options: nosniff
age: 398290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175816
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 21:21:36 GMT

GET
H3 200 foto3.png
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 209 KB
209 KB 118ms
115ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/foto3.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f85d646378b4dc1e8e723bbe6884187fbb9dc471af567b34922390675ca81180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:22 GMT
x-content-type-options: nosniff
age: 313764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214132
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 20:50:22 GMT

GET
H3 200 blackFridayHorizontal.svg
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 3 KB
2 KB 131ms
128ms Image
image/svg+xml 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/blackFridayHorizontal.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e5c08ce26533bec86c3901d0e3753d785ac215a6a19aebd78ae1d840e0a575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313764
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 20:50:22 GMT

GET
H3 200 foto4.png
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 155 KB
155 KB 132ms
128ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/foto4.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5109899a9a14ee19a81404da149f4b822291313bd3099673e2bdd2c851a60df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:21:45 GMT
x-content-type-options: nosniff
age: 77881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158353
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:21:45 GMT

GET
H3 200 fondo_300x600.jpg
s0.2mdn.net/sadbundle/9289483819574382602/ Frame 1E2F 23 KB
23 KB 133ms
130ms Image
image/jpeg 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9289483819574382602/fondo_300x600.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d157b59a46832586d78c72d2cb4198d24c708ec1f29ec3b12d5cd3969000fb3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9289483819574382602/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:02:27 GMT
x-content-type-options: nosniff
age: 529039
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23761
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 09:02:27 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 12F5 19 KB
7 KB 69ms
68ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700567986170
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=2954076990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:14:38 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 67509
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: dZGiAUSEe_qYFemoiSlHRR30F3q9ofvbDQbu5tO5PPiR0CI5aL0PJA==

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame 50A2 0
105 B 235ms
144ms Image
text/plain 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?415760975147&n_o_aut_tc=379490306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=600&slotname=8732779422&adk=3701649838&adf=1014717107&pi=t.ma~as.8732779422&w=300&fwrn=4&fwrnh=100&lmt=1700567984&rafmt=1&format=300x600&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567984165&bpp=4&bdt=1080&idt=4&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1015&ady=505&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=13
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame 1038 0
106 B 226ms
142ms Image
text/plain 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?1452130787565&n_o_aut_tc=379490306
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6613443842213053&output=html&h=90&slotname=4016156857&adk=785636279&adf=3786778272&pi=t.ma~as.4016156857&w=728&lmt=1700567984&rafmt=12&format=728x90&url=https%3A%2F%2Fkino-teka.ru%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700567983643&bpp=2&bdt=557&idt=436&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4092285420638&frm=20&pv=1&ga_vid=1960447410.1700567984&ga_sid=1700567984&ga_hid=1360099114&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=236&ady=450&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079437%2C31079628%2C31078297%2C44807764%2C44808149%2C44808285%2C44809056&oid=2&pvsid=4326152306613288&tmod=1724122904&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=446
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2B87 39 KB
15 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 23:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 303524
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15051
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 23:41:02 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2198 39 KB
15 KB 71ms
69ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 955A 19 KB
7 KB 63ms
63ms Script
application/javascript 54.230.163.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1700567986209
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=379490306&ord=3988134971
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-129.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 17:14:38 GMT
content-encoding: gzip
via: 1.1 6f773b38a039c4c643665ffcabe35fd0.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 14:02:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 67509
x-amz-server-side-encryption: AES256
etag: W/"3c5a63b88b693279fc4d9dcff91d29c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: QTABRCZM6EvrDyUwXV0ZSTNgjhsGVlF5hjL9aIlgZRLpglE9LljWDQ==

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame C48E 0
0 145ms
145ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsslDe88JdtFM7XaZWVwOyYlr_5xYH7wkqXUuF_8VuUKt9mfNoBdAXnv-Bbb4DxvMUWGKX7s8kPA3n_0A1IVMiRgHQblarIbwWDQlGcJnu4vn5QD5BFCZLN2jO7850zzlqHbESHfBlFTnZwvN3YH9a9hdfJ3O5ffcasoLg5SAlIVkI68C0n6tUDxDTGkZ54FffSenB3e0y5NfWDd5aayirnHpUpeW8jEDlPdl-gOkOOaMMpmHgzR1SeHGmxDIMSKNPphje9gjID0vnLWuq5MAWqx2BWOw2tdYetusZ0KbcGfwOM7xbCtlWb2usSXgwSVGl1TObCCsJQuO49RFlqDjb-Y6Vnxc3Wn5rUIlFfZelwDzmEjQOqPjh6zoj26182ma2v_YgxT1C0brWp2Njvp7b8iTuaOq1_PJj3LfLciOoG09QPMXKIxFEhek_Q6i_3Ziq6klRx9zFAFkLlTWK4CICETgTx3N_3iOWrjSNBdu6zq1sVd7jC2L0lF7k-5UFJ7iZ33bziXk109omRxdT83eWJSlIG9L-NC9ZU0vn161akaSCNbizXLoOplUOhikrrk5c0iAETHsV2wlmE7uVcOnHkL7Tc5RyVCcBD_bezqU30elRwfQYvqvyvDSQd8FzqvBnkJpdvAQBANWduWZTFQ_e3Im7KQZ-g4GXONW6IMNtDk79rRyhz_DAsm6hUNhwQOxhAppPFxk4IGhtD2qdF8KU7CnYdBKlZJToGVjVMHMc-nxpnN7EP-0_-m1GbsUL1wbjQZxZc2XrsjKkizuVrxjIeLDQGkPN1dm8j7gsZOR3tJregHzJ2mfVaMZLvpgozFpm49yGCpLhGN3YeTyebCF8etkDtyOeXv9Q5RwAd2HZd2TjnWNZeNKz0hGqmPiZBmP2cn0pvKGRCEwMePowXZRhG4sYDsyKloqXDBeNeP31yiUF5cbX5ROnM0dRAqm39kfP8wiYvdAqCbToWPN1Z3NLV8aZDJH8ZT-EXpnCA2ifz4AC-BnzD7wLuwM9_je16W0ezl9fp2Ckq0WV0n03HJV_Cu7f_WQXiVE3Yv9LPlWQWAa2f62CYDxx69JL-aVfPlFLXZltYJxL7jUr3BEtiljBR8a4nb5TCvOXtce8GjtqqBDJ3zLgW0zvMcgkosHejdPDb_AP9LAALW5d5f-clcc7375qD2gu8ZT8r1PrcicpxoeiN3E6taBBUC8EYYYMLEI0_nXablCe5DK1lJQ7QUvB3pjx6ks5wNACUm5Vv3Y062LrmnDvct817klhFNmyvUOpQvINxlxuhxesSGse8wuaDjDISrMQHAlrda-CdmEwW0msT8WKODTYKJxHuko9niJfHO6SoD3oFK40FkGtujzAhkKs7MHE8rxhLvvkgDyw&sai=AMfl-YQPM2qP89Jt51t6DFKBjWvIlxNYAcKK57W10S749mO2iHxNP-pfI-niRGvI_XH1aObB0A_-kq_h5QEjxa4ZlSp2TxduaMhN_PBFcI4fJ_zSoUGQU0NRTtA6ouLzJVy-1d_Cg3ugzcPWfOBURygtVLwA4GNS_VK1RPT64G72b6btphKAIbwH5O5UVNTq6qRpi_hg936bq4YyX3HdCWfpnbxegE47DS2IqRGf_5n9oLX267HOKC-OSjxZmg1GPC2XyjniJWir69rDRj8D1fBYUKXihTXwViSYJO_a_9eI644zJhvuVnE9yGGMtO_rj0pZ2N-NKVFupJfA6x8aOGAqo0zFWamKktGNChwPMROWa16y7ei1h-Fqeh2pjQ6h8I8Z2cfYO31UtcYw8Gr48ufBXO4Kamun24GSYhO6R-rrvqXZopWXM6IHHYKcUvB3Szw77x93x3aqILotDQ8ilt5LZgmKlMeiOcGGvWGPukCUn88zfQnQql3rpl-BFISPAf61SVjsihSTsqs-OA&sig=Cg0ArKJSzCev5hMW2GZGEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=875&vt=11&dtpt=675&dett=3&cstd=198&cisv=r20231109.35174&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E4EC 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame BB68 39 KB
15 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame C48E 74 B
323 B 174ms
145ms Image
image/png 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?224889094510=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 12F5 0
0 138ms
127ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvhoJ1yNOJJLdvFFS0Wbswx1O5AYpz0UrSKU3R_UqPTzFUDO9wlHtHGhZ1ms8Pn0rt0vf1SPK9G9FgC6p8FF770Owh0_AFLK1TDgDBoiXLd1JR4Plw1TcgxCmqbFqebr47sPA3dWFC38aCEsnb9Hu7PSZVfaCV3IAtVya_NsGIf1RbCVnrJ1QL5FHUDnc3NvqWfuJF20zvrSn4nWRolcopOn43B0-37QXp3UBRigaRuCfJCm4aUibiq8gCtEQTQVlpRz05OkSUVsDb2eWilxh9iOQOzUGTHzYx4kviHQhbigEiMgLiGVK5BhDfE61GDz5LDNw5X_EUwfbIYQOieGBXwEbGEJUZpTuqqdCULBSwdz-SUGjjyTLXFTqzAZIXWuwHQoT59yovqKfN367OIx1GsLYR9THKKfxL7wucjiCZWSZSHdHDGroaaL3V10VlA3fQrlK-Hk23GV-04D5atr3BOHP7As9vQFyJcWwlgmXIDfgEe0BxvhGuPW7JCO5z6rhzBlz8QsMqD-K4OYSpsGrfdEcqUha96L9pldVcZCA5waGd4Ts7shALMrLk33Z62JN2KhFpREVg-fjWWP80H4f1mOx062EH0AC-x7ePPuLKyDWn9iR5qXXsxtqtNkH993Ypsvtq_Rj1nIAsyIV836iD_Q6KQzEP6zuGGEt3yfaeXPNzeQ9sElLjd4Ybq_a6C-yN0MHFWq9qdrV0qWjtYImi3Fzw83Ymmd20s01fMDT4GQGHBUYLSTuVAL1SQQxckoWbH0LnYIM-kmvTc5MRcouMIY5ztTrmXAMWEC1PZxxafu27HRLigDkB4mKTU5Ro6938HtUlnhpp_1LloXt8fmsWL6ptFNuiLbazN14nnnjVBoaTYZEwvyxFxQIViDCB2wAR8NALgHXQepoHLA9Ka8MFVE_ut3Rwk59Cl3rRCBAPFqJMruAr0-E4zb4ljF65U5BZaHojnxAMk-nzk3U_OMdEEh14Xs0UfxErpe7zm0rS3Ck7xTRJBhSGrwTmC_-YDas49lWnrAD0f4CS9PR3J1RPu54BiX14z6H5ejAzYrFzbiL_XVmsyAV0eVfHo5JEfGN_7Da8aVka82hWzpTiAJYkVWlL4Kd9qbqsYuuW4lGT7t923t5X_UPiAYNtxWiT5VVAAj6rtayoH3YE-NIHvOxfbfTxEgpJOuT8UkSEA2r29gsJW3yTeSNSB-Nxeo5CkoNCLEzHv2xiuFYpc353-_X-p9oehw7eOaZHUiP2pkUt2wf4LwZn1AF0nKPv3iagI8GA1Z7ajeGlh-PatTCM6tkKE-CSynThyPkq_3vpqvxFnMciuRG8NDsTb3G514LCa0A6Kqp90cmBBnF1p8E5ZBiPTMpvQw7ZqBlvbSC11&sai=AMfl-YQxtRq-wJWDXcxH2PxPrS3GtLIuYEafDZNlt7NhM3EMXfCQ1sZibLKObFi7Ir05DJQO75ww-CPBsQWwFHXQLUCQNNf8I9Bsq1Yve-y2Dl4YpG6w1xUm7hrnev2BRx6yuk1g7EXz1EOVy114LBU-UisvLkU2wIjZZdrZLPCFiJ-kUOlp_9PcBCuSFkj95LvqehhXXYm9OKBu_nXqijtjnfowWhLDp0VPZJWgHCy0JT-zeQrvEAZux7XF8u3DQHmsh-Hct_fyDYPl5WpEdirtEST9toGaw-_NIjfAtEkbVTvVxxD-k79gVYBGOz6Mh8Ez84S31Ve5Xq6puqWwnF_K3zogHUljNV0i94M_CiJYkzbvZLtMgU3WqzCkT_l007f2z487e9tjenODDDxRvOtZPOoMNpWMF25BSO5MlsdKcDySvEqQ8OMObd4E1ftRP95Sp1FM5ZOUZNZ8eP_mEdbQqVcDl_AfPkdEgbIYcPEmfnwgxoyAta360K31wKw1z7rumDiGdDvGcCuPTA&sig=Cg0ArKJSzDhtp5VASmV_EAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=900&vt=11&dtpt=562&dett=3&cstd=336&cisv=r20231109.55694&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame F62D 32 KB
32 KB 88ms
87ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,500,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame F62D 33 KB
34 KB 88ms
87ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,500,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:20:24 GMT
x-content-type-options: nosniff
age: 398362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 21:20:24 GMT

GET
H3 200 foto1.png
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 139 KB
140 KB 128ms
110ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/foto1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5289248527779775064e4eb5783fdcde8af072da511b7f53cf0b88681474b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 09:11:53 GMT
x-content-type-options: nosniff
age: 528473
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142801
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 09:11:53 GMT

GET
H3 200 foto2.png
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 172 KB
172 KB 123ms
105ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/foto2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a46f02f4f55f50b063cecaef0b5d4764b65062e29a8bc839f4b334bc7fc829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:04:02 GMT
x-content-type-options: nosniff
age: 312944
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175816
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:04:02 GMT

GET
H3 200 foto3.png
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 209 KB
209 KB 104ms
100ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/foto3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f85d646378b4dc1e8e723bbe6884187fbb9dc471af567b34922390675ca81180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:25:22 GMT
x-content-type-options: nosniff
age: 390864
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214132
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:25:22 GMT

GET
H3 200 blackFridayHorizontal.svg
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 3 KB
2 KB 128ms
125ms Image
image/svg+xml 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/blackFridayHorizontal.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e5c08ce26533bec86c3901d0e3753d785ac215a6a19aebd78ae1d840e0a575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 313106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:01:20 GMT

GET
H3 200 foto4.png
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 155 KB
155 KB 106ms
102ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/foto4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5109899a9a14ee19a81404da149f4b822291313bd3099673e2bdd2c851a60df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 391367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158353
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H3 200 fondo_728x90.jpg
s0.2mdn.net/sadbundle/17842400397174929124/ Frame FDFF 9 KB
9 KB 128ms
116ms Image
image/jpeg 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17842400397174929124/fondo_728x90.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921f7ed27565c1700ccc039a5d3f51b6e0752f6cb1913321c5acee8e72105d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17842400397174929124/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 14:14:11 GMT
x-content-type-options: nosniff
age: 78335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 14:14:11 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 50A2 42 B
64 B 302ms
126ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1f_JLTh3TRQaHKBWCccxusRK2FcPcU_o6xbncVlFCZz3TD0545dM4FjAzZiGfoomNYiuB14a2F8IIb56HoBVGLpVY9sm2vTdUJ3pdlI_ogfXWpmAs4OJT2J5nIP_Il9a_DKXcOIyNnw&sai=AMfl-YSYmYAlTW2eO6xMzWcQJDLsFFHSM3T55aLSDx6sdYqOVz3hpQlwelXwNt2wFEudyxs2R6JK5--Lld_KgaogmziH-Itv9IQMqwzPSeRbcpAFUrHufjKdhxJqp5_Xn4xsAcObPkBMreQ8DIR-QJvHztGE0RW4HWUV3o7i&sig=Cg0ArKJSzLBQwx-NDSQQEAE&cid=CAQSTwDICaaNhhxrsXa-B5W1ZQzCJbJV6_UeAk5X-CLKNk2EADlFu4FZPjteTgyFQwSDkqSs7R0vVXR10SONPoBtPBXL5K9Z7YC9CGeKXU6_bUgYAQ&id=lidar2&mcvt=1022&p=0,0,600,300&mtos=1022,1022,1022,1022,1022&tos=1022,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3701649838&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700567984179&rpt=1069&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 12F5 74 B
322 B 208ms
197ms Image
image/png 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?499155796337=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 955A 74 B
323 B 148ms
147ms Image
image/png 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?847247978720=&n_o_aut_tc=379490306&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 955A 0
0 127ms
124ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsu7Seuu7elqsQtHf_4tR9IqmMoODUlnDUZHxoZdCak2fUE96y1BFvbCRbKQ6vKkKJhBU1P6ukj-MxRpTA41yoyr836XpdPpHR9jcei6vZyDEBE-KAdkAOJwoaLnMOzsuZYAX1zavx7ngsR_QZF3Iu6PYFGXx_e2vDu8hfQ5rkMdydcrRKO8bIZWii0s9t3vA0Jzo0k4XVdCDdP8hT-ARwBCzngceW8QgqMGm9AvsLbVG0KU6lyY5v5Svfsr7BM2vK_mwm6sE-g5Ri_9Ry8F-uGzSqQml4H7IMShnWiWUu-lhIPTNwyiNUOjuQ2WvoU8WDar1ks3AUlU736P8JWut9pHkqNGkoQWjCn15ZyF4ICsE7LvV8dqqmrDvFA9iOromxhmK8-MPyM0Ryt2sDyYtoMLe_VcOwtFBJtSLQjs-QbEBXGo7D5nX8BrGpXcYEdi6tpXyVWWgnA7pVu489aFOuQ3lIQRfKZzSHgdDq2CaOpF3kbCG3YAhReFb_LlD5AC-4q6-4JhNE4RgDkZPuZVIFS2AD-TcEjvFpzFT_2OWYqZT5H7Cj2WePxG3subl7--SrivLKdjCV403gbkdOeudTOVNjFK9fDtB9yyJCYChxkEEIGgOp5Jx-ywh_Txp3k5qfDeyFBf9l03xK6YUILsythUIhQ8K4nvKE6oBj0Tg5JW42YSyML8paHUbVuwfQfP2L08bZ4ATBR0hW3vAxX9Yn2E949IDHIabazfYIsTWBeypXMcP4EmjDz-0DDn9OAk9oTaJJqkL6TSb-D6xqMAa0_RgPLHYxQtOnKvL_hpmg5HhTZ7PfeIc0jiLXwnFQl0hmgqJkH_0AjP39K_B1j04iPwTmUzhW1IbHZlx0L6eZYtKyW51UAMsc1pU1qjSagRkbEHTLnwbsdN7nCHOv4ASUB0pZy_zlu1CmOjhNBi1dTUH36MwtMmD92-C2permH8wpCxh8ZkAD94R4537qjXyiOJmOdE9CUTigedCHQHAX0jnC4HQCF5OSCY9NAHYWLicb0NZBsToUkRdg8MPG7wRwyQ8ldkz8lL9D6gnEVRrI11IjnEON0NvXjuFWjhGaYCAnk_sZMchOIAo6J7NFU9x5Z9WzQUEPqjRokVwuIVDxNZ6o6KXepR31z32F77OYrlWmBLGfSdr4QkjvPu0LcPdXryst5o2iXenailoxi9qxsgPj3YxTQlcutYVcbYcp3rFitpC3MH66A7F1vteqe4IF6qb8BOVjy0_INlmC80sTnmNlF--2WKVnYLFJMJ_uu0s0LTeyO0tATTo0SfwJV0GwDMtRII4aMCjgEJ8-EvfohBqYKEfCYeH7QsHbIPJ6T9aC4uxo47tyGLK5fQlCDcZYfwxqn3rNuKzyXO2LzYlg&sai=AMfl-YS9k85-FoPB2huUEfqeCIZxmwVjJYFJftfM1hcX7Jf0kVyov9b9EYOXEGrcRKhesZNPZFNAFPU2z-1qPy-gsHMA_MTiuhLK0JJAGbdfGJOSIkMhYhQPrjtSDo4c0trzrf6vTITqt7AK8UFZgJeHS-P_CjobP5dFtIdCY270zDWYDCxDcTUMY1Sjigynv4_EnoIQXOrWPk53wAw__ImCAp65us_hAMfZsaQZDzwMW2R1CZs3G0SnOISQbxCSdtycjPQsoPTH6YiilglLu6FPG--cXdELFmNDU3cvqBKq9maNjdnox8zqcFsbcP5Ik01h3jGI9CXhVbiLNuC8PC2Z3aiiQ3h5yLUo9XOVwtpSM7C47BOO1wYDwrMn7ZoXpTarfUTARNptppSPbcJVrlkdXrLmp_BhX1ykvlzM1259FkOxmdCvj4nWXt6eGrdGh5eK2OAwdJOyEA6__HaGskICY1fz0Zca1ohP-xl8nDTrunZ9xnI2eq3-6KHCJYsCJovEs835Q15Fu9DTJg&sig=Cg0ArKJSzPclstl26HiwEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1116&vt=11&dtpt=572&dett=3&cstd=541&cisv=r20231109.88377&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1038 42 B
64 B 140ms
126ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuikGWTJk7-kfFCBFBe45u2nQBZ279D4UJq8iD6Zu9xs_oqT00hVojuYQxR71w3PgoLw8FqoN19qlgSOfZcM6AF2sN-VY0mdJ9_cb9N2l3amECaJTumaYoIrhl2iFWLaXTkuCps5GsYSg&sai=AMfl-YSOxS81s43LbESffEwGKXLmKYgzaIPNUbBrx9J--7vILgr09j9f5hdEY56BLNRTBk1tOYg91CePaaXBqez8x5V6t0b6b2gwPsBJO3ZHjPLlrCYyANuFMGtBwCuBBXaes9hMz9Awac6sfYJawGJzLw&sig=Cg0ArKJSzOjKtqkoLBHzEAE&cid=CAQSTwDICaaNOgy-x9esiVl-9x6bhTx2R47TF8u2PBRt7IqvY1kgLPk7jZSbk5tOS0JmgNGKoK6Y2sQtBf6seLodWJaMyLK3acz_gSoJ8fAf7g0YAQ&id=lidar2&mcvt=1111&p=0,0,90,728&mtos=1111,1111,1111,1111,1111&tos=1111,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=785636279&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700567984092&rpt=1228&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C48E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d44e5b840cd4d816bb3eb30d90eec5bf9784c4af1ff7dd883498753d173ff94

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C48E 0
20 B 130ms
128ms Ping
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=62&version=r20231109&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 foto1_1.png
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 420 KB
420 KB 71ms
68ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/foto1_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de75ed75352cc769e2f900161e59e9bb6c5bca2ccc84cf1a8c8a9ed6c1428e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:01:07 GMT
x-content-type-options: nosniff
age: 457119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429731
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 05:01:07 GMT

GET
H3 200 foto2_1.png
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 557 KB
557 KB 77ms
75ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/foto2_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

221fd5a667a2690a6b7fd759209be410477088d91c8454a618217c8dfced0bfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:01:07 GMT
x-content-type-options: nosniff
age: 457119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 569990
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 05:01:07 GMT

GET
H3 200 foto3_1.png
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 641 KB
642 KB 74ms
72ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/foto3_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91fba921e1f00d4ee66f0336aca8bfb45a1d11860b7f6b9044906e9f36ef367a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 23:16:59 GMT
x-content-type-options: nosniff
age: 391367
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 656893
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 23:16:59 GMT

GET
H3 200 blackFridayHorizontal.svg
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 3 KB
2 KB 80ms
78ms Image
image/svg+xml 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/blackFridayHorizontal.svg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31e5c08ce26533bec86c3901d0e3753d785ac215a6a19aebd78ae1d840e0a575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1617
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 05:01:07 GMT

GET
H3 200 foto4_1.png
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 395 KB
395 KB 78ms
76ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/foto4_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d122c25a8adc2c756eb78d284888d0d507a1d9fa2c54acac5df3db5cd7827ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 05:01:07 GMT
x-content-type-options: nosniff
age: 457119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404384
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Nov 2024 05:01:07 GMT

GET
H3 200 fondo_728x90.jpg
s0.2mdn.net/sadbundle/11962888077022341609/ Frame F62D 9 KB
9 KB 79ms
77ms Image
image/jpeg 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11962888077022341609/fondo_728x90.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

921f7ed27565c1700ccc039a5d3f51b6e0752f6cb1913321c5acee8e72105d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11962888077022341609/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:21 GMT
x-content-type-options: nosniff
age: 313765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9142
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 15:48:25 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 20:50:21 GMT

GET
DATA 200
OK truncated
/ Frame 12F5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 21f7bb16d3c3ad65a854244b04617bcd4b94c9417ab143c6795475f8cf24cf7c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 1038 0
0 128ms
126ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsuf_b1sa0gM4PDxzkUGTi4vukh6dUYck-eXHwkDFJVjOlBBOT3PpHRTId4WW6JkQqIwqjU491SFodwfLCG3nxpvstYAHl_PptKgCNlM7DkK3vjBCurtEKhLvX0J6nHnAGyFHm7D4dfPUvcdC2SfnchFr-hFCVFG59KBcxKlZJFhTbIZvBGYp-UpnEhHeKp68XJ8k9Quh-W9s8sFbbAjBKwpIvi4_jSbW2esKMBY5A_3_NcrUPgfR9MhhtJcOq7eutPmsR7M38CSMRYGpTRYD9yR4MWWZV29yo7tHty2Vv4aAbU7wSBWsd8yz5ld36MLHRBD7vj7-XjVl_AevdHAUbNdHD6lVmDXnllZJwK5HmaUL-E2DYxLPlH2Fib2faY6lGD22PFjIKz-lZMln6ydAOrGDRVCaUrHSyk9L74duHnGkRN_8i7PqF4voLVaisxyMLy7vvCllqYzwZ9fbtFTb11qQuvyBSrx3i83HM08tiLoG7PXByFslAFF84ydqvPF0YzkDEqXy6Rs5rtZ_XYHxPLc_sGpWhrEe_yS2Yj_6NsTElzyuNBEFkwutQ6DneA1_xh1S7nnFw1iBy_rJAvuKEcxlkQpcleXHUhOYv8D6oEmpc6ehK0rPfKmY_8S34LkNizMnnbLMbSnd2zfYxlh2KK9qQut1PeKOlnA0cVIdtW-kSJVnVyhh1Nv429g1PPJj_hDt5Z6OeuSgGBILRVxJQ4NxXAsbcFxJ65YMQuGtKWkDB8J-GYHxF84vX4QDk1Pxr5xleEPVIUrk1p3ZaUVXf9ooxYCnKVPGhd9Q_flv-TXwPKc3GUIVqFh7yic5F3XoankkVhQmqsoeKcKlfFoZmQ63vFTLWySi-iZzsmRfBKghurCY9OKSZ9Jkb52U3KDCPOhJ6WIFPlc91TcNH6skYhTggx-ekzYh2KD-duyqCaAWKcjHCec2sXWU1G6M-W1BNj_v3Zx-GsmvOfxOoSNs5TXtQsGkj-3xNf1TBbI-ezwvvukadAQvTwo-I43NMGXw_IDccWwNLe0uE65bWaNk2WmGlnRRREdP67MBhTwZ3b2uVmZHUi2uaPUa5GkyVaoQ_hMjUdzTV3GUSCpWp02JZUaFIZcrwrEGY4c7SjMYyGSlq74RU4QoKHFpTBYpRcdcJ3O9o9pMW1yJT1xNzVKtSNsa8H7hV3nyPySfU2wXCCTRsTIE-lj1aWHGxEOGBeGF8Oux9zUXrewenlfW-3oJx5gGnVAQqwkpnq__jH2cgrLCJalFRNocV3xUWlatjmj_UjDi7UqKjw4fTe9l47K2nhQFNChog7ApNUjISCYPW3qGh_U6XxuI0jjGJabYE9Bhi8lSNeMdRCVCJxQa5XdZOlGoH9iGxMz6B20e6_Y&sai=AMfl-YRGGdRr_HpebPegYk38UpvOV3MGsGrI_SG8Jb7W7lZsW5ZB9q6Ps0pOQ60UdEExVG7ZEjmeggVzFO9soRTfp2BiwItvkSjH67TGwDWZBGNRrd5O6gFCuiD_Hi-66XdIWVVG2klJQEZi-T-3_3mj_y9Lr2ZJfheachS2opnWVIz8MNUhNpBICjEXeWDE2ikyrASNWbV-W-aewYZ2E_xTd0hkjYQvLo44Zl4EPVr-ki8DnEfDR1lABlzTQu_rksRq0cbWFPMxO2-XlPy-RsvsuHXvV6ht2_6mMXIUeAzEhyK5UfEoL9FfVeq6CzCEXCPWwP-IglvVyPwwTuFW3erLAmOwipdU7yMiBVjY9HyQ2RotujTDPOELr12eIm7apNLWJV3Z1N1eXxhzNHvdUfSMmeSmaXpbK2i5l3yPB6rEOdhU5QwYc8UFSizaFOOF01xsOYLXSpt82FXxgtRgbqT6wZQZSfDDATwfUh-m0DTp3qMLa6iJqHA6Qhwvyo1ab1MJUCE63t4Xpb8wSA&sig=Cg0ArKJSzBPuD1AFGEZbEAE&uach_m=[UACH]&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9iYWhpYS1wcmluY2lwZS5jb20&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1900&vt=11&dtpt=1608&dett=3&cstd=289&cisv=r20231109.72092&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: kino-teka.ru
URL: https://kino-teka.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 105ms
103ms XHR
application/json 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c352568ba2e18eac6c5a618c561a151a995007e6c732b9dc0830bc9b84ab420f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12292
x-xss-protection: 0

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame 955A 0
105 B 170ms
170ms Image
text/plain 54.76.181.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?1090645546281&n_o_aut_tc=379490306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.181.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-181-172.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 21 Nov 2023 11:59:46 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 068A 33 KB
34 KB 68ms
66ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:20:24 GMT
x-content-type-options: nosniff
age: 398362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 21:20:24 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame 068A 32 KB
32 KB 71ms
69ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H3 200 foto1.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 139 KB
140 KB 76ms
72ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto1.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5289248527779775064e4eb5783fdcde8af072da511b7f53cf0b88681474b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142801
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 200 foto2.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 172 KB
172 KB 81ms
77ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a46f02f4f55f50b063cecaef0b5d4764b65062e29a8bc839f4b334bc7fc829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:13 GMT
x-content-type-options: nosniff
age: 312993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175816
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:03:13 GMT

GET
H3 200 foto3.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 209 KB
209 KB 162ms
158ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto3.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f85d646378b4dc1e8e723bbe6884187fbb9dc471af567b34922390675ca81180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 08:49:50 GMT
x-content-type-options: nosniff
age: 529796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214132
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 08:49:50 GMT

GET
H3 200 foto4.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 155 KB
155 KB 78ms
74ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto4.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5109899a9a14ee19a81404da149f4b822291313bd3099673e2bdd2c851a60df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158353
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 200 fondo_160x600.jpg
s0.2mdn.net/sadbundle/4326626528311949098/ Frame 068A 16 KB
16 KB 164ms
161ms Image
image/jpeg 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/fondo_160x600.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f2560efc60e0da15251a65621b4aa8411b5ad19bae6a239d77c051b1a1f86da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16780
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C4C 0
20 B 131ms
131ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BgLZTsJtcZdqoDvmJ3rsPtuqgwAUAAAAAOAHgBAI&bg=!Xl2lXRLNAAZxrfrxUa07ADQBe5WfOAfSDoTOJ-6Tt4SuXKI8ASLlJgn5HyAWSCdU9-O6-UfNEc_LjFzwD8m4D3MYmYy_AgAAA25SAAAACWgBB5kC5af-EvmCLOVY669dSVRpyYCWCOYHo5SQpvyy7fNqRo5CbbKSzGe98CTHG_2qQ9BKKZGGenynsy3o15KBFjGwuFcfVx2N8HjETbZ_dyB-U0isENCpahE17qWUi0ZbkyPiqg4w0XVb9cYrwPUjH-m0SG9YuwRCeZqCnkLlVc7iwc2jAgRyU2m0L-bfBzOkIbj-Ja7NTjI2hw0uFLtwLFNtZ1-v8Ik3MlygztG39O1wQ9dfyN-nu0HFtjeVWVUmdbHZGh5xmp1Ijn75mtLQiyBjcphxXpnniPt88_R2zTnCdQO42nticmjgaJtDweDS2N7Wn4oIUh4qqWUrbVW8ruZ-zic5YYFdZb26tAlMGBuVjadSAzg-Pw4ZF72hDNzjzF7eh5_EwBM09RoY_gLlTFPkzDvXVxvKHMOFA7qsCWB-Jm4l0CQEe4xkJ6xTm23KJGDh3KSM__aze3_cNq0m3h0U91iSRqXaahcFC1HAmuL-E8t0Mp3XDYP-YrrPic0GrS50_CWsZxAT8jiZjWg2rHSpw3XO0WgP9qPWZJxaSF1L3y5YxrXCxkv-HWqLKZIl7ICrcI65tw3-pUuA31jFrTvdsZOOUC7etM1joFJS9bXDgZbRooeZlHd315XLQ5NvrDXXmhD6rrLtwYSFvMML2B_b3btbQQEDE2P2F80Tu-1_J7AxVHlfLKFCxxYE3pWCvMyLdfcUm7j7lBhoT8XCvU1AoQtKcRB7k8dnQMKTwUhl1mlR0fOme4G_okNFvlQpyTlh4HLqjyFHPwq2znQWc-9vDTu_ADKQwkXBJ_9sLioBlCctgwS3Ae6n53yWiAXO9a0VnNOoehxpmljDZelXeVxykP7wl6AUbrg3SJzd8ppjvDlAI3_zgPN-rrNKg3j1lu0j3HXhouBPpJa1LWeZVhPF00BMSUpbBKKj54P4VX_NpItUBuRPuRHiCRJt2zwnrzmmWL0Wnhz8uCAF_FFdofuse0IUCCQ0hg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame F2A7 33 KB
34 KB 67ms
66ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 21:20:24 GMT
x-content-type-options: nosniff
age: 398362
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34288
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:52:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 21:20:24 GMT

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame F2A7 32 KB
32 KB 73ms
73ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:600italic,regular,italic,600

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:21 GMT
x-content-type-options: nosniff
age: 312985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:03:21 GMT

GET
H3 200 foto1.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 139 KB
140 KB 66ms
63ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d5289248527779775064e4eb5783fdcde8af072da511b7f53cf0b88681474b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142801
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 200 foto2.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 172 KB
172 KB 67ms
64ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a46f02f4f55f50b063cecaef0b5d4764b65062e29a8bc839f4b334bc7fc829f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:03:13 GMT
x-content-type-options: nosniff
age: 312993
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175816
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 21:03:13 GMT

GET
H3 200 foto3.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 209 KB
209 KB 104ms
102ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f85d646378b4dc1e8e723bbe6884187fbb9dc471af567b34922390675ca81180

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 08:49:50 GMT
x-content-type-options: nosniff
age: 529796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214132
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Nov 2024 08:49:50 GMT

GET
H3 200 foto4.png
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 155 KB
155 KB 71ms
69ms Image
image/png 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/foto4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5109899a9a14ee19a81404da149f4b822291313bd3099673e2bdd2c851a60df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158353
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 200 fondo_160x600.jpg
s0.2mdn.net/sadbundle/4326626528311949098/ Frame F2A7 16 KB
16 KB 101ms
99ms Image
image/jpeg 2607:f8b0:4006:80c::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4326626528311949098/fondo_160x600.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f2560efc60e0da15251a65621b4aa8411b5ad19bae6a239d77c051b1a1f86da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4326626528311949098/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 16:23:57 GMT
x-content-type-options: nosniff
age: 70549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16780
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 14:07:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Nov 2024 16:23:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 115ms
113ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 21 Nov 2023 11:59:46 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9050 0
20 B 136ms
135ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5fSVsJtcZfrhCKS2oPMPgYSE4A0AAAAAOAHgBAI&bg=!KSqlKmXNAAZxrfrxUa07ADQBe5WfOBgRdAfZhR_A0givrnLd9P2PfgYHnSuXy-U-nIF7tmczfJB6jh5W2IjwismMXuaoAgAAA4dSAAAABGgBB5kC6gG5Gk8r--H38PnSAdtxwEW5ZcpPaOE24Wg9D7G3HGXPl9jdenLGTu-WNqj_0AwhFO2zCIFBYbcUA6IflPFtq5YDxAro_quzOCSwaGBz-EvGh7Zfn8bkabYuc3YqvSOxzNaeLdSrmoQfw9OWpIQX5Mzw-7mjrz50csbIPHimk6ZZy0rhPzC1d-D7Z_aYFEbydMsvDbg45QQ21xkniZpBlYSp5eorTvYshwuFO-OMClCHS9kH0v4-SxjKvPFYRo_yB-hnk_tAEhTACbHV4CV5PpnjURmaSkZ46OPZtQpk-maYLLQO5rqEBIB14kSneXyuUbbDrJkElU2alaWNms07qn5MOrgHeNkqYJoK9xUPDfMUmGPEWadh6h5B6E8GWd319aReWKKhuFyFEW-O7xx5dAQNtOecAg-NkRgM5ybTn9i57OQDCxOL1mxk4h2VBVf9NhR_iSY3ssOwPP3fAK63hIPrnAPkBCnBZSH5c0sB0xAtSAPArZ1dc8y7I6dG1A9qQM_rMMbH4YEkC2JJH8ZhmT3tR-eP9iQM9Oa3ETJb27YSfGnvIAkfwav0S1hnAWir6jqJQCpCh6PVGb6F3nJ_H1bkLuy9f7jZxNgaouYtE2vmah5-YSf6vxvMlrbAmTGTd4nJhSSu8mSZy-JSueFIYpMM96tGGJlCiw-rN0ax3Y6Ae7LqOGVZr7-AaYwSA0peX4ooCla9f1Z48xxS94r0i1NjEcXjC-cpyFQbOGHAsNmw74-DR80MLrmMNqiBNUJsgWsR7fgDCnhDT6xg9EPoMPGsHEHucS2NAsPt7jI2fdiV5BHwEPSg0NkMqpRK5iqRZQmg7GuSGBPxhwYhhJY8lwv5LV1KUnogh2oY6L0Te7ewC-qw7AOg_i6Flm_x18W_n7MGFhLadfQhLZCJWVwXJ2hlmkB1ILa4I3J1lrZ_zCuxnz8ILoVBIqo-W90msU2o3_dffwXFaYHsB--Bb-CwsEpeoKqq0wRPAHOJ

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 955A 42 B
64 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0Lu6NJaRDozOw2gTa2E8pyee4TRILNplhrBfNkLL8CqM1Kcn2eTgVS6oiDCB6pXKzGnKVDhJp-XrLXge4E_T3ohyGwEf4UxcmX5_ISrhcKc4lCDmWrfMaKoPqNIyxf-I_44hE0Bb-uw&sai=AMfl-YRwlojGz10vsmU3VgdtEC-2XpzIGHwydeMvJNrNpnYN4sr2XwN1_k5bwTyqEr1VYdQGtVXIJ3u41D89eelGv75ykVE9I9eSZ2EHzC-vTkrBKjkwaL1XMWT5W-99AMONOyzJC3f5hJTyqLvrMZ4HOg&sig=Cg0ArKJSzGROqQk5viHmEAE&cid=CAQSTwDICaaN3ZIOpjmMbxD0g0_k9BTWW9VD1Z-GIeD724__pytvurpFlxRGjKDF7VtRKNmn0o2ElBUAgkAPilsrtfsxtzLMf-Ek3xAxiGDhkgMYAQ&id=lidar2&mcvt=1056&p=0,0,90,728&mtos=1056,1056,1056,1056,1056&tos=1056,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700567985062&rpt=1030&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2859 13 KB
5 KB 73ms
66ms Document
text/html 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 52577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 21:23:30 GMT
expires: Tue, 19 Nov 2024 21:23:30 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE43 829 B
1 KB 231ms
86ms Document
text/html 2607:f8b0:4006:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c98f039b66a37da538a30f0df035b21475772789ffe475fd60d40fe106bdd1ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kEtsPKBJ4qy1JJJT6O6JhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kino-teka.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kEtsPKBJ4qy1JJJT6O6JhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 11:59:47 GMT
expires: Tue, 21 Nov 2023 11:59:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BB68 0
20 B 138ms
131ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B7RoXsJtcZazKB9jKxtYP-MKXqAUAAAAAOAHgBAI&bg=!a2ilaCfNAAZxrfrxUa07ADQBe5WfONVeTp1g0EugltyD0QwaMcdVf9rPu0VeuaW7PYunl2XLm2pBhGBvjJhXPg1Zyro0AgAAAo5SAAAABmgBB5kC4jXVjMYdJdDzItgFNaPjYBDbxTCtOoapTsvLm0xGTpLZegb9wtUKUH_irwzl3nAhZawUDgeOPX6Hr0HnYeCN_aSpNmPHU7kS57-PLtyCd3tnIu3zweS1bqaDL-4wgDb3rmDEdKYEExUxExbxfgMQFPUMzudWrDZWqMKXs3-uKBH4Lpy88BIiIwHU8StJJDR22wvobv9yYQyqPjfpJhJDklOjPctPkkcyiSbS3m8lkRuUBby0Nj8De0yMTawi-_B4kxYbpvQ2ZqOpY71hsoHVMAkHN3aHPZ3Xzee-i_4Rq4uJ5sWzNeDSLZoEB9Ea601OQCo4BfTJvY8dBtQAurrX24ZK_SDtIEQiBJ3ff1LVVaBp0XCMmo4o_rMZ_8QtzVo-gITDxh1_HDpN5SZ5GmgYWbY0QvgbMmSUkM21-GgUVvAeLj5_jeJ_S9kRbmEyHkS9SdRODHchdkRfd7j19BKF9QUWV227T0lUzSBEy1B50mfw4ENQoEoDiYhhTtssaSeEIq9yEhiT9nJwDbqDNRIute260DcGnyvf_0l9ne6cTZ_tVqn6LPb-BH9poT6hqFd7_kSofzyY5Ag94u1Zq6oLTFtqik8IGAeYf4AkCkzJG7CFOyVS_mlUqPS3TQa1sSAE6kSvlqkFt2ruPdeziFPTMaTsXxNbecPy6kyYukUEw3qaYKOwzKrgfeKe_FpmFZnZa7apD9ijwLq3wCjl6ZVdxNUeNQPnIIfz5JgihL_5bKt_rk6yrQKLipssIi8J0G4thn1PGXlqC5dQOEmkjMAjoty4wxZRMtEV413ugUCnEtP6XfKThqdE6CYceZt9Oc2OXx51YcmFCbrUJ2vYRMPYoxwfNmyvcD0Jm4c6uq7cDRGpvhk2DchJdhLdiCmN9XAKjoz7Ts5sxbeHJyaqYDUTNDSuIoU2LQK-7nZ_MsMPn7ZFUX0etQf9EHEagSNLOjOQlnMqWPZAUP5KDr-lVewkLyqQRw

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2198 0
20 B 195ms
191ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_vlmsJtcZarKB9jKxtYP-MKXqAUAAAAAOAHgBAI&bg=!h4SlhMvNAAZxrfrxUa07ADQBe5WfOLkV1MFQ0rCKxTIJJdrG1-gc13T_azNfhaV7ac0WHvoA8UgZ6QA3m0C17dnneuAzAgAAAuZSAAAABGgBBwoAYODYSwYcVF7l7hZmZlOHRj3z7FjyPYpdY3GH5JKE2wp4VVNwvbYEo2BsilXNhpERHFfhIQTBnDskmKFcq0VKgTdhLX7pSsXXS_u61Bn56Mwd16OlhSd_hKz18bKLBtrN4JkC2MgG6FjYpWZMXGop5o3977qJAEfO8WaXda2sEj2Z_CltvBm9zOuwskX4f364lXDfzi3KAsPtWhiJMkH_jAqKutKyHLA3lO05Ab9m5CmoGiWmoOLu623WsLrHEFsO-IbiqFFrvImteWgIXPXjO2XmeICpWpVKaoLTEc8RDDj7kb3P8dHYEDvuIGjYX-E1xHBRNPf2TPOB30OMGqsKeztVani2MFgWZFl5TOJE0AeP_F_jDJiOTETaLzcEaj7OImdF88sbedAvRXDSypk8dHu8gTpqrT_irWMnkGYgyvDnTMjILqEzh-Q1FoofkQJMhFowFQO5G5Krv8HQi_TfoViozHGZLxwCftFT17KLRxPFVB0Dz0MoxisjFE-4znRNCOI7kzAK7tVmxoY85CQi6_WRlywQ32hd76nQI-AxaTULgd0L1WLUmCQevLcsOKBBpaje41YQRwTOkP7p5E6SY07A6SQtwpE4n25ZQzHs6iTXUA9XXO8uRTo0l22mkdjKnKG7av8H2cVG4sdwMxDbZ9-doxW9qseyPeA_vMv5NEO6MbKM5-RHYVfhi9xXtwzlpYkcom__D5PItgDkHPutOS4H6nlotpBGprDX05Rdhb8qwN5ptx1XAzhWtbhFbrpHredlbC6Fz1znDsvUnQZm1Mv3Tw2nb40E68tEA9c3Fc5GUjk2dnfk5YMctR_KgXVFuH1woUfdWvAh-_JWe1Cl8wGAfQb07zAo6NVzEtDDpLTsZNd5tCPrRjSg5vYJJKXiBZDYzsuuuuN7ItopdmCgIE5saKmO2C3CMbCRFONNWCnQ0WRk3x7fA-yGyT11EsLYkuBmQbv4hBkBwYdPrR8y6TblWG8IwLOpOCoDLpWaZ-QAN8bymaaG2g9pdfvSzRypWQwcS1rM1dX2Nddx6P8t3-vy7X9CVJ-ecvTKCAp5op96BD5gY9vJCUMEHRyjirjUTGt8_hkCuYKaxcVH

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E4EC 0
20 B 213ms
209ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bem37sJtcZavKB9jKxtYP-MKXqAUAAAAAOAHgBAI&bg=!QUKlQg3NAAZxrfrxUa07ADQBe5WfOL5pYvhd5t8x_y5X28u3uu0hJLXyf1iQ-gaR6_VCjWR6WVoUW2YJFS2RtoA5TPc7AgAAA01SAAAABGgBBwoAcWlgllxvomWEwJ91Xjm85eYwTRQ1RzXDmA3eoujFEmXe4-V9OLliMnywRLdDQhBuUr0MlQDnevV68ndvvA3c_bvGV-bvznXxwK5d9dv4LssqKoEZ8PvTeM8g67sI9Im2ULP21Gbm4vUdHMyP5BdS5t2jmQLk3d1GCNvi-1CMngv9dc8yMHHidxWkWiHdeWdRzdnaMC5al3Sc0TBC6GGEWr0z___zNG5CZ1tbMqIwBGrYrAAaE4hTI9vYi1m6mjZyLbWyiwGgkqHw9RkItybXbXU-MKGBUFg0AC1RRXsCT0fyOCxIsoPPMClIySHCC3XXudWDpceDYr8RQT0ZnfIi2aq3qxCvLkF2nFBBe90xGG4neiiQJZ3ashv4M9QTFpJtv6XqyUoZR8RmkXNAjxvnZ5JcdHV1eZw9dDWKDE8pWlvdls2XxpuHPoGMIDHuahNLec7qIHWx-93wHNt2gMMravMXm4uYkcg7PwPEKdrFf0A23e7RQJKjWNMntr9TsLKdknrnovGu82iMPCJysqqkxfil-c11UKOT9TrEu6zbCMfRUSLMUknlwHoVYk7JXl7UXVrXsKnRIMoxFAfg6odK_SfR88HpJTmt5sE7KMg1NKZ2w345z-fOEi6MHMRQ9mkEVCZJRrNLgU2HH2_XUBidnWRzHuL2eqO77dN_Js0IbADvUGSqWjLm-IWtlyZBeOpfcmg-gK--eF3A4mnQG0pTf1zi78XE7q0lNEDsx66I59La6NRTPcxBe57KBez-Q3hH12n7T_xnT1GeInMk6Yl-B4nRV4lBjp3aDIM8iOjCAj1Bzt5kMqKAqB0_hf4DbCNTU6yf3d8ndMGzXgKj20AWIj894cuHp5t0oDUPzH6QHpyU4cv5SqJ4Cxz5tDbJHlhYwmZ0l2WNUdxonaOdhKiQ51ccTf5q2DpvJi0dWJ_w8kOYUceXb4i3WgCOf8v7otts07lkS0HzmQGY0uBNucWd_8rmsMD5BXJc-TF69BAaQ5iyUCSRtjM-R_k2WMSqPlI4hLUecdV4Jd_X8Rrec4Sd-wif55RJAQAsDwMecttGpgE_gjRAqEHKSibBuju4dRfM29cYEtjqCrI7jP9PueO_ok_g8Q-kWnhFVuahEMPfdF71tBXiY6uRAKo

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 2859 39 KB
15 KB 68ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 21:23:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52577
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Nov 2024 21:23:30 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FE43 0
0 123ms
123ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=4326152306613288&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2859 0
10 B 74ms
69ms Image
text/plain 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3Wy6hw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:59:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C48E 42 B
64 B 128ms
127ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss48B3yXD367mmg6vP4vu6FRp_pr2kKdy2_V3HOheA1ZjBa3P5fRt4qJDyHJ0hN5KPAhHFkb2bOwFfIuqviYLu2EjJ6PgxFgfGH82-DVjx9UKu9vp_xwgIIhrhqjD7Dm3RW0nHJDhZErA&sai=AMfl-YRZdGydPgIRWD8598-a4lt1J56XYABw2H0jGE2v5uFV3dqrcfyU2ijGXbqrnVC2qa5NvZcNWOuGIdxZdy0RpIq3vlHv3LbehNAZtRx3_6jLrnfrAb5R5YIyCduo1dOtbZjuI5EGIwE-exSsmzzcaQ&sig=Cg0ArKJSzDtcYVNJb2o9EAE&cid=CAQSTwDICaaN3ZIOpjmMbxD0g0_k9BTWW9VD1Z-GIeD724__pytvurpFlxRGjKDF7VtRKNmn0o2ElBUAgkAPilsrtfsxtzLMf-Ek3xAxiGDhkgMYAQ&id=lidar2&mcvt=1019&p=0,0,600,160&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700567985054&rpt=1002&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12F5 42 B
64 B 133ms
132ms Fetch
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFANnuxSp94SZG71Inl-4uaHig5AX2lKlhQmNbCx3dbfFm7vYa_UT9dPT7HUxJAhtlPIwzILdqOnQMFtwvtyQm1sYIiBwxVCkLNDHbR3geupRrI3kgFOy56x8mjUjLrMmPbIbqIuXN4A&sai=AMfl-YRzfXkwUD2AyORjzusCQC76E0v4xs-JkrOeTwQtV0LS9te9bbOtU8INO673Ps98YzalRbil3pE91WRMU4nNHTVoBBofgg53NO58OYSnMtMXTM1XHX7zDwdhjYFraE-IvRQBLSkyUQXYheOLUI_m8w&sig=Cg0ArKJSzFxQKlxfPbiIEAE&cid=CAQSTwDICaaN3ZIOpjmMbxD0g0_k9BTWW9VD1Z-GIeD724__pytvurpFlxRGjKDF7VtRKNmn0o2ElBUAgkAPilsrtfsxtzLMf-Ek3xAxiGDhkgMYAQ&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700567985059&rpt=993&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 21 Nov 2023 11:59:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 228ms
226ms Image
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=4326152306613288&bg=!kpGlkd7NAAZxrfrxUa07ADQBe5WfOMbt0BW6FjTu-HUnGPTulb-mXnBCdOvjMweexNdPVKUYVxY_7mYIcDeRqLe7UmSMAgAAAORSAAAABmgBB5kCr73VLckEA_2KIqZ2IVkY7etxHl6GU9z12QqLZR2X2DyBKFyrSILT3ZDkpFX5UKrqd-hkVS61oVuS5TCto-FnkYT5FojTddNbtk10rYhn63x8yujlwfUFh5eg83V8S69FDD6Y1rzp-syn1XNd5O9t5GyLhsJYSPnxPZ7H3KEQFFygs5nGPlZTN1UnJhlt98OO47CrnInHsMd60Yk6KtXDSCkTqx2aCLwuJPV44_oZCrgshfVJfleaIbueA_5Qvm2s1hPfGgoJTWC5r5K-SpupCdVRtQncREEdWLYizEnEq791xjvfOenpGG0qjwNLic_K6_S8H-el3ZlbHsmjoQdUMbtbNzTNzpJjjmtTSh6lVJJnibBGnxlEMDZGhMQJBLgNRRTsTroH0CEJbKZ9dMHz5ayFPSOtO_aSWQoh_mBqvivn3QDpemZQoyzeWPOLHunqYZwnUWwRzI53OxMCsCCnZbwi4pOIhB3GqGDkR0qNsQRah-qcjvwCIwHX3WYJkEQFy1KaJjrraT3742dyZ3A7fOq3v7mcJYspdjKZ75tW6V4Wk6MllUUyIPLv5cU1vQnW0j9kWC8xUBRlpdkt9FwYj2JTPTxp7a5I6KuxiFf6KT2kg4Nh3pqRVW_Qns1bw8dQ-QZMnLJkD5G-MgMeI1iZSu4bQafkIg_GRTC7wo_1bLagxUJYaxQnJIBrDWvXLotEesVjLaP3PdHm_K2AvNFPhESFQYZQbz5p8KCB9uM9ZhLRvklNI0Yk5azU5TMGc4HlNJN_S493pJahBY9b7MMzuvh4sZ87q4GE00TJ6k7DqCSEyW1C4-DSh0wuEyfST4zeVsAFoPUu6Xo5YnyqY_udN5l-tmRlcJok99ol6vE0yIyOVwTsBwtOOoU3ZKt_dsBv7gnwPcjD977UGKu6xh3euQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://kino-teka.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAW_rJ_QC-fHJYpJn7KDngA&google_cver=1

Domain: sync.search.spotxchange.com
URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kino-teka.ru/	1970-01-21 01:08:23	Name: __ddg1_ Value: BiBoF2tnMeYhxJUbmnLy
.kino-teka.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: m9aq8o826ssld8r0jnje4gu905
.yadro.ru/	1970-01-21 01:07:30	Name: FTID Value: 1bN9kl1F5I8g1bN9kl0028JR
.yadro.ru/	1970-01-21 01:07:30	Name: VID Value: 3O6orS2ZjPeg1bN9kl002GUO
.doubleclick.net/	1970-01-21 01:58:47	Name: IDE Value: AHWqTUnGyDmR18ukcJI-zEZpjmk1WZotAra15efnKJyBXN9zhkv5qnIwF1gLtddx
.casalemedia.com/	1970-01-21 01:08:23	Name: CMID Value: ZVybsAFREXQRrT06cvFNWwAA
.casalemedia.com/	1970-01-20 18:32:23	Name: CMPS Value: 2941
.casalemedia.com/	1970-01-20 18:32:23	Name: CMPRO Value: 2941
.kino-teka.ru/	1970-01-21 01:44:23	Name: __gads Value: ID=a404ff737dda5ca0:T=1700567984:RT=1700567984:S=ALNI_MalIaN-KAyUv0SSdJU7UbwB-Lp3Xw
.kino-teka.ru/	1970-01-21 01:44:23	Name: __gpi Value: UID=00000da31418a616:T=1700567984:RT=1700567984:S=ALNI_MbWBYqe0am8b2knMuApEJBhHyOEAQ
.adnxs.com/	1970-01-20 18:32:23	Name: uuid2 Value: 9090096300499749992
.adnxs.com/	1970-01-20 18:32:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In1m67r'!]tc(8i_iqf!oN/@E'zz<Z0QX06Xv/%6`.@#IYTm58Z)(osX_C]NEHlLZkPTD._PlZ[C[-kX-L5WRc
.openx.net/	1970-01-21 01:08:23	Name: i Value: 50ee3748-a682-4c24-9659-7fded3818c8e\|1700567985
.yahoo.com/	1970-01-21 01:08:45	Name: A3 Value: d=AQABBLGbXGUCEBvshJqESssPE28MXQ995SkFEgEBAQHtXWVmZdxH0iMA_eMAAA&S=AQAAAlkyPyzbs_uklE0AxT08Rcc
.teads.tv/	1970-01-21 01:06:57	Name: tt_viewer Value: f0d35b89-20a6-46f8-86ba-09d5e55dedc9
.analytics.yahoo.com/	1970-01-21 01:08:23	Name: IDSYNC Value: 18yl~2f6b
.ads.stickyadstv.com/	1970-01-20 17:05:59	Name: UID Value: d9b7ddfbd6db8e9a341baa4d57e44ce
.ads.stickyadstv.com/	1970-01-20 17:49:11	Name: uid-bp-159 Value: 1
.neural40.cdnwebcloud.com/	1970-01-21 01:08:23	Name: n_one Value: 76e40b8a-8865-11ee-abd5-0242ac110002

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEAW_rJ_QC-fHJYpJn7KDngA&google_cver=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.stickyadstv.com
bucket.cdnwebcloud.com
cm.g.doubleclick.net
counter.yadro.ru
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
kino-teka.ru
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
partners.tremorhub.com
s0.2mdn.net
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
sync.search.spotxchange.com
142.250.81.230
142.251.40.98
172.64.151.101
190.115.26.30
23.51.57.155
2600:1f18:612b:4264:daa9:3300:1f77:ca7c
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2006
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2003
34.200.65.202
35.244.159.8
54.230.163.129
54.76.181.172
63.251.28.133
68.67.179.166
88.212.201.204
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0275ec366f3cf18830eb5708a3f72ea10baf05a2f946c541e30691fa60ba4b54
032aa85e34ac48be986af94160989dabe9ffe53e47c55a1d50e0c61669a3114f
0a25aca4031ba44ebc1e52dafa76f9e63ca9208280dd831f9c1d830a8f250b57
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c6e66c2bba388fc30ac3113601763fbb6123d7e7dfaad8ba89884eb0f732ad4
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a46f02f4f55f50b063cecaef0b5d4764b65062e29a8bc839f4b334bc7fc829f
1aff52209ca02c03b907aaea98626726f385cfcd35177b52cf45513a199accef
20ccdbd9ccaeb4b82dd9f121eca2a244fcf78b39049392001374ed122e895877
21f7bb16d3c3ad65a854244b04617bcd4b94c9417ab143c6795475f8cf24cf7c
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
221fd5a667a2690a6b7fd759209be410477088d91c8454a618217c8dfced0bfe
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2bc25687d4531f68f9b32cfe93b1a9e4e51a1fa7bbba0eb03bf6888ffd90f4a1
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f25c10fef104c2da07fdae05a86c56518301992a6e3fea545a2519b25c18f22
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31e5c08ce26533bec86c3901d0e3753d785ac215a6a19aebd78ae1d840e0a575
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
35e0750e177506d8879cb13ee2c97d4caa4b74833c0b590d9e8a08d2844547aa
3949bc357609db6e9bc5796a30a25a1865ba837e2cada69a1832b03e0814a51d
3c0be3a87bf30a61205ea128e82caf22f878d118864781146a3cf31fd05c82e1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42949c5bb06a4b4440975003ec98ef9e3be7b5695281e1bd760b721d827a6ea6
434d5a30d2359d95efc266dbe0fffcac2c1846e133d4713bebb7c337bdfb84ce
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d44e5b840cd4d816bb3eb30d90eec5bf9784c4af1ff7dd883498753d173ff94
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e722f1dcbcb8b17103cc4718bdc78e9a4562729c768d5fcbc35ec8be3bd3b1d
4ff884e2910bc6f60b08372ebcda9f2800ad3dd5c2190e5a615fbdc48dbff0f2
5109899a9a14ee19a81404da149f4b822291313bd3099673e2bdd2c851a60df6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59dad3681e3bd2766fdd65d83f70aff2c533479f65e72680787f729c850296f7
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ce0fa80edea35761531b5332e98466f58aefa46d4d4525d60e79694e1be9bfa
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
624d274f65f0e1d6f27e9fa137be24f8851428155ac2c7bb35b68c93a2ea1651
65aaec54f22a4f0d11da77b506aef1aee695faf0f7422825d0fc008e3765169f
6862e0b8df7c691296fa898f7ec242cd2b6f86c2efd40f727bd1608fa95f4bca
68bb7d2f3d9874b59ec2ecb9195a9a1f278acc2edb490131287a65ff6cc599d3
6d5289248527779775064e4eb5783fdcde8af072da511b7f53cf0b88681474b5
6fe7af09f32b38a8d8c00cc0f31314155079b9bbf475f1908c1b7e02b0492d04
717feec6630cc7937750fa4ce50f48a6e326f41f606fbe8da4c81507d86b11b5
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
807cc269016d5246d8ded6f0b1caf2f6b5c414784b410be348a183fe4df8b85a
82c2a404f9c92985646a78fb50ecd69ad0117c4eb9302c2a23f46003166b6b1c
87bd0bfdbb922427b3bb33861cabb9a65d7c8a042f7c75f27a962789eca47d39
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
91fba921e1f00d4ee66f0336aca8bfb45a1d11860b7f6b9044906e9f36ef367a
921f7ed27565c1700ccc039a5d3f51b6e0752f6cb1913321c5acee8e72105d15
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
94d4cf98ef217d7d9a0c1c58450556bad71cc17a8e8910fad0a11b0da8611166
99135164a7de3481feedb959114ae5d493afae805f186322564b007d5bca8469
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
9c67f45823b3fab39e6b2a29045574b1f3826ddaafc8ac9bbed13f711dc7c161
9ef518d719c3db9bde4ad6c5b9e49c85318c858e6fe235ecb4b9b4b0f1f187d2
9f2560efc60e0da15251a65621b4aa8411b5ad19bae6a239d77c051b1a1f86da
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d9a8be83f500a0eb9bbf5d12be504e869a05109a5c791dc96c9f830feefb4c
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8
a7bdc686f2e0afaf87d6d2e3b2b8a0d02fdbb55beb0a88c84ed93b141963c592
aa4cfbe1b8c797d423d02f7988369f80880a4516f59de66000f2e9b9e6a207b0
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
af760fe3bdb5cad983bea6c95edb390d292be835f6a6759463090edf2654c176
afa3526bf5919d08afdcd76f6073328f2b3a22c2d9a7b7da23549565dedeb649
b0bfa018099415ed4d1dbcca07d833d643f829093fc2e6b5eb141dfa5af81014
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b53465edbc4a837af37be44faf39670d440880aad65b885adc7fd2f519d127c8
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c352568ba2e18eac6c5a618c561a151a995007e6c732b9dc0830bc9b84ab420f
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c9767d92732dcf37408c30df9d20f8e001a6a97ce1e3b9dd77a501cd2d10c8e5
c98f039b66a37da538a30f0df035b21475772789ffe475fd60d40fe106bdd1ec
cce53cb17e63ec7e7b40e9b7cd0d52709605e19e82e11e069bc26f1ac081eb9f
ce2c8ce6adc4b9dbbf38bfeb9132f8efa60cc2983ba37d2e88df532e47b52eb9
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d122c25a8adc2c756eb78d284888d0d507a1d9fa2c54acac5df3db5cd7827ec1
d157b59a46832586d78c72d2cb4198d24c708ec1f29ec3b12d5cd3969000fb3e
d4f2b2b91cd6e72c5b546078acb9a1a7075a8f38aeaeb7db6a7b906b15776bfc
dd303f3b7e59dff356b30bcb883478be0e6b9a2996589ba4caebf08200643b50
de75ed75352cc769e2f900161e59e9bb6c5bca2ccc84cf1a8c8a9ed6c1428e1b
e037d4e0c461f11ae88c84b123cbbfea930e6f2f8f367b21d4e51c810174d4df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e0d95a9c8abcdfabf46348e2d4285829bb0491f5f6af0e05af52bffb6324c4
f58207ac07bb5627b3ee55ac5433a7e41770834f69e44e3b16a9e0af1bf4c5cb
f85d646378b4dc1e8e723bbe6884187fbb9dc471af567b34922390675ca81180
fb222bfa2fbbf061499b5fd0686535023ae9e232fd0d01f695c6713da6722b08
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

kino-teka.ru Open in urlscan Pro 190.115.26.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

242 Requests

92 %HTTPS

43 %IPv6

18 Domains

23 Subdomains

21 IPs

4 Countries

7653 kBTransfer

11630 kBSize

19 Cookies

1 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kino-teka.ru Open in urlscan Pro
190.115.26.30 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

92 %
HTTPS

43 %
IPv6

18
Domains

23
Subdomains

21
IPs

4
Countries

7653 kB
Transfer

11630 kB
Size

19
Cookies

242 HTTP transactions
6 data transactions