11jan.newdeaf.co Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Submission: On January 11 via manual (January 11th 2024, 10:42:21 pm UTC) from ES — Scanned from NL

Summary HTTP 356 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 59 IPs in 10 countries across 72 domains to perform 356 HTTP transactions. The main IP is 2a06:98c1:3120::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is 11jan.newdeaf.co.
TLS certificate: Issued by GTS CA 1P5 on December 27th 2023. Valid for: 3 months.

This is the only time 11jan.newdeaf.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a06:98c1:312... 2a06:98c1:3120::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	65.21.196.16 65.21.196.16	24940 (HETZNER-AS) (HETZNER-AS)
2	2606:4700:303... 2606:4700:3034::6815:4526	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2606:4700:303... 2606:4700:3035::6815:36ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 46	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
4	2606:4700:303... 2606:4700:3038::6815:e9f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18 22	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13 25	193.200.65.149 193.200.65.149	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
4	193.200.65.146 193.200.65.146	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2	104.21.53.214 104.21.53.214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.111.96.52 23.111.96.52	39134 (UNITEDNET) (UNITEDNET)
6	2a02:6ea0:c70... 2a02:6ea0:c700::21	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3037::ac43:9f81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 24	193.3.184.137 193.3.184.137	50214 (QWARTA) (QWARTA)
5 5	193.232.150.150 193.232.150.150	48061 (UMA-TECH-AS) (UMA-TECH-AS)
6 8	96.46.186.61 96.46.186.61	7979 (SERVERS-COM) (SERVERS-COM)
2 2	167.235.9.235 167.235.9.235	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.3.184.211 193.3.184.211	50214 (QWARTA) (QWARTA)
4	37.230.131.22 37.230.131.22	200197 (HYBRID-PO...) (HYBRID-POLAND)
3 3	82.148.20.186 82.148.20.186	50340 (SELECTEL-MSK) (SELECTEL-MSK)
5 5	217.66.147.39 217.66.147.39	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
8 8	217.66.147.33 217.66.147.33	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
5 5	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
2 2	130.193.58.13 130.193.58.13	200350 (YANDEXCLOUD) (YANDEXCLOUD)
5 6	185.15.175.145 185.15.175.145	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
5 6	217.199.220.44 217.199.220.44	61400 (NETRACK-AS) (NETRACK-AS)
3 4	188.42.105.236 188.42.105.236	7979 (SERVERS-COM) (SERVERS-COM)
3	138.201.65.75 138.201.65.75	24940 (HETZNER-AS) (HETZNER-AS)
1	138.201.8.249 138.201.8.249	24940 (HETZNER-AS) (HETZNER-AS)
1	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	94.130.13.220 94.130.13.220	24940 (HETZNER-AS) (HETZNER-AS)
1 1	2a02:2d8:0:c0... 2a02:2d8:0:c00c::4	9002 (RETN-AS) (RETN-AS)
2 3	195.209.108.58 195.209.108.58	52007 (ADRIVER) (ADRIVER)
2 4	81.222.128.214 81.222.128.214	20597 (ELTEL-AS) (ELTEL-AS)
1	2606:4700:20:... 2606:4700:20::681a:6bd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	185.15.175.130 185.15.175.130	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
3 3	213.239.194.43 213.239.194.43	24940 (HETZNER-AS) (HETZNER-AS)
1 1	94.228.127.171 94.228.127.171	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1 1	83.222.96.170 83.222.96.170	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
1	5.189.234.229 5.189.234.229	49505 (SELECTEL) (SELECTEL)
1 1	46.243.142.48 46.243.142.48	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 1	5.200.50.170 5.200.50.170	48096 (ITGRAD) (ITGRAD)
2 2	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	65.109.23.99 65.109.23.99	24940 (HETZNER-AS) (HETZNER-AS)
1 2	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
4 5	89.108.120.68 89.108.120.68	197695 (AS-REG) (AS-REG)
2 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
6 9	31.172.81.172 31.172.81.172	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	80.87.198.24 80.87.198.24	29182 (RU-JSCIOT) (RU-JSCIOT)
35	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3 4	167.235.186.113 167.235.186.113	24940 (HETZNER-AS) (HETZNER-AS)
1 1	23.111.107.44 23.111.107.44	39134 (UNITEDNET) (UNITEDNET)
2	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2 2	167.235.117.41 167.235.117.41	24940 (HETZNER-AS) (HETZNER-AS)
1	37.18.110.198 37.18.110.198	208677 (CLOUDRU-AS) (CLOUDRU-AS)
2 3	83.222.117.90 83.222.117.90	42632 (MNOGOBYTE...) (MNOGOBYTE-AS Moscow)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
4 4	185.40.31.214 185.40.31.214	61400 (NETRACK-AS) (NETRACK-AS)
2	2a00:1148:db0... 2a00:1148:db00::17	47764 (VK-AS) (VK-AS)
1	91.192.148.52 91.192.148.52	42481 (BEGUN-AS) (BEGUN-AS)
1 1	45.139.25.124 45.139.25.124	34959 (PROCLOUD ...) (PROCLOUD PROCLOUD MSK)
1 2	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	185.40.155.13 185.40.155.13	21030 (CDNNOW-AS) (CDNNOW-AS)
8	195.191.235.32 195.191.235.32	208566 (ROZETKA-AS) (ROZETKA-AS)
1 1	193.169.200.3 193.169.200.3	198738 (SMARTTELE...) (SMARTTELECOM-AS)
1	50.7.231.242 50.7.231.242	174 (COGENT-174) (COGENT-174)
12	2606:4700:303... 2606:4700:3034::6815:393c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
8 23	2a02:6b8:a::a 2a02:6b8:a::a	13238 (YANDEX) (YANDEX)
3	87.250.251.119 87.250.251.119	13238 (YANDEX) (YANDEX)
12	2a02:6b8::184 2a02:6b8::184	13238 (YANDEX) (YANDEX)
12	2a02:6b8::36 2a02:6b8::36	13238 (YANDEX) (YANDEX)
4	178.154.131.216 178.154.131.216	13238 (YANDEX) (YANDEX)
1 1	35.177.4.157 35.177.4.157	16509 (AMAZON-02) (AMAZON-02)
1 2	52.19.219.1 52.19.219.1	16509 (AMAZON-02) (AMAZON-02)
1	52.45.175.185 52.45.175.185	14618 (AMAZON-AES) (AMAZON-AES)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	144.126.246.116 144.126.246.116	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	18.195.61.190 18.195.61.190	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:6d0:4001... 2001:6d0:4001::226	52016 (ADFACT) (ADFACT)
1	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	185.151.241.151 185.151.241.151	49505 (SELECTEL) (SELECTEL)
1	34.247.112.223 34.247.112.223	16509 (AMAZON-02) (AMAZON-02)
1 1	51.250.81.61 51.250.81.61	200350 (YANDEXCLOUD) (YANDEXCLOUD)
1 1	45.9.26.83 45.9.26.83	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 1	91.192.150.14 91.192.150.14	42481 (BEGUN-AS) (BEGUN-AS)
1	2606:4700:20:... 2606:4700:20::ac43:48bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	77.244.216.90 77.244.216.90	49505 (SELECTEL) (SELECTEL)
1 2	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1 1	178.170.195.115 178.170.195.115	208677 (CLOUDRU-AS) (CLOUDRU-AS)
1 1	46.243.172.93 46.243.172.93	208677 (CLOUDRU-AS) (CLOUDRU-AS)
356	59

26 2a06:98c1:3120::9 (United States)

ASN13335 (CLOUDFLARENET, US)

11jan.newdeaf.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.21.196.16 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.16.196.21.65.clients.your-server.de

aj1907.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3034::6815:4526 (United States)

ASN13335 (CLOUDFLARENET, US)

vak345.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2606:4700:3035::6815:36ca (United States)

ASN13335 (CLOUDFLARENET, US)

deaf.cdnlbox.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.cdnlbox.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 2a02:6b8::1:119 (Russian Federation) 4 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:e9f8 (United States)

ASN13335 (CLOUDFLARENET, US)

data.ufcplayer.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a06:98c1:3121::3 (United States) 18 redirects

ASN13335 (CLOUDFLARENET, US)

poster.newdeaf.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
msk-reality.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 193.200.65.149 (Amsterdam, Netherlands) 13 redirects

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

code.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 193.200.65.146 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: unallocated.giveme.network

logger.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.53.214 (None, )

ASN13335 (CLOUDFLARENET, US)

videotoday.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.96.52 (Russian Federation)

ASN39134 (UNITEDNET, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6ea0:c700::21 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn77-fs.aj1907.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

pimg.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:9f81 (United States)

ASN13335 (CLOUDFLARENET, US)

static.moviead55.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 193.3.184.137 (Russian Federation) 6 redirects

ASN50214 (QWARTA, RU)
PTR: asrv321.qwarta.ru

www.acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acint.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.232.150.150 (Russian Federation) 5 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp5.senders.yappy.one

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 96.46.186.61 (United States) 6 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.9.235 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.235.9.235.167.clients.your-server.de

match.ohmy.bid	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.3.184.211 (Russian Federation) 2 redirects

ASN50214 (QWARTA, RU)

ssp-rtb.sape.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.230.131.22 (Amsterdam, Netherlands)

ASN200197 (HYBRID-POLAND, PL)

dm-eu.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 82.148.20.186 (Moscow, Russian Federation) 3 redirects

ASN50340 (SELECTEL-MSK, RU)

sync.opendsp.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 217.66.147.39 (St Petersburg, Russian Federation) 5 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-39-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 217.66.147.33 (St Petersburg, Russian Federation) 8 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-33-147-66-217.spbmts.ru

vma.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.87.44.187 (Russian Federation) 5 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.193.58.13 (Russian Federation) 2 redirects

ASN200350 (YANDEXCLOUD, RU)

pixel.konnektu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.15.175.145 (Russian Federation) 5 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.199.220.44 (Russian Federation) 5 redirects

ASN61400 (NETRACK-AS, RU)
PTR: s4.kimberlite.io

kimberlite.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.42.105.236 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

sync.gonet-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.65.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.75.65.201.138.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.8.249 (Ergolding, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.249.8.201.138.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

a.videohead.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.130.13.220 (Nuremberg, Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.220.13.130.94.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2d8:0:c00c::4 (United Kingdom) 1 redirects

ASN9002 (RETN-AS, GB)

otclick-adv.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.209.108.58 (Russian Federation) 2 redirects

ASN52007 (ADRIVER, RU)

ev.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 81.222.128.214 (Russian Federation) 2 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad14.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6bd (United States)

ASN13335 (CLOUDFLARENET, US)

a.utraff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.15.175.130 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)

tag.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.239.194.43 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: prod-hzeu-bidder-7.community.moscow

sync.upravel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.228.127.171 (St Petersburg, Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)
PTR: da21112.timeweb.ru

s.ccsyncuuid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 83.222.96.170 (Russian Federation) 1 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

ssp.bestssp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.189.234.229 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)

sync.adspend.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.48 (Moscow, Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr16.segmento.ru

sape-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.200.50.170 (Russian Federation) 1 redirects

ASN48096 (ITGRAD, RU)

ads.adlook.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.220.27.134 (Amsterdam, Netherlands) 2 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.109.23.99 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.99.23.109.65.clients.your-server.de

ssp.bidvol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 1 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 89.108.120.68 (Russian Federation) 4 redirects

ASN197695 (AS-REG, RU)
PTR: d51803.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 31.172.81.172 (Germany) 6 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pix.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.87.198.24 (Moscow, Russian Federation) 1 redirects

ASN29182 (RU-JSCIOT, RU)
PTR: sync07.platforma.id

a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a02:6b8::90 (Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.235.186.113 (Germany) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.113.186.235.167.clients.your-server.de

nr.bidderstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.107.44 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

cs.agency2.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.235.117.41 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.41.117.235.167.clients.your-server.de

sync.programmatica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.110.198 (Russian Federation)

ASN208677 (CLOUDRU-AS, RU)

dmp.sbermarketing.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.222.117.90 (Russian Federation) 2 redirects

ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU)

adx.com.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.40.31.214 (Moscow, Russian Federation) 4 redirects

ASN61400 (NETRACK-AS, RU)

sync.dsp.solta.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.148.52 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.139.25.124 (Moscow, Russian Federation) 1 redirects

ASN34959 (PROCLOUD PROCLOUD MSK, RU)

ssp.afp.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.40.155.13 (Russian Federation)

ASN21030 (CDNNOW-AS, RU)

user91471.clients-cdnnow.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 195.191.235.32 (Warsaw, Poland)

ASN208566 (ROZETKA-AS, PL)
PTR: unallocated.giveme.network

static.filmskino.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.169.200.3 (New York, United States) 1 redirects

ASN198738 (SMARTTELECOM-AS, SC)

cdn-t.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.7.231.242 (Halfweg, Netherlands)

ASN174 (COGENT-174, US)

cdn4.vb17123filippaaniketos.pw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3034::6815:393c (United States)

ASN13335 (CLOUDFLARENET, US)

borzjournal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a02:6b8:20::215 (Russian Federation)

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:6b8:a::a (Russian Federation) 8 redirects

ASN13238 (YANDEX, RU)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::184 (Russian Federation)

ASN13238 (YANDEX, RU)

avatars.mds.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::36 (Russian Federation)

ASN13238 (YANDEX, RU)

favicon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.154.131.216 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.4.157 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-4-157.eu-west-2.compute.amazonaws.com

px.arcspire.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.219.1 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-219-1.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com

im.bluevoox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.126.246.116 (Frankfurt am Main, Germany) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

yandex.digital-services.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.61.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (ADFACT, RU)

cm.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.151.241.151 (St Petersburg, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

dsp.mpartner.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.112.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-112-223.eu-west-1.compute.amazonaws.com

euw-ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.250.81.61 (Russian Federation) 1 redirects

ASN200350 (YANDEXCLOUD, RU)

eye.targetads.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.9.26.83 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr03.segmento.ru

solta-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.14 (Russian Federation) 1 redirects

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:48bf (United States)

ASN13335 (CLOUDFLARENET, US)

rtb-eu-warsaw.intent.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.244.216.90 (St Petersburg, Russian Federation) 1 redirects

ASN49505 (SELECTEL, RU)

shopnetic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.217.109.66 (Helsinki, Finland) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

sonar.semantiqo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.195.115 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr18.segmento.ru

yandex-dmp-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.172.93 (Russian Federation) 1 redirects

ASN208677 (CLOUDRU-AS, RU)
PTR: fr17.segmento.ru

yandex-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	yandex.ru 10 redirects mc.yandex.ru — Cisco Umbrella Rank: 2266 an.yandex.ru — Cisco Umbrella Rank: 4780 yandex.ru — Cisco Umbrella Rank: 1186 ysa-static.passport.yandex.ru Failed	509 KB
44	newdeaf.co 18 redirects 11jan.newdeaf.co poster.newdeaf.co	402 KB
32	yastatic.net yastatic.net — Cisco Umbrella Rank: 3750	869 KB
30	moviead55.ru 13 redirects code.moviead55.ru — Cisco Umbrella Rank: 43046 logger.moviead55.ru — Cisco Umbrella Rank: 51235 static.moviead55.ru — Cisco Umbrella Rank: 76074	131 KB
28	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 6227	6 KB
26	cdnlbox.club deaf.cdnlbox.club static.cdnlbox.club	1016 KB
24	yandex.net avatars.mds.yandex.net — Cisco Umbrella Rank: 4522 favicon.yandex.net — Cisco Umbrella Rank: 6154	177 KB
24	acint.net 6 redirects www.acint.net — Cisco Umbrella Rank: 19055 acint.net — Cisco Umbrella Rank: 15362	11 KB
18	mts.ru 18 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 24031 vma.mts.ru — Cisco Umbrella Rank: 25906 tech.rtb.mts.ru — Cisco Umbrella Rank: 28977	11 KB
13	aj1907.online aj1907.online — Cisco Umbrella Rank: 47491 cdn77-fs.aj1907.online — Cisco Umbrella Rank: 114947	273 KB
12	borzjournal.ru borzjournal.ru	506 KB
10	bumlam.com 7 redirects sync.bumlam.com — Cisco Umbrella Rank: 6608 pix.bumlam.com — Cisco Umbrella Rank: 69237 a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com	6 KB
8	filmskino.site static.filmskino.site — Cisco Umbrella Rank: 263439	1 MB
8	digitaltarget.ru 5 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 15901 tag.digitaltarget.ru — Cisco Umbrella Rank: 79752	23 KB
8	betweendigital.com 6 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2456	5 KB
8	adriver.ru 4 redirects content.adriver.ru — Cisco Umbrella Rank: 20589 ev.adriver.ru — Cisco Umbrella Rank: 20910 ssp.adriver.ru — Cisco Umbrella Rank: 19250	17 KB
6	kimberlite.io 5 redirects kimberlite.io — Cisco Umbrella Rank: 20692	3 KB
5	aidata.io 4 redirects x01.aidata.io — Cisco Umbrella Rank: 11426	3 KB
5	adhigh.net 5 redirects px.adhigh.net — Cisco Umbrella Rank: 14045	2 KB
4	msk-reality.ru msk-reality.ru	17 KB
4	mail.ru 1 redirects ad.mail.ru — Cisco Umbrella Rank: 6579 top-fwz1.mail.ru — Cisco Umbrella Rank: 6150	3 KB
4	solta.io 4 redirects sync.dsp.solta.io — Cisco Umbrella Rank: 30951	876 B
4	bidderstack.com 3 redirects nr.bidderstack.com — Cisco Umbrella Rank: 28552	1 KB
4	rutarget.ru 4 redirects sape-sync.rutarget.ru — Cisco Umbrella Rank: 100243 solta-sync.rutarget.ru — Cisco Umbrella Rank: 42596 yandex-dmp-sync.rutarget.ru — Cisco Umbrella Rank: 48950 yandex-sync.rutarget.ru — Cisco Umbrella Rank: 49171	2 KB
4	gonet-ads.com 3 redirects sync.gonet-ads.com — Cisco Umbrella Rank: 29191	1 KB
4	hybrid.ai dm-eu.hybrid.ai — Cisco Umbrella Rank: 13881 dm.hybrid.ai — Cisco Umbrella Rank: 22151	1 KB
4	vb17123filippaaniketos.pw 1 redirects pimg.vb17123filippaaniketos.pw — Cisco Umbrella Rank: 59077 cdn-t.vb17123filippaaniketos.pw — Cisco Umbrella Rank: 58110 cdn4.vb17123filippaaniketos.pw — Cisco Umbrella Rank: 98457	319 KB
4	ufcplayer.ru data.ufcplayer.ru	238 KB
3	doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 338	873 B
3	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 14378 cr.frontend.weborama.fr — Cisco Umbrella Rank: 22624	998 B
3	com.ru 2 redirects adx.com.ru — Cisco Umbrella Rank: 31037	786 B
3	upravel.com 3 redirects sync.upravel.com — Cisco Umbrella Rank: 27145	2 KB
3	buzzoola.com 3 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 14487	541 B
3	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 18042	205 B
3	opendsp.ru 3 redirects sync.opendsp.ru — Cisco Umbrella Rank: 39538	705 B
2	semantiqo.com 1 redirects sonar.semantiqo.com — Cisco Umbrella Rank: 48099	976 B
2	shopnetic.com 1 redirects shopnetic.com — Cisco Umbrella Rank: 44700	545 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 313	1 KB
2	rambler.ru 1 redirects sync.rambler.ru — Cisco Umbrella Rank: 30154 profile.ssp.rambler.ru — Cisco Umbrella Rank: 33592	400 B
2	programmatica.com 2 redirects sync.programmatica.com — Cisco Umbrella Rank: 44987	490 B
2	adkernel.com sync.adkernel.com — Cisco Umbrella Rank: 2504	224 B
2	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 7553	619 B
2	new-programmatic.com 1 redirects match.new-programmatic.com — Cisco Umbrella Rank: 27239	477 B
2	uuidksinc.net 2 redirects s.uuidksinc.net — Cisco Umbrella Rank: 10841	409 B
2	konnektu.ru 2 redirects pixel.konnektu.ru — Cisco Umbrella Rank: 54345	274 B
2	sape.ru 2 redirects ssp-rtb.sape.ru — Cisco Umbrella Rank: 18440	1 KB
2	ohmy.bid 2 redirects match.ohmy.bid — Cisco Umbrella Rank: 41489	455 B
2	videotoday.site videotoday.site — Cisco Umbrella Rank: 84024	23 KB
2	vak345.com vak345.com — Cisco Umbrella Rank: 77376	21 KB
1	intent.ai rtb-eu-warsaw.intent.ai — Cisco Umbrella Rank: 47655	831 B
1	targetads.io 1 redirects eye.targetads.io — Cisco Umbrella Rank: 45519	169 B
1	360yield.com euw-ice.360yield.com — Cisco Umbrella Rank: 12179	199 B
1	mpartner.digital 1 redirects dsp.mpartner.digital — Cisco Umbrella Rank: 47309	374 B
1	tns-counter.ru 1 redirects cm.tns-counter.ru — Cisco Umbrella Rank: 47325	388 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 590	146 B
1	digital-services.solutions 1 redirects yandex.digital-services.solutions — Cisco Umbrella Rank: 32403	274 B
1	bluevoox.com im.bluevoox.com — Cisco Umbrella Rank: 30932	241 B
1	arcspire.io 1 redirects px.arcspire.io — Cisco Umbrella Rank: 45730	317 B
1	clients-cdnnow.ru user91471.clients-cdnnow.ru — Cisco Umbrella Rank: 111963	95 KB
1	afp.ai 1 redirects ssp.afp.ai — Cisco Umbrella Rank: 22942	297 B
1	sbermarketing.ru dmp.sbermarketing.ru — Cisco Umbrella Rank: 57082	667 B
1	agency2.ru 1 redirects cs.agency2.ru — Cisco Umbrella Rank: 78704	753 B
1	bidvol.com 1 redirects ssp.bidvol.com — Cisco Umbrella Rank: 26393	484 B
1	adlook.me 1 redirects ads.adlook.me — Cisco Umbrella Rank: 28666	304 B
1	adspend.space sync.adspend.space — Cisco Umbrella Rank: 37326	46 B
1	bestssp.com 1 redirects ssp.bestssp.com — Cisco Umbrella Rank: 38791	169 B
1	ccsyncuuid.net 1 redirects s.ccsyncuuid.net — Cisco Umbrella Rank: 49716	199 B
1	utraff.com a.utraff.com — Cisco Umbrella Rank: 29928	749 B
1	otclick-adv.ru 1 redirects otclick-adv.ru — Cisco Umbrella Rank: 58048	406 B
1	videohead.tech a.videohead.tech — Cisco Umbrella Rank: 63828	684 B
1	richaudience.com sync.richaudience.com — Cisco Umbrella Rank: 2667
0	whiteboxdigital.ru Failed mitdmp.whiteboxdigital.ru Failed
356	72

	Domain	Requested by
35	an.yandex.ru	www.acint.net borzjournal.ru
32	yastatic.net	borzjournal.ru yastatic.net 11jan.newdeaf.co data.ufcplayer.ru
28	mc.yandex.com	2 redirects 11jan.newdeaf.co mc.yandex.ru
26	11jan.newdeaf.co	11jan.newdeaf.co
25	code.moviead55.ru	13 redirects vak345.com 11jan.newdeaf.co static.moviead55.ru
23	yandex.ru	8 redirects borzjournal.ru yastatic.net data.ufcplayer.ru
21	mc.yandex.ru	2 redirects 11jan.newdeaf.co borzjournal.ru mc.yandex.ru yastatic.net data.ufcplayer.ru
18	static.cdnlbox.club	11jan.newdeaf.co
18	poster.newdeaf.co	18 redirects
17	www.acint.net	4 redirects videotoday.site www.acint.net
12	favicon.yandex.net	yastatic.net
12	avatars.mds.yandex.net	yastatic.net
12	borzjournal.ru	data.ufcplayer.ru borzjournal.ru
8	static.filmskino.site	user91471.clients-cdnnow.ru
8	vma.mts.ru	8 redirects
8	ads.betweendigital.com	6 redirects 11jan.newdeaf.co
8	deaf.cdnlbox.club	11jan.newdeaf.co
7	acint.net	2 redirects www.acint.net
7	aj1907.online	11jan.newdeaf.co aj1907.online
6	sync.bumlam.com	4 redirects www.acint.net
6	kimberlite.io	5 redirects
6	dmg.digitaltarget.ru	5 redirects 11jan.newdeaf.co
6	cdn77-fs.aj1907.online	aj1907.online cdn77-fs.aj1907.online 11jan.newdeaf.co
5	x01.aidata.io	4 redirects www.acint.net
5	tech.rtb.mts.ru	5 redirects
5	sm.rtb.mts.ru	5 redirects
5	px.adhigh.net	5 redirects
4	msk-reality.ru	data.ufcplayer.ru msk-reality.ru
4	sync.dsp.solta.io	4 redirects
4	nr.bidderstack.com	3 redirects
4	ssp.adriver.ru	2 redirects www.acint.net
4	sync.gonet-ads.com	3 redirects www.acint.net
4	logger.moviead55.ru	11jan.newdeaf.co
4	data.ufcplayer.ru	11jan.newdeaf.co data.ufcplayer.ru
3	cm.g.doubleclick.net
3	adx.com.ru	2 redirects www.acint.net
3	pix.bumlam.com	2 redirects www.acint.net
3	sync.upravel.com	3 redirects
3	ev.adriver.ru	2 redirects content.adriver.ru
3	exchange.buzzoola.com	3 redirects
3	sync.dmp.otm-r.com	11jan.newdeaf.co www.acint.net
3	sync.opendsp.ru	3 redirects
2	sonar.semantiqo.com	1 redirects
2	shopnetic.com	1 redirects
2	dm.hybrid.ai
2	dpm.demdex.net	1 redirects
2	top-fwz1.mail.ru	1 redirects www.acint.net
2	ad.mail.ru	www.acint.net
2	redirect.frontend.weborama.fr	2 redirects
2	sync.programmatica.com	2 redirects
2	sync.adkernel.com	www.acint.net
2	counter.yadro.ru	2 redirects
2	match.new-programmatic.com	1 redirects www.acint.net
2	s.uuidksinc.net	2 redirects
2	tag.digitaltarget.ru	www.acint.net tag.digitaltarget.ru
2	pixel.konnektu.ru	2 redirects
2	dm-eu.hybrid.ai	11jan.newdeaf.co www.acint.net
2	ssp-rtb.sape.ru	2 redirects
2	match.ohmy.bid	2 redirects
2	pimg.vb17123filippaaniketos.pw	11jan.newdeaf.co
2	videotoday.site	vak345.com static.moviead55.ru
2	vak345.com	11jan.newdeaf.co
1	yandex-sync.rutarget.ru	1 redirects
1	yandex-dmp-sync.rutarget.ru	1 redirects
1	rtb-eu-warsaw.intent.ai
1	profile.ssp.rambler.ru	1 redirects
1	solta-sync.rutarget.ru	1 redirects
1	eye.targetads.io	1 redirects
1	euw-ice.360yield.com
1	dsp.mpartner.digital	1 redirects
1	cr.frontend.weborama.fr
1	cm.tns-counter.ru	1 redirects
1	x.bidswitch.net
1	yandex.digital-services.solutions	1 redirects
1	im.bluevoox.com
1	px.arcspire.io	1 redirects
1	cdn4.vb17123filippaaniketos.pw
1	cdn-t.vb17123filippaaniketos.pw	1 redirects
1	user91471.clients-cdnnow.ru	videotoday.site
1	ssp.afp.ai	1 redirects
1	sync.rambler.ru	www.acint.net
1	dmp.sbermarketing.ru	www.acint.net
1	cs.agency2.ru	1 redirects
1	a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com	1 redirects
1	ssp.bidvol.com	1 redirects
1	ads.adlook.me	1 redirects
1	sape-sync.rutarget.ru	1 redirects
1	sync.adspend.space	www.acint.net
1	ssp.bestssp.com	1 redirects
1	s.ccsyncuuid.net	1 redirects
1	a.utraff.com	www.acint.net
1	otclick-adv.ru	1 redirects
1	a.videohead.tech	11jan.newdeaf.co
1	sync.richaudience.com	11jan.newdeaf.co
1	static.moviead55.ru	11jan.newdeaf.co
1	content.adriver.ru	code.moviead55.ru
0	mitdmp.whiteboxdigital.ru Failed
0	ysa-static.passport.yandex.ru Failed
356	98

This site contains links to these domains. Also see Links.

Domain
go.lordfilmez.com
deaf-mirror.info
t.me

Subject Issuer	Validity	Valid
newdeaf.co GTS CA 1P5	`2023-12-27` - `2024-03-26`	3 months	crt.sh
aj1907.online R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-10` - `2024-03-09`	a year	crt.sh
cdnlbox.club GTS CA 1P5	`2024-01-07` - `2024-04-06`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-12-26` - `2024-06-05`	5 months	crt.sh
ufcplayer.ru GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.moviead55.ru R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
videotoday.site GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2023-03-07` - `2024-04-07`	a year	crt.sh
1695510202.rsc.cdn77.org R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
vb17123filippaaniketos.pw GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
moviead55.ru GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.acint.net R3	`2023-12-31` - `2024-03-30`	3 months	crt.sh
utraff.com GTS CA 1P5	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2023-09-14` - `2024-09-13`	a year	crt.sh
*.digitaltarget.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G4	`2023-06-19` - `2024-07-20`	a year	crt.sh
adspend.space R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
new-programmatic.com R3	`2024-01-05` - `2024-04-04`	3 months	crt.sh
*.gonet-ads.com Sectigo RSA Organization Validation Secure Server CA	`2023-06-07` - `2024-06-11`	a year	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-09-24` - `2024-03-24`	6 months	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2023-10-06` - `2024-11-06`	a year	crt.sh
sync.rambler.ru R3	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.clients-cdnnow.ru R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
static.filmskino.site R3	`2023-12-02` - `2024-03-01`	3 months	crt.sh
borzjournal.ru GTS CA 1P5	`2023-12-01` - `2024-02-29`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2023-12-13` - `2024-06-11`	6 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2023-10-26` - `2024-04-24`	6 months	crt.sh
msk-reality.ru E1	`2023-11-26` - `2024-02-24`	3 months	crt.sh
*.avatars.yandex.net GlobalSign RSA OV SSL CA 2018	`2023-09-11` - `2024-04-12`	7 months	crt.sh
favicon.yandex.net GlobalSign ECC OV SSL CA 2018	`2023-10-19` - `2024-03-19`	5 months	crt.sh
*.frontend.weborama.fr Gandi Standard SSL CA 2	`2023-02-22` - `2024-03-24`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
intent.ai GTS CA 1P5	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bumlam.com R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Frame ID: 973DD207A2FF6CCE994D36A1B365F952
Requests: 98 HTTP requests in this frame

Frame: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=6082be0687c78f67f9cde54fd23ce155&cb=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=261&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&frnd=true
Frame ID: 2FB36B2314A8A282C6169D33ED8D73D2
Requests: 24 HTTP requests in this frame

Frame: https://code.moviead55.ru/go/bmap?v=6082be0687c78f67f9cde54fd23ce155&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html
Frame ID: 598A512430EE1C0FD1A3A54B9CEB9F6D
Requests: 3 HTTP requests in this frame

Frame: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
Frame ID: 59EE775A9274961BCF3B42E3ED62A045
Requests: 6 HTTP requests in this frame

Frame: https://www.acint.net/mc/?dp=167&tc=1
Frame ID: 66DDEC026D10095231EC0643C854693B
Requests: 40 HTTP requests in this frame

Frame: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
Frame ID: AB50CDC5D96F1ABE4EDF3DBD3FFF8BB0
Requests: 17 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910
Frame ID: 19F4EE7DFBDC1F2A78C047D3B46B157E
Requests: 28 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633
Frame ID: CE53D2721F6B1F8BE675934824785ED6
Requests: 28 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135
Frame ID: B212D91988CF67623580BBE2D6C86FEC
Requests: 27 HTTP requests in this frame

Frame: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
Frame ID: 1E4846A5D5769808B663ADF9363C4CC7
Requests: 4 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bloha.ru&id=4567093&pl=1&statId=111&_t=7790
Frame ID: A5EFD4F4F9F3179136B07FB448A279EC
Requests: 3 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: FB215F05884FF32535334FE7E24BAEE4
Requests: 49 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=tehno-rating.ru&id=4384699&pl=1&statId=111&_t=18899
Frame ID: 8B06680C1F4A3293C1C0A11693158DCC
Requests: 3 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: BBAF1D304C742C27A76F3C79EE0E085A
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=29795
Frame ID: 2804579A684812822CCAD6CC2F66DA04
Requests: 3 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=14192
Frame ID: 5AE33E62B1F4B6AB8BDB4BF5650A9728
Requests: 3 HTTP requests in this frame

Frame: https://data.ufcplayer.ru/vhook/v7/rtb2/RTBs5.html?domian=forum.awd.ru&id=4510786&pl=1&statId=111&_t=83075
Frame ID: B95D6D593AD7F20C2AAB726B705C6EBC
Requests: 13 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bankstoday.net&id=3256559&pl=1&statId=111&_t=82131
Frame ID: 319F5B9B07A368C572CD76EFC9A911EE
Requests: 1 HTTP requests in this frame

Frame: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
Frame ID: 9A48C3D0E12D92AB4D335DFE1E3C0854
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=77931
Frame ID: 5E73C0A013CD4CA040D58953035D19FD
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBfc.html?domian=appleinsider.ru&id=2914549&pl=2&statId=111&_t=74994
Frame ID: A42C85B38A8BD51829434B5EF2B048D3
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=83661
Frame ID: E0C3525AA38304D228E324F55DCB1319
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=45539
Frame ID: 78A33FEE591D5270D829822FC60F2979
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBfc.html?domian=appleinsider.ru&id=2914549&pl=2&statId=111&_t=23371
Frame ID: 6849B485677255B6045CFD19EB1DF34F
Requests: 1 HTTP requests in this frame

Frame: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bankstoday.net&id=3256559&pl=1&statId=111&_t=14944
Frame ID: CC834C887171F9A7AFF83DB0E30A787D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NewDeaf | Сериал Красный дерматин 1 сезон все серии с русскими субтитрами

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

356
Requests

67 %
HTTPS

22 %
IPv6

72
Domains

98
Subdomains

59
IPs

10
Countries

6149 kB
Transfer

15355 kB
Size

139
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://go.lordfilmez.com/?r

Search URL Search Domain Scan URL

URL: https://deaf-mirror.info/
Title: Информация о зеркале

Search URL Search Domain Scan URL

URL: https://t.me/deafrelease
Title: Мы в чате Telegram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://poster.newdeaf.co/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp HTTP 301
https://static.cdnlbox.club/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp

Request Chain 40

https://poster.newdeaf.co/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp

Request Chain 41

https://poster.newdeaf.co/poster/web/2024/ec40676c47043f03861f60910f495e52.webp HTTP 301
https://static.cdnlbox.club/poster/web/2024/ec40676c47043f03861f60910f495e52.webp

Request Chain 42

https://poster.newdeaf.co/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp HTTP 301
https://static.cdnlbox.club/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp

Request Chain 43

https://poster.newdeaf.co/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp

Request Chain 44

https://poster.newdeaf.co/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp HTTP 301
https://static.cdnlbox.club/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp

Request Chain 45

https://poster.newdeaf.co/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp

Request Chain 46

https://poster.newdeaf.co/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp HTTP 301
https://static.cdnlbox.club/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp

Request Chain 47

https://poster.newdeaf.co/poster/web/2023/192276389895b0738b94c2593770688b.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/192276389895b0738b94c2593770688b.webp

Request Chain 48

https://poster.newdeaf.co/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp HTTP 301
https://static.cdnlbox.club/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp

Request Chain 49

https://poster.newdeaf.co/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp HTTP 301
https://static.cdnlbox.club/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp

Request Chain 50

https://poster.newdeaf.co/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp HTTP 301
https://static.cdnlbox.club/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp

Request Chain 51

https://poster.newdeaf.co/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp HTTP 301
https://static.cdnlbox.club/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp

Request Chain 52

https://poster.newdeaf.co/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp

Request Chain 53

https://poster.newdeaf.co/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp

Request Chain 54

https://poster.newdeaf.co/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp HTTP 301
https://static.cdnlbox.club/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp

Request Chain 55

https://poster.newdeaf.co/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp HTTP 301
https://static.cdnlbox.club/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp

Request Chain 56

https://poster.newdeaf.co/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp HTTP 301
https://static.cdnlbox.club/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp

Request Chain 73

https://www.acint.net/mc/?dp=167 HTTP 302
https://www.acint.net/mc/?dp=167&tc=1

Request Chain 75

https://code.moviead55.ru/go/cinit?cn=gtnt&rnd=1705012928 HTTP 301
https://px.adhigh.net/p/cm/skyadvert?u=add8bd3b-4ed7-9015-57f1-f41636ac1a47 HTTP 302
https://px.adhigh.net/p/cm/skyadvert?u=add8bd3b-4ed7-9015-57f1-f41636ac1a47&bounced=1 HTTP 302
https://code.moviead55.ru/go/csync?cn=gtnt&bid=mBicfCvh9k.AikABlGM-rCiLQ

Request Chain 76

https://code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1705012928 HTTP 301
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D&crf=1&rts=3166442138956273816 HTTP 302
https://code.moviead55.ru/go/csync?cn=btwcookie&bid=a46c61bc-ab6c-530c-969e-4bf8f33e2539

Request Chain 77

https://code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1705012928 HTTP 301
https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=ohmybid&bid=afd95819-3348-4710-99c9-ecabea747151

Request Chain 78

https://code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1705012928 HTTP 301
https://www.acint.net/rmatch?dp=167&euid=967cde82-8a9f-f415-37f7-d94edb33f326&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D HTTP 302
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=967cde82-8a9f-f415-37f7-d94edb33f326 HTTP 302
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%257BUSER_ID%257D&dp=14 HTTP 302
https://acint.net/rmatch?dp=14&euid=5103420AC16EA0650F025319028C19A1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007FC06EA0651236754E02EF6FDB

Request Chain 79

https://code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1705012928 HTTP 301
https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

Request Chain 80

https://code.moviead55.ru/go/cinit?cn=dgm&rnd=1705012928 HTTP 301
https://sync.opendsp.ru/match/MovieAds?id=0af0207a-213a-2f83-526e-1cfe31908e71 HTTP 302
https://sync.opendsp.ru/match/MovieAds?id=0af0207a-213a-2f83-526e-1cfe31908e71&chk=1 HTTP 302
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=OTg5YzgzNmQxZGQ1MTY1 HTTP 301
https://vma.mts.ru/match/second?ssp=67&exu=OTg5YzgzNmQxZGQ1MTY1 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D67%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://vma.mts.ru/em?next=67&em=1&ssp=konnektu&id= HTTP 301
https://sync.opendsp.ru/match/mts_dsp?id=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd HTTP 302
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=t0rwwq8hevj9&e=OTg5YzgzNmQxZGQ1MTY1

Request Chain 81

https://code.moviead55.ru/go/cinit?cn=solta&rnd=1705012928 HTTP 301
https://kimberlite.io/rtb/sync/skyadvert?u=1464ea02-822d-3c29-cdf0-b61f9662fd36 HTTP 307
https://code.moviead55.ru/go/csync?cn=solta&bid=ZaBuwUvMwlo

Request Chain 82

https://code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1705012928 HTTP 301
https://sync.gonet-ads.com/match/SkyAdvert?id=017c14ba-0f2a-c886-2cf1-398bc076149c HTTP 302
https://sync.gonet-ads.com/match/SkyAdvert?id=017c14ba-0f2a-c886-2cf1-398bc076149c&chk=1 HTTP 302
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw HTTP 302
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw&crf=1&rts=7414250997729777857

Request Chain 83

https://code.moviead55.ru/go/cinit?cn=otmbid&rnd=1705012928 HTTP 301
https://sync.dmp.otm-r.com/match/skyadvert

Request Chain 84

https://code.moviead55.ru/go/cinit?cn=snmd&rnd=1705012928 HTTP 301
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D

Request Chain 85

https://code.moviead55.ru/go/cinit?cn=vhd&rnd=1705012928 HTTP 301
https://a.videohead.tech/sync?ssp=sky_new

Request Chain 86

https://code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1705012928 HTTP 301
https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D HTTP 301
https://code.moviead55.ru/go/csync?cn=bzcookie&bid=323cd1af-6b51-4e75-4f8d-29eee80843a0

Request Chain 87

https://code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1705012928 HTTP 301
https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D HTTP 302
https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUFobRe90cyZLWh

Request Chain 90

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://acint.net/match?dp=14&euid=1C03420AC16EA065020236AA020D279C

Request Chain 91

https://px.adhigh.net/p/cm/sape?u=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://px.adhigh.net/p/cm/sape?u=0100007FC06EA0651236754E02EF6FDB&bounced=1 HTTP 302
https://acint.net/match?dp=17&euid=mBicfCvh9k.AikABlGM-rCiUg

Request Chain 92

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691 HTTP 302
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5822445519 HTTP 302
https://www.acint.net/rmatch?dp=45&euid=AY9ujBLEfdGFTGx7Qar4mew&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC06EA0651236754E02EF6FDB

Request Chain 97

https://sync.upravel.com/sape/sync HTTP 302
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0 HTTP 302
https://www.acint.net/match?dp=71&euid=69abffb7-1544-4ea1-bd60-eb0dbc5a53ec

Request Chain 98

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://acint.net/match?dp=80&euid=uRQ5ZIRGiFV1McU8LVmg

Request Chain 100

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D HTTP 302
https://www.acint.net/match?dp=95&euid=QYNLJEXD

Request Chain 102

https://sape-sync.rutarget.ru/sync HTTP 302
https://www.acint.net/match?dp=104&euid=F1TL7vPZO2Qt

Request Chain 103

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC06EA0651236754E02EF6FDB&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC06EA0651236754E02EF6FDB&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=-5533959872899251695 HTTP 302
https://acint.net/match?dp=107&euid=995716f2-a6e0-530c-a191-48e3c4312622

Request Chain 104

https://ads.adlook.me/csync?pid=sape&uid=0100007FC06EA0651236754E02EF6FDB&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D HTTP 302
https://acint.net/match?dp=110&euid=b8dfa271632c448c82168c794ab5d36d

Request Chain 105

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FC06EA0651236754E02EF6FDB HTTP 301
https://vma.mts.ru/match/second?ssp=30&exu=0100007FC06EA0651236754E02EF6FDB HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D30%2526em%253D1%2526ssp%253Dkonnektu%2526id%253D%257BUSER_ID%257D HTTP 302
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D HTTP 302
https://vma.mts.ru/em?next=30&em=1&ssp=konnektu&id= HTTP 301
https://www.acint.net/match?dp=125&euid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd

Request Chain 106

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D HTTP 301
https://www.acint.net/match?dp=126&euid=da13de5c-fc6c-4dd8-7065-2b5f6c04f16e

Request Chain 107

https://s.uuidksinc.net/match/396/?remote_uid=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://www.acint.net/match?dp=127&euid=aT31YqMg601MdtMojC5U

Request Chain 108

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1 HTTP 302
https://www.acint.net/match?dp=129&euid=ek6px5znsg

Request Chain 110

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC06EA0651236754E02EF6FDB&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 112

https://sync.bumlam.com/?src=sap1&uid=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjB3YGtBmIgMDEwMDAwN0ZDMDZFQTA2NTEyMzY3NTRFMDJFRjZGREKiARCneAWosNIR7ruxACWQyCQ2

Request Chain 113

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/sync_ok?guid=a77805a8-b0d2-11ee-bbb1-002590c82436 HTTP 302
https://a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com/?src=sape HTTP 302
https://pix.bumlam.com/sync/sape/done

Request Chain 115

https://nr.bidderstack.com/sape/cm?user_id=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://nr.bidderstack.com/sape/cm?user_id=0100007FC06EA0651236754E02EF6FDB&pupa=1 HTTP 302
https://www.acint.net/match?dp=251&euid=53c61e05-d879-6812-eb32-d00afcfb1be5

Request Chain 116

https://cs.agency2.ru/p?ssp=sp&uid=0100007FC06EA0651236754E02EF6FDB HTTP 301
https://www.acint.net/match?dp=186&euid=40326337-2b44-4431-a986-7a0a1cfa90da

Request Chain 117

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D HTTP 302
https://www.acint.net/match?dp=217&euid=afd95819-3348-4710-99c9-ecabea747151

Request Chain 119

https://sync.programmatica.com/match/01 HTTP 302
https://sync.programmatica.com/match/01?chk=1 HTTP 302
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjJmMzNlOWRhMzhkMmYwOQ

Request Chain 120

https://adx.com.ru/sape-sync?uid=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a06ec2f0e01500010dd26f%2526r%253D%26webouid%3D{WEBO_CID} HTTP 307
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a06ec2f0e01500010dd26f%2526r%253D%26webouid%3D%7BWEBO_CID%7D&bounce=1&random=2298166618 HTTP 302
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a06ec2f0e01500010dd26f%26r%3D&webouid=8m7YtixR0uWzgU83EsA.ZO

Request Chain 121

https://kimberlite.io/rtb/sync/sape2?u=0100007FC06EA0651236754E02EF6FDB HTTP 307
https://sync.dsp.solta.io/match/kimberlite?id=ZaBuwUvMwlo HTTP 302
https://sync.dsp.solta.io/match/kimberlite?id=ZaBuwUvMwlo&chk=1 HTTP 302
https://kimberlite.io/rtb/sync/iage?u=NzAyMGMwYTA2MDg0NDgwNw HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaBuwUvMwlo HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZaBuwUvMwlo HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F-5mlqI1FToO7F-2faLSQ3Q%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D0%26sign%3D1812691448 HTTP 302
https://an.yandex.ru/setud/mts_banner/-5mlqI1FToO7F-2faLSQ3Q?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1812691448

Request Chain 122

https://sync.dsp.solta.io/match/sape?id=0100007FC06EA0651236754E02EF6FDB HTTP 302
https://sync.dsp.solta.io/match/sape?id=0100007FC06EA0651236754E02EF6FDB&chk=1 HTTP 302
https://www.acint.net/match?dp=260&euid=NjQ3ODgxODkxYjJjZDQ5OQ

Request Chain 125

https://ssp.afp.ai/api/sync/sape HTTP 302
https://www.acint.net/match?dp=261&euid=f8d6b3d0-6638-4ad2-b58a-817cd0bf2cfd

Request Chain 136

https://dmg.digitaltarget.ru/1/1093/i/i?i=958518586704343.294511942061686&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c=ss:77.up:0100007FC06EA0651236754E02EF6FDB.sync:up.xdua:duJDjAP1vp345Wm8h9Ok9JZ9.xps:xps4KDSbBdY_rS_FjGNHOUGcT.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705012930965&i=958518586704343.294511942061686&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c=ss:77.up:0100007FC06EA0651236754E02EF6FDB.sync:up.xdua:duJDjAP1vp345Wm8h9Ok9JZ9.xps:xps4KDSbBdY_rS_FjGNHOUGcT.dn:acint__net.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
https://sync.bumlam.com/?src=mt2 HTTP 302
https://ad.mail.ru/cm.gif?p=155&id=a77805a8-b0d2-11ee-bbb1-002590c82436

Request Chain 137

https://dmg.digitaltarget.ru/1/1093/i/i?i=958518586704343.368900409148370&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c=ss:77.up:0100007FC06EA0651236754E02EF6FDB.sync:up.xdua:duJDjAP1vp345Wm8h9Ok9JZ9.xps:xps4KDSbBdY_rS_FjGNHOUGcT.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705012930965&i=958518586704343.368900409148370&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c=ss:77.up:0100007FC06EA0651236754E02EF6FDB.sync:up.xdua:duJDjAP1vp345Wm8h9Ok9JZ9.xps:xps4KDSbBdY_rS_FjGNHOUGcT.dn:acint__net.adcm:hit.tg:adcmjs_noorient HTTP 307
https://top-fwz1.mail.ru/counter?id=3210372;pid=XK0UPCefIKmeKrF7-6ub HTTP 302
https://top-fwz1.mail.ru/counter2?id=3210372;pid=XK0UPCefIKmeKrF7-6ub

Request Chain 146

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10245.FbR6JDyuiDyu2ttzcsc02eKOpiHmrV0CSK-XX3mL9vRpn9ESjVS7Xe3z5uFeVkkG.ga2o101NUfvO0wIu_My6Zx9KTrc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10245.ugtt-3KXXG6ELMEBymFvLoSmdsHEuCroXGpbHA_ai6Nk0fxXFE-u0GbObf5oty-rKExigDoyuGRMirCM4eJOT3ILoXxskMfV35R6bQe9zgt3n7MF8s9QRF3gJ9d2O6jz7sQUAJvY7WsxQ6ZQpTSVDfvcU_2m3Q1wHh29BxJ8KJUbdNlmQbHh1AW5w5jI0uWUE21icZ9aygmm1StDUxfJdk4w0fsys7a71CQPp8wd_Ks%2C.YjE8bLQp0pNvPo2gN8lFQWkyqU0%2C

Request Chain 154

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A743930260734%3Ahid%3A420084034%3Az%3A60%3Ai%3A20240111234212%3Aet%3A1705012933%3Ac%3A1%3Arn%3A499207876%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A778x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C1%2C1%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705012928345%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3Apl&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1) HTTP 302
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A743930260734%3Ahid%3A420084034%3Az%3A60%3Ai%3A20240111234212%3Aet%3A1705012933%3Ac%3A1%3Arn%3A499207876%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A778x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C1%2C1%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705012928345%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Request Chain 160

https://cdn-t.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg HTTP 302
https://cdn4.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg

Request Chain 167

https://mc.yandex.ru/watch/4250215?page-url=https://rcm62.com/&page-ref=https://yandex.ru/search/?text=%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&cnt-class=1&browser-info=pv:1:ar:1:gdpr:14:vf:h2b2laelw67j03cmy2kg:fu:0:en:utf-8:la:ru:v:802:cn:1:dp:1:ls:928365006517:hid:206570468:z:420:i:218340182722:et:43472239613:c:1:rn:206570468:rqn:4:u:5585245260087575000:w:555x652:s:1366x768x24:sk:1:cpf:1:eu:0:ns:928365006517:co:0:rqnl:1:st:928365006517:t:rcm62.com&t=gdpr(14)mc(p-1-h-1)lt(61500)aw(1)rqnt(2)ti(2) HTTP 302
https://mc.yandex.ru/watch/4250215/1?page-url=https%3A%2F%2Frcm62.com%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aru%3Av%3A802%3Acn%3A1%3Adp%3A1%3Als%3A928365006517%3Ahid%3A206570468%3Az%3A420%3Ai%3A218340182722%3Aet%3A43472239613%3Ac%3A1%3Arn%3A206570468%3Arqn%3A4%3Au%3A5585245260087575000%3Aw%3A555x652%3As%3A1366x768x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A928365006517%3Aco%3A0%3Arqnl%3A1%3Ast%3A928365006517%3At%3Arcm62.com&t=gdpr%2814%29mc%28p-1-h-1%29lt%2861500%29aw%281%29rqnt%282%29ti%282%29

Request Chain 234

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389 HTTP 307
https://an.yandex.ru/mapuid/arcspireis/5f5313159e17f427c2a783

Request Chain 235

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/sapeis/0100007FC06EA0651236754E02EF6FDB

Request Chain 236

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/995716f2-a6e0-530c-a191-48e3c4312622

Request Chain 237

https://yandex.ru/an/mapuid/adobedmp/ HTTP 302
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=F6A84AE2474A5FB9 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F6A84AE2474A5FB9

Request Chain 238

https://yandex.ru/an/mapuid/betweenx/ HTTP 302
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFEAB26BEBA31C3E

Request Chain 239

https://yandex.ru/an/mapuid/blueseaxcom/ HTTP 302
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D7FD3AA13CA0D89D

Request Chain 240

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 241

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 242

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Request Chain 244

https://yandex.ru/an/mapuid/minimobww/ HTTP 302
https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=D0577A5CA40FA3E0&expires=1&usergroup=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=469&user_id=D0577A5CA40FA3E0&expires=1&user_group=1

Request Chain 246

https://yandex.ru/an/mapuid/xapadsssp/ HTTP 302
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=99B1D6B8B3E6D772

Request Chain 248

https://cm.tns-counter.ru/yacm HTTP 302
https://an.yandex.ru/mapuid/mediascope/ae9f9476f636badf5a7729f8bf946ea8acddd3b73e5fdde3aeabef9b10693174

Request Chain 252

https://dmg.digitaltarget.ru/1/119/i/i?i=1705012937 HTTP 307
https://an.yandex.ru/mapuid/dmpamberdata/XK0UPCefIKmeKrF7-6ub

Request Chain 253

https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4 HTTP 301
https://an.yandex.ru/mapuid/mediasurferis/qlEVXQPDOGGWowBaoycGDIzNxPIkspdW

Request Chain 255

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D HTTP 301
https://an.yandex.ru/mapuid/buzzooladspis/fe2d3571-74e0-438f-6f87-8aafdd0b6b85

Request Chain 256

https://eye.targetads.io/sync/yandex/ HTTP 302
https://an.yandex.ru/mapuid/part_id/12908933990099532848

Request Chain 257

https://kimberlite.io/rtb/sync/yandex HTTP 307
https://solta-sync.rutarget.ru/sync HTTP 302
https://kimberlite.io/rtb/sync/segmento?u=F1TL7vPZO2Qt HTTP 307
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaBuwUvMwlo HTTP 301
https://vma.mts.ru/match/second?ssp=59&exu=ZaBuwUvMwlo HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e1819881-1ec9-4694-ac44-11ce27d29f6d&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2526em%253D2%2526ssp%253Daidata%2526id%253D%2524UID HTTP 302
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID HTTP 302
https://vma.mts.ru/em?next=59&em=2&ssp=aidata&id=aEe1/DROFJJPiSyFzk4I5w HTTP 301
https://kimberlite.io/rtb/sync/mts?u=e1819881-1ec9-4694-ac44-11ce27d29f6d

Request Chain 258

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/mapuid/targetrtbis/

Request Chain 260

https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id} HTTP 302
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1

Request Chain 261

https://profile.ssp.rambler.ru/sync3.302?pid=188 HTTP 302
https://an.yandex.ru/mapuid/ramblerssp/

Request Chain 262

https://px.adhigh.net/p/cm/yandexssp HTTP 302
https://an.yandex.ru/mapuid/getintentis/mBicfCvh9k.AikABlGM-rCiUg

Request Chain 264

https://s.uuidksinc.net/match/501 HTTP 302
https://an.yandex.ru/mapuid/kadamis/aT31YqMg601MdtMojC5U

Request Chain 265

https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex HTTP 302
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1

Request Chain 266

https://sm.rtb.mts.ru/p?ssp=yandex&id=map HTTP 301
https://vma.mts.ru/match/second?ssp=55 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=e1819881-1ec9-4694-ac44-11ce27d29f6d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fe1819881-1ec9-4694-ac44-11ce27d29f6d HTTP 302
https://an.yandex.ru/mapuid/mtsdspis/e1819881-1ec9-4694-ac44-11ce27d29f6d

Request Chain 267

https://sonar.semantiqo.com/dmp/scr.php HTTP 302
https://counter.yadro.ru/id127/reff-id.gif?sid=0212a393c481436ca32a1df3f0fd04b5 HTTP 302
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=0212a393c481436ca32a1df3f0fd04b5

Request Chain 268

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109 HTTP 302
https://an.yandex.ru/mapuid/dmpadriver/Y9ujBLEfdGFTGx7Qar4mew?sign=3518169985

Request Chain 269

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19 HTTP 302
https://an.yandex.ru/mapuid/adriveris/AY9ujBLEfdGFTGx7Qar4mew

Request Chain 271

https://sync.bumlam.com/?src=yandex2 HTTP 302
https://an.yandex.ru/mapuid/adsniperis/a77805a8-b0d2-11ee-bbb1-002590c82436

Request Chain 273

https://sync.gonet-ads.com/match/yandex?id=[buyerUid] HTTP 302
https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw

Request Chain 274

https://sync.upravel.com/yandex/sync HTTP 302
https://an.yandex.ru/mapuid/upravelis/69abffb7-1544-4ea1-bd60-eb0dbc5a53ec

Request Chain 275

https://x01.aidata.io/0.gif?pid=YANDEX HTTP 302
https://an.yandex.ru/mapuid/dmpaidatame/aEe1%2FDROFJJPiSyFzk4I5w?sign=942833232

Request Chain 276

https://yandex-dmp-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/dmpsegmento/F1TL7vPZO2Qt?sign=1116141935

Request Chain 277

https://yandex-sync.rutarget.ru/sync HTTP 302
https://an.yandex.ru/mapuid/rutargetis/F1TL7vPZO2Qt

356 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 4149-krasnyj-dermatin-1-sezon.html Show response
11jan.newdeaf.co/serial/ 54 KB
13 KB 729ms
681ms Document
text/html 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: ddbd165e7808b02c2fa8b0d2587823e78fe9cf52fd4965ef8b4fa2e1c39b6112

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: * origin-list
alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0 private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8440abca3c0c18c9-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 11 Jan 2024 20:46:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
referer: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNfogFWI27uoZ8hS%2FjhCIgfSeWAIzEmwLo3VzAGyQDKgk606lBh3prRjfnTUFkb34AH67VKFf1YltJljn1%2FxNuR7b1FpCLRxONkgAhEMukkSUIHGuE0QgJAo7aVFBxz03oHrno%2F7LZdI%2FaaN94G%2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 jquery.js Show response
11jan.newdeaf.co/engine/classes/js/ 84 KB
31 KB 228ms
226ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/engine/classes/js/jquery.js?v=d3ca7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 21 Dec 2021 08:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h4XoKjJUcgws2JqHAxoW4pqrNRscbVykKsauQCtZCasGws2TEtAD3opcTPO6QAmY04ytSToHcC9e4NYaz3MrGeFMfaLDc6iI8HiuTuyv%2BkkwWIW2nM4KERxDDfBLkSZ2pg2%2BlPWaa1C1HNMKBQZN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abce8f5018c9-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 jqueryui.js Show response
11jan.newdeaf.co/engine/classes/js/ 94 KB
28 KB 227ms
225ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/engine/classes/js/jqueryui.js?v=d3ca7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a82cb12e6e213c3b94fb1674617997e730f8fb5a44237800881dc439814c1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 21 Dec 2021 08:54:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYUZihmDDb3hr73qsYSswpZB%2BPOWH3wpYDRTEdFvdaKhXgd%2BKH3alhbmeu8S8ekOcHGJs6yxMbAUdR%2BQPU0DtJlqk9MAcPt3WisZEQWwWe6vGVD9rWIwYgmTn6jx6Vo4vEpk5EphgVi6%2FKOs26Vu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abce8f5118c9-FRA
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 dle_js.js Show response
11jan.newdeaf.co/engine/classes/js/ 37 KB
9 KB 207ms
206ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/engine/classes/js/dle_js.js?v=d3ca7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc63a2c4f6c110e42b2e9c1ba1da8a45111020bc9c434c4be77967f0205995d3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 21 Dec 2021 08:54:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHaPuhTqJv1eGdQWRWMq3Wa%2Beh5gahYCcfEaQbySerwCYZEGvWeCeu9Qb99%2BCXOr8XQUqoF%2FIxJ%2BTkUsiQnwC9kk9sHMXMJZvVtHgKtRvIPVUMePwiVlt9z8e2%2FQMvMdzqd0KcKzC6pDp6fxZVow"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abd05b55b725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 lazyload.js Show response
11jan.newdeaf.co/engine/classes/js/ 2 KB
2 KB 113ms
112ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/engine/classes/js/lazyload.js?v=d3ca7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a86a71557826524b5488bd7112ad640a548a420a7bf3eb57d266e336b206d1d7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 21 Dec 2021 08:54:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6JW8USslzwJb6nmwtL2RKjO9gRpLWZcqE0KVV%2BHAOhw5yS9yLIlk4vk7V7zEXOV2MiJpjYYZuhWxR%2F9Y%2B0fEAKFmdJzh7nLzRB3%2BBZbbmjsTgjYd6vDjTQTnGkhO66VyXIJd4RHy653YE%2Fg2ZR9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abd05b58b725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 common.css
11jan.newdeaf.co/templates/newdeaf/css/ 8 KB
3 KB 31ms
29ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/common.css
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c78d4b990c2bfb88335b25a4a5bf6125c2e67d19da8caf892c0bfde1992141

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77385
cf-polished: origSize=8976
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 10:25:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ih1rW7mvDKE8ugyxNRJeRYlt5yKTeSBqqy%2FP7XN0fetz1q4NiHtTNCJ8fMFg434aH61x7xdKu0%2FnbtwmKAigrLZswtlOfuKUJf%2FrfYVSc8iQAWokWIh0RuER273uPAvMgogBrKDLsmZH0j345dNW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f4e18c9-FRA
expires: max-age=A10368000, public

GET
H2 200 styles.css
11jan.newdeaf.co/templates/newdeaf/css/ 48 KB
12 KB 36ms
34ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6757a12fd52365f8129db749bb2825757553fb22fbdfc4994616b6114ce79f17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=58789
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 06 Sep 2023 14:07:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D78oNZdIkEt4VrPhKhE6Nl1s7ndpfJ6uWv5N7QxBu2Y9sEZAjBNYaoNyGaQjGEkN5%2FFyLPhqDdUDpa461nLAvhuvoWQVkSf6aSGYpZwKXLcls19mGYSCwIUHPxlroc5Q%2BRIK%2FkYImX5n18M9wkpK"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f4f18c9-FRA
expires: max-age=A10368000, public

GET
H2 200 engine.css
11jan.newdeaf.co/templates/newdeaf/css/ 26 KB
7 KB 32ms
30ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/engine.css
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df92917936bbaf0afba96eccf802a6a1b6341e2a53b7aaed5ed3191144edd64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=31446
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 10:24:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stKnNPw3U0jLK0qyHYkLYGh4oP5yM1PaOYzuHuR0ZR%2BkQTt3H4trd4I3y%2BnnPF%2FcldRXpbO6Z1BvFCnkuKW7HDcZMmoREHYQ0ifyGjsZ0KU3Z07NzjouDhCOFviFe2vtkQLmPozLckRQoZjWwFz6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f5218c9-FRA
expires: max-age=A10368000, public

GET
H2 200 fontawesome.css
11jan.newdeaf.co/templates/newdeaf/css/ 87 KB
18 KB 38ms
36ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/fontawesome.css
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1501689b87399ceb5cd2994a18139ecb636a3d190031ea440dd70bf7e7b1f0a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=89221
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jan 2022 13:51:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKWV85u4v8dUzSf%2FK6Q9%2BgkYp5yqlsG4FLEE34%2FExER0R6rjRzWKGZlVmxqWOlCzqFdaNoKdBHTHqqHU7nZ%2F%2BGWJ%2FNMv6Fi4mRQ2bhb5yfqvVF0OoK%2FuIXpMrOwmPafW%2FkK1ceBmAjXMet%2BPO26E"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f5318c9-FRA
expires: max-age=A10368000, public

GET
H2 200 manrope-400.woff2
11jan.newdeaf.co/templates/newdeaf/webfonts/ 17 KB
17 KB 32ms
31ms Font
application/font-woff2 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/webfonts/manrope-400.woff2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c9c332ec701b5293c54867d3c992bccfe9bea9c0816f4c6b28bbb639e536dca

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Origin: https://11jan.newdeaf.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
alt-svc: h3=":443"; ma=86400
content-length: 16912
last-modified: Tue, 21 Dec 2021 09:05:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51Lfcqrj99e9%2F5%2F6TFojbdaFMbmunVAB%2FVFdLv0GjZPLOJYiScyJMa2B%2BP%2FueYoiwl1Hl1uEtZ23zguxbd0Anj5dAMC0a35iHpEbkWtnnCvb5nF%2Fv74nNiMcQ7QweE%2FWOF053Aa9CMEZ7wKZda8A"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 8440abce8f5718c9-FRA
expires: max-age=A10368000, public

GET
H2 200 manrope-600.woff2
11jan.newdeaf.co/templates/newdeaf/webfonts/ 16 KB
17 KB 57ms
56ms Font
application/font-woff2 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/webfonts/manrope-600.woff2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33eb38c10cd3a4b4b247ec6665f5b2c1ea8c8e000acbf71ce8e3dbf0973207cd

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Origin: https://11jan.newdeaf.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77871
alt-svc: h3=":443"; ma=86400
content-length: 16872
last-modified: Tue, 21 Dec 2021 09:05:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vz1QUb8HxVp0hIm48nApGtrM5PcirP1jTn7NMkiLUzO7i5Wuzbhlok%2FJVT2WYu%2Bf%2FVK%2FhOTkylalj80ZNVIzptsTayFjBvKg60KuwxA3ltO5UCjWh3VP8JR6fFSuGnQdX7SB7liIKJM4Qpj3n%2B2"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 8440abceaf6818c9-FRA
expires: max-age=A10368000, public

GET
H2 200 manrope-700.woff2
11jan.newdeaf.co/templates/newdeaf/webfonts/ 17 KB
17 KB 55ms
53ms Font
application/font-woff2 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/webfonts/manrope-700.woff2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b2101f9377e5ab12fe5f1799736149646df1a464e0578c75b29d8cde570d80

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Origin: https://11jan.newdeaf.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77871
alt-svc: h3=":443"; ma=86400
content-length: 16928
last-modified: Tue, 21 Dec 2021 09:05:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7eA0em3xkppVIIgvuhGFY5zGTET1K45BCAkpqE9%2BDayvf%2B5Rbik1onxCLIBjVSNTNePFSa6zUmAdIWxsj4UQlnFfSnaVSiWsT315UJ4dE1vkokNuYOBFmOgQYwQ55buyz3SKa1JyFTP0tGIKeoO"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 8440abceaf6918c9-FRA
expires: max-age=A10368000, public

GET
H2 200 fredoka-one-400.woff2
11jan.newdeaf.co/templates/newdeaf/webfonts/ 15 KB
15 KB 56ms
55ms Font
application/font-woff2 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/webfonts/fredoka-one-400.woff2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c77cd0cb3cc4a3f294c6b86ba5302fe3139f89758ac460e5f5fb6a6a01b5dec

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Origin: https://11jan.newdeaf.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77871
alt-svc: h3=":443"; ma=86400
content-length: 15524
last-modified: Tue, 21 Dec 2021 09:05:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFwYMga635gIRdITJXF898cXVtrE7nNxCHfZRKlb94dSndr453IEVMYHI05Ywtq%2FpuVQWEmrXLGP1rg4biIWPOsueAhfRZTWyUwIjVsIHuf%2F987W9jFIo3Lcom72Sxv%2FYZOyfhhhrbUMGbwCjqda"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 8440abceaf6a18c9-FRA
expires: max-age=A10368000, public

GET
H2 200 fa-solid-900.woff2
11jan.newdeaf.co/templates/newdeaf/webfonts/ 134 KB
135 KB 57ms
55ms Font
application/font-woff2 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/webfonts/fa-solid-900.woff2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Origin: https://11jan.newdeaf.co
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77871
alt-svc: h3=":443"; ma=86400
content-length: 137704
last-modified: Tue, 21 Dec 2021 09:05:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UxlKb7uMsIXxEVp39dQ2ARbKanKZ7LgYrevJOHW8uxfXAUBRt90F00B2ejShG%2FCBZdrcFsnCRO94DdFylVtfrqmYpXNwJNpLV5OqC6%2FnHplTu7Qm5hOoyXLgXqidrJ8aGp%2Fe7fDkPka0uue8ZGho"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 8440abceaf6b18c9-FRA
expires: max-age=A10368000, public

GET
H2 200 common.css
11jan.newdeaf.co/templates/newdeaf/css/ 8 KB
3 KB 34ms
33ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/common.css?v=e42e932232d389cb43ebba027b0418f7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83c78d4b990c2bfb88335b25a4a5bf6125c2e67d19da8caf892c0bfde1992141

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=8976
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 10:25:41 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bs%2FRqSdz7vHfSJRkloRvh%2F01oWuSHx5MRewtMLyLOBiDVszD08oipTtzUZUlkaySb8tfmdmuoSlIMSj7ODjyyuB1JJOWqHYx1NKeYUW3Zt%2F3YrtwHRNe0C17uZv0sIQCOVLiUU7upUb2JyHNXiW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f5418c9-FRA
expires: max-age=A10368000, public

GET
H2 200 styles.css
11jan.newdeaf.co/templates/newdeaf/css/ 48 KB
12 KB 36ms
35ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6757a12fd52365f8129db749bb2825757553fb22fbdfc4994616b6114ce79f17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=58789
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 06 Sep 2023 14:07:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfP%2F%2Bf6QBPUAuj2pb6nibmO7ezoQgmDBMIYoGD5Xg76RFvFC8aTsF3EwyT2yj5QyHsN04xXqNMLMhD2bJLuyms0%2B%2FfEfSUEGWmemd3CD8%2FcSdY51UL%2FRM7hjpEiMoiZKVPxYg4tKjKngJQHdDUsv"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f5518c9-FRA
expires: max-age=A10368000, public

GET
H2 200 engine.css
11jan.newdeaf.co/templates/newdeaf/css/ 26 KB
7 KB 36ms
36ms Stylesheet
text/css 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/css/engine.css?v=e42e932232d389cb43ebba027b0418f7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df92917936bbaf0afba96eccf802a6a1b6341e2a53b7aaed5ed3191144edd64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77872
cf-polished: origSize=31446
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Aug 2023 10:24:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ec5JEXK0YQHfUWozyeA5x%2B0U%2BlIEUrfukBvteKNZBPLrHbch5TAcw8oSKdzmAHZS25mHG3mpDjhqnswBun%2FtdeJWEpr5NWoy7EIWRB2diOVtB6WfAuozDmJDGXt0bUo0BTU3gJ%2BAmFc%2BLmzmiH%2By"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 8440abce8f5618c9-FRA
expires: max-age=A10368000, public

GET
H/1.1 200 63c0d7d8.js Show response
aj1907.online/ 36 KB
37 KB 507ms
42ms Script
text/javascript 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1907.online/63c0d7d8.js
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 823e7b445aa5bd58ba35c95a805a29648bb3e9859670488277fec5e553294bee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
accept-ranges: bytes
etag: "0c455e0e9a291bbd91b1fc2bed46f4e56"
content-length: 37244
content-type: text/javascript

GET
H2 200 lordfilmez.png
11jan.newdeaf.co/uploads/ 1 KB
2 KB 56ms
56ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/uploads/lordfilmez.png
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44acec338aa1fa90ef06b8fbab0944a5ca9132943182a467783016cff42bab87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77871
alt-svc: h3=":443"; ma=86400
content-length: 1506
last-modified: Mon, 25 Sep 2023 06:54:45 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGShii4qEXXJ7Cr2pIqIowNhSNMAXpUzVS2bNx4aJY5VNx7E46Qv2hiPYTDHJ7fkRE%2BUIDA0FYNA32Zr8wwcAzlqZwSBqLFWhjmZOCG%2FFXZXHiXQdXWTQRtmaVf6gNo3iezOqKSTjwLFn%2FhnF2QB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: origin-list
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abceaf6c18c9-FRA
expires: max-age=A10368000, public

GET
H2 200 s.js Show response
vak345.com/ 4 KB
2 KB 87ms
41ms Script
text/javascript 2606:4700:3034::6815:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/s.js?v=6082be0687c78f67f9cde54fd23ce155
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26367fc69ef19a5596da8a7b8e1c14058755d0064ca1a922554152b80a38d0e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJTKb3jSxM%2FHjUXjuUHR6o86PTXmF%2FsInmsH4o5EYJPz%2FasQwUgfs%2B6J7wySBT2FxtFRhjqcMr%2F5Mjyyioo2mLrhyVQwPX%2FtmCggY2sG1pmjV2SD21Az2z2pc3WcLi%2BuDfCNn5u8GjNq"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
x-movieads-country: NL
cf-ray: 8440abd0a86c1da0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ebbf7b14575051208e-veronika-sanches-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 7 KB
7 KB 166ms
100ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/ebbf7b14575051208e-veronika-sanches-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce99fff1e35c58269404843b1937099f9c9d8fb1d62b097f2f109b9778b9abee

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKSGwdXPVgHNkkqGuSo1KbF4hubF2Lb6XNuT48UaWDp6Jbrj4WXUDeKaM80uWYNGoGAIOLAecIFOSvEcfMhC%2BDALwKMO6sSoXixHRSvZUGfvYHxKrwuEx4k2tlNp15G2ymvtjB%2F49CdKP192rUlDog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abcef8eb0198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6978
expires: max-age=A10368000, public

GET
H2 200 eb40ef02e45be51b50-migel-anhel-silvestre-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 7 KB
8 KB 148ms
148ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/eb40ef02e45be51b50-migel-anhel-silvestre-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d3d1205750ec72f4160b8ca45412205adf94390cba984f32d235e711494baf9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:07 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6XLV4S8%2FXG4Xam1cdK0od65%2F62%2Bn2Qvc4AZRgi4xGNmOwzpVDwfxT7JDIrHhHaTA769Q6bS%2BXGJPjmaB2w8%2FFophp341E5AibDHpjMK5EQesEM3sRkfOp%2FU%2Be%2BA0S0hxLRDc9lbGzaaAJxDvByuhHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abcf89930198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7383
expires: max-age=A10368000, public

GET
H2 200 adaabcbef822d194d0-aser-echeandia-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 7 KB
7 KB 126ms
124ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/adaabcbef822d194d0-aser-echeandia-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d2e2f01e2341265d6aa3e811ab3157f01293b5192203fc2fee486001746fad9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTQXgbHvIiEY5Ns6UDdFIbNbxvZxd%2BOd7dxWhkV7uKwiEfX1grE5QCTys82wqCDC4BzBPy6qg6lk1rICNgcFUb1DzcFcFlBlxACOAxGgqc%2BeYt4sCpdeQxX47iJhj4K6LYfk7SsQqs%2BKU5QGKilD9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad10198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6871
expires: max-age=A10368000, public

GET
H2 200 1061cbf82854b0249e-lali-esposito-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 7 KB
8 KB 158ms
156ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/1061cbf82854b0249e-lali-esposito-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5037b7fe838be7914073a410dbd958962ccfa505b7babd3254ef578cc7c0d147

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ep%2FAKC9ZykK3cFk6HvhTFnjEjLJJ113wkmZXQXJIZF8z4m2WewMXk4hRrMV1LqhuL4%2BynMskffhd43FGrT17dsKOPZJhJefqYVhVVjnF3qEbam97exxiompbSPEB9zpvhBYE6XhwJeDz63nJfT0pA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad30198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7479
expires: max-age=A10368000, public

GET
H2 200 63e836276022643099-yani-prado-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 6 KB
7 KB 399ms
398ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/63e836276022643099-yani-prado-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b1b572ada056b0eb154aca2e96e89cdd0458e1d1900b5766cbece436c1fb373

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rh05J4lS7BALSWimvJ%2BcEmThj4nYbVyp9Jwk58TurHny1Z1pNbv98Gf6V72uxtKw3Vxw43Tv8qYWCUFiN8bbOpE2QWUxn08iY%2BcLJw2Aup4uVMdP4iomXrkJDxXPKrQhkVW2Edl%2FITFr5ronpbI7Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad40198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6231
expires: max-age=A10368000, public

GET
H2 200 no_actors.jpg
deaf.cdnlbox.club//uploads/ 7 KB
8 KB 52ms
51ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club//uploads/no_actors.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cb4132ce8217c5e3a7a9ccb99cd5374bb419ee805672f35356b935c7fab8ac8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Mon, 04 Sep 2023 09:51:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5431120
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipIkmpvGpwVCjNzYed%2FfL4zJM5Ng2fjmfq5A9jwJEjWi9KqpQXvgcgelw%2BK93H5ap%2FsgmIQQfopey8LTuih1Yl0rPM8JEDBW96IQLcMYaNmMl0e8bpVDvOzmvgcCr6qLIqwEsQA7JWkYSLlYZxb7Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad60198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 7582
expires: max-age=A10368000, public

GET
H2 200 047653659c33ec68f0-godeliv-van-den-brandt-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 6 KB
7 KB 206ms
205ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/047653659c33ec68f0-godeliv-van-den-brandt-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 104b059786c22fb186f5339b548a0ab49818ea3eebfbac6b7e6e6ffc09306038

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jul 2023 21:02:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=im%2ByolKfcE0iJDF1%2BjpsPT3TEY0UdPagcR4cf2SfctLA0dgAC0N%2BWia0FzMwxvaQH%2FvdH22fmGm9C5QGD4b1T7dzMqeX4RBHZXd3C1EYig5kkCxTzkBlTckhSiJizLdOva7TCFH1vLC4j867qrAv6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad70198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6394
expires: max-age=A10368000, public

GET
H2 200 ad9796db87000c2290-enrik-oker-personage.jpg
deaf.cdnlbox.club/uploads/actors/2023-07/ 7 KB
7 KB 158ms
157ms Image
image/jpeg 2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://deaf.cdnlbox.club/uploads/actors/2023-07/ad9796db87000c2290-enrik-oker-personage.jpg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87b0019f3a9fe1cca1677a7aaaa425471bc9b54aa40f87db03ce3911867704a4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jul 2023 18:36:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2BCeHq2XBr%2F27l2RZdvpjumOmUlPcpPcOeHcO9%2F8DxFVzHvGB5Yfb2tiEf%2FbUJRaxwsNjEuE48sYfngBzNbVmrzZaBZdrsae59TkPWlWazzTcsYT8vSAPOZ%2BSSHGl2rkdJFWtHWjc0d%2FhFkBAUZIGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06ad80198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 6822
expires: max-age=A10368000, public

GET
H3 200 libs.js Show response
11jan.newdeaf.co/templates/newdeaf/js/ 66 KB
18 KB 62ms
60ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/js/libs.js?v=e42e932232d389cb43ebba027b0418f7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f9f6f3c44fc3c93ef6826dab9cbb05ffbb1dec8436b7eacb87b8cd2c7ae503

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Mon, 28 Aug 2023 15:49:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UjIRMtyRXhhhrWT8YPMFTiuKe6ZO3OgDYXD5dowN6iZqK9aNuU1iBQPAcEUe%2B5RRYp9fQCe9omn%2F6kGtqxZICdkDxw3KapIwfF2QMyAAlV4gfd9uzVJvfMRQowsHXxE3%2BS1tcg73fWDVjYZaI9PN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abd05b4ab725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 soon-tv.js Show response
11jan.newdeaf.co/templates/newdeaf/js/ 1 KB
1 KB 176ms
175ms Script
application/javascript 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://11jan.newdeaf.co/templates/newdeaf/js/soon-tv.js?v=e42e932232d389cb43ebba027b0418f7
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2308a9a905b6018131ac88b621d095e9c4d2548a28a4980dc752c163a5429b03

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
last-modified: Tue, 22 Aug 2023 10:26:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lc1RNGEif4OKZRVDsX4ephA89fAk49bmR9IZYi1xrPhUwqxM2LetsC7WjKlsBSzdUjNnv9f2XEBTBTb7rSSOnMmr3w9TcVPoBospyk0VSo00cIqjANFDJmFhulDO3DKszD7km%2FV34gQ9atRq48j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10368000, private
cf-ray: 8440abd05b51b725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
DATA 200
OK truncated
/ 68 B
68 B Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 logo.png
11jan.newdeaf.co/templates/newdeaf/images/ 16 KB
17 KB 29ms
29ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/images/logo.png
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1e399c0710c0fac2b531ba875504a4d5c0f7fd221d54992d94275beb5b0479

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77139
alt-svc: h3=":443"; ma=86400
content-length: 16809
last-modified: Thu, 23 Dec 2021 15:28:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoIqTo10t9d5RvGnMLYH1gcdwodp7u0VXJLarBYpE1gi%2FlNfCWHbjobwNSf5ZdOyj18z0Ctatt%2BFPC8nU%2FqiZnUwRl8qDwReTzWkwdF%2FDmw1W%2FyQ5jbsFyl0%2B76llSeXob4CCGfh6BCMP6yDhbZu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: origin-list
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd06b75b725-AMS
expires: max-age=A10368000, public

GET
H3 200 imdb.svg
11jan.newdeaf.co/templates/newdeaf/images/ 3 KB
2 KB 225ms
224ms Image
image/svg+xml 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/images/imdb.svg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e91eba8da11fd3b791d86637e7573a4fca76d2a0d8ce65030a8dd6aad46f25dd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 09:05:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77139
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GECb9iQH2dnXdewlUGDdp8M6UrVLTi6iQaTGTdfbgedwj3nlkGVRo2AhNxOY%2BafLMlHAkC1w2ApyJ0B3QpToFNldPduQ8tShfgN6Z%2Fj3tricwJDMUwuj0Xxl8CEses7VhBs5MkP%2B5h8bpaGLtE%2BW"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: origin-list
cache-control: max-age=10368000
cf-ray: 8440abd07b7bb725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 kp.svg
11jan.newdeaf.co/templates/newdeaf/images/ 2 KB
1 KB 231ms
231ms Image
image/svg+xml 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/images/kp.svg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f04a2ae73a025ca7ebe2f6edcd49ae8f86b68bd54d44757106e6c2022bb6d397

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 09:05:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77139
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZHor5KHWsftZc2VNqh9JoEb3%2F5R1z28byPLPgKNNAEatrBDbpGIjCbO3pgO8lLYuP2lgeNCLBVbB1%2F5hxq6G5N3%2FHoca8Yoc%2BB2s%2B%2BpGf99G7saW8zaQYzcXA4kvD%2FukZxuZ0BcFLFYpTPkonjzd"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: origin-list
cache-control: max-age=10368000
cf-ray: 8440abd07b7db725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H3 200 noavatar.png
11jan.newdeaf.co/templates/newdeaf/dleimages/ 9 KB
9 KB 192ms
192ms Image
image/png 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/dleimages/noavatar.png
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae98b5aeeaa3f1d82c86b770cc1fd441ae770814633e986ae6eff0526e299d1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77139
alt-svc: h3=":443"; ma=86400
content-length: 9206
last-modified: Tue, 21 Dec 2021 09:05:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkzU%2BOdoeOhRa8Qzr1eeQJgLiivxOds8OYqgrE%2Fut%2F%2FuFYmaaCiQXYRr%2B%2BYn%2BfsEnBe5tJGM4CKzaILJQkzSfQ4RfIld5FJ10AUmWYd7f7ZcjB6Wl7kfP7eAwj5J2f2jHS1Jt6np%2Fuh84YwFvmdC"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: origin-list
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 8440abd08b8fb725-AMS
expires: max-age=A10368000, public

GET
H3 200 i-tlg.svg
11jan.newdeaf.co/templates/newdeaf/images/ 308 B
714 B 254ms
254ms Image
image/svg+xml 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/images/i-tlg.svg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6efff376ba34469458185579174ddd3595ccb09f50854878efaddd9fd1647acd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 09:05:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77139
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CIBUyd3I7EUfPkgI8z%2B%2Fxc%2BCfHRyNtqUnZK1kFbekNS%2BANx%2Fd94BxvolZfUPHFchLOnYHSw5Jv2hVu51SHKfOR8DnTe709gTq6E9U0GI7drAQ8aqi3Cxm%2BqVFmZlL6wuYgxjyOXRnIuChpxJxqmL"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: origin-list
cache-control: max-age=10368000
cf-ray: 8440abd09ba4b725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
70 KB 606ms
475ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2 200 202401120142.js Show response
vak345.com/cs/ 65 KB
19 KB 52ms
52ms Script
application/javascript 2606:4700:3034::6815:4526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vak345.com/cs/202401120142.js?v=6082be0687c78f67f9cde54fd23ce155&_t=1705012928164.164
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:4526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c8599e31969b8db49f3cb68e7e6d3678203d1274ac8d805217bd05d9978c89e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-movieads-udata: cache
x-movieads-country: NL
x-yac-source: Yac
alt-svc: h3=":443"; ma=86400
x-movieads-setup: combo
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NXSMwUCEmfvmV9cJl5JofR37UE%2FXn45DgL9m1YOVVij543SYK7%2FJGJOAiWL9C2bDtvDjj9Y2x4XzFFdHvQJ%2FnK%2FLNsEQ0xL%2B4Gdkmy4SzWlHyycUD3BW9IV3NNVTST0O73f9GaygR0qH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-ray: 8440abd119001da0-FRA

GET
H2 200 get_content.js Show response
data.ufcplayer.ru/vhook/v7/rtb/ 26 KB
8 KB 502ms
174ms Script
application/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e3f6b77284d271aae9217087e623fef671f987bdf669960cde7696c466abd64

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 31 Dec 2023 06:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65910cf6-6693"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QGx2%2BONTyJUGgt9SYkfJO3AJJVLK7fr476flqrdWCREItI2ZMpEV3V1klho1HFS8g05J5LCqe390vxcVhzOcY0BuOFDyePDuNRnLUf%2FC1YPl86V7tlRKeYIGBmB7EapNlZzcc2kaQzpgQGsRwsvH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440abd3aa3d0e2e-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 22:42:08 GMT

GET
H3 200 rating.svg
11jan.newdeaf.co/templates/newdeaf/dleimages/ 1 KB
944 B 30ms
29ms Image
image/svg+xml 2a06:98c1:3120::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11jan.newdeaf.co/templates/newdeaf/dleimages/rating.svg
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb43e7c827b28c803e3a21168bf425c51efad8ae220098b54bc1b617ab3146ba

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/templates/newdeaf/css/styles.css?v=e42e932232d389cb43ebba027b0418f7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 21 Dec 2021 09:05:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 77139
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2phrwL%2B59LFF5%2FiJw2Hs0tMJ8fIWh8w4xslO9HcP1HQcK07U3GYLnJrX4AP3OnUBzqc4OkUKHhatPPGwj1vq4mtOpUh00BCLGimWPPSJL9i9EOiWdFyXX2FvXQ5Ltq7AYIECxdtg2LJ6xMeS3mCt"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: origin-list
cache-control: max-age=10368000
cf-ray: 8440abd1dc81b725-AMS
alt-svc: h3=":443"; ma=86400
expires: max-age=A10368000, public

GET
H2

200

7cf1e1a10c55213b235e1ce6ecc03860.webp
static.cdnlbox.club/poster/web/2021/
Redirect Chain

https://poster.newdeaf.co/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp
https://static.cdnlbox.club/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp

97 KB
98 KB

83ms
82ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a26c58ef7bfea59cad0e884256707170804ec26e6324f8eb7453a96a36f7227

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Sat, 30 Dec 2023 06:16:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5342
etag: "1850e-60db4188e8278"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzjLJFGIBQQmcFqxpVaDH1sdpyRTRBlcwDav2C02U6TOeGkohDZlArcDLN8k6HpnuvYaB6Hwwya5ImB0%2FobZ%2FQLL8tV4KyI9NTg13kNDKlGUvybG7zYoucxW27oEQGS9izDkUV3QgTSj25CgAeEDoxwj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd25d590198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 99598

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=985SovtVr4dyFLeglILBd0s1cDeobt5L42uaLtD0LBTB%2FnapHdowmtRhnRt0PSHwtakVP8G4%2BTubwqVVGN17Xkxafmy2vVakQq245vLdejIgtLMdTXiKYZXRkjGFNp9is4ZjwbKzy67TjPYmg7hmcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2021/7cf1e1a10c55213b235e1ce6ecc03860.webp
cache-control: max-age=3600
cf-ray: 8440abd2296b71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

14307ce1e895cff34dc0d497e5184d45.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp
https://static.cdnlbox.club/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp

38 KB
38 KB

265ms
265ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f5154b576adafeedbd506daab1ab3089c39ad1a08f0e5da93aeec087b339a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Fri, 06 Oct 2023 09:49:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3059
etag: "9688-60709285a3af0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3TTwAUqTyN7QeF7vdTYepT2DPPvcFQtx%2BqwQ3vS%2FNfyVlR7v0V%2BrAcBhWWbIWHvSK6M8Pb0DUA6ccqT8BUARJRfPEGci5TiH6OmIlV13MkeO2fV8gnkhUrrpXUtOQFIFJif9Upgs%2BUqNwfb0uT%2B0EZv"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddf20198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 38536

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4c%2BM30KkfVUZtNNPjXAxTUJBcZkkJkGkf2oGl3SqrZyXYUc4tKD6T7QKqQ52%2BrJ55EaklVX4j4nHV4bTrYYJIPnrWRSDiVJVMLPrqZimhLZx1%2FUoMQPTXyvG%2FpHxO09B8lOEMiUvmZzMv7UTCAu%2BOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/14307ce1e895cff34dc0d497e5184d45.webp
cache-control: max-age=3600
cf-ray: 8440abd2296871c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

ec40676c47043f03861f60910f495e52.webp
static.cdnlbox.club/poster/web/2024/
Redirect Chain

https://poster.newdeaf.co/poster/web/2024/ec40676c47043f03861f60910f495e52.webp
https://static.cdnlbox.club/poster/web/2024/ec40676c47043f03861f60910f495e52.webp

24 KB
24 KB

265ms
265ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2024/ec40676c47043f03861f60910f495e52.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 880178eae5e653be3d48020632b0df258c9c5f8d1bc7d48601b0f648eb4f3e33

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Fri, 22 Dec 2023 08:06:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 684
etag: "5f46-60d14b29ac778"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pa%2F6qu6cTQMcqjNdyvIcQGH7Mq09q8keZ8NWKFpwfgcI3G2om9NQmOn88sbombkkeXwSVqd5X9xziFTozNLnp75EasbbHA1jQisxwWv7qljLEAND3t2aikqIr6X1CBl11q4SxNwJDgj3llJkPm9uCbNB"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddf10198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 24390

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHXDx6RbB5j06uYVsRHj4zaELfdiERaPkNta%2B0ODmdXLkgWiZY1K03KkpikhHSUvr%2FT40WTSXAcnT61N6KNvTLCLAIm7uf5S%2Bbr2dsofhMeSAAQWRVu9jHuTFXx0A7QqbPUQNBkz3D03NFLXNI1Nmg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2024/ec40676c47043f03861f60910f495e52.webp
cache-control: max-age=3600
cf-ray: 8440abd2296e71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

651a30ab4f9a510efa7dec402fd1f253.webp
static.cdnlbox.club/poster/web/2014/
Redirect Chain

https://poster.newdeaf.co/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp
https://static.cdnlbox.club/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp

147 KB
148 KB

264ms
264ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6012e89e4c49967e8d4b8421fd0c592caa1f843cd1f39fa6a8b903376885c542

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 13:23:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1422
etag: "24d58-60b3653c50fb8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGc1ARAd7MtzObAgaWrhoT3ojCAau%2B36Plo1xL7NsrF9fM8hh5O1y1mdwde0u4MFIhYrXpZG0kSuKXcEuCCmpxHAMTEJKLd3NxQ7GhizZLQzKPU6kLOw2AFJcSYqBjQFhU7Luk8kIVIA9dMzF3z6szJG"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddef0198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 150872

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c83WQ3lzyjzgQ8ePcTcfEmakgiA1uRQFfI%2F9GLNJcIAdqBH2U5gIxR1n%2FY8uG5pQFiNHBqF36WjkhUZFxMG9mlNA35KFZ4Zs4kPRghLMbwOhGOEeOAd5zJtngj1SKIYI0lQTTxphhkicJNKWRXzDTw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2014/651a30ab4f9a510efa7dec402fd1f253.webp
cache-control: max-age=3600
cf-ray: 8440abd2296a71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

3dc191e442bd343b5716966089bbed84.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp
https://static.cdnlbox.club/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp

25 KB
25 KB

289ms
288ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79d8154317240293f367d5e0f4c141e2841d6db1b5302999bb5f1fbf5029abf4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Sun, 30 Jul 2023 11:39:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3355
etag: "62b6-601b2c2b302f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZaUdbJe7dyX7AKEENK0ZIY7KHmIVbvALtEPrXVj1tmYWaf5vGDN7F9op%2Fgj4GXbgILmiJPCSpSToPrE0R1Egnijaqxa1qPlxkIeXZhlzhAplcRk3o4jDzgik6XkoIpF4q3YU8tV3%2FF3rC3xQ7ltwUhR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd25d5d0198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 25270

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLjC1n1s2INfGElZvrtU0onsGdxkJKWWNbMNKDJb79C67mqMZfiw5FTrivF%2FsV0Qg4%2BC3zhfuCqYLC2WDpd6ley0u%2BWOztZsRbo4lAc9HNXxU5MShQFOOJygIEPwoCCF1TpRPmO6XwnRK03UFzbJyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/3dc191e442bd343b5716966089bbed84.webp
cache-control: max-age=3600
cf-ray: 8440abd2296d71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

683533c18a45450c5ee8e133db8c114b.webp
static.cdnlbox.club/poster/web/2024/
Redirect Chain

https://poster.newdeaf.co/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp
https://static.cdnlbox.club/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp

34 KB
35 KB

288ms
288ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c69d98ff240ef8b882bc6a68845dbc918842e4b30368b0b0a6b5c322dd6d7d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 07:12:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4426
etag: "887c-60e922765c4f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BP0kw1BeRN18QCMD5KRqfGUyyYUm8Eec0RPKPr5qAHN0Vfnt4a27sohBKQgC3hWJ1uU1m7DRnoy5GZxs9ml3uCoDnTPXhLqnrkjQiZWoE9gf3hjm97ynIX4ZJIo%2BE8bL0GArjCYg41YsQMFJHCZWa4gZ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd25d5c0198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 34940

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bnekccq%2BCZkNC%2By7veINdKVPdmEvfJ%2B4GucpjM11GfZ0BpAxlKAXTZVYRTyZffgzEermOyboenP%2Bv3iZTopPCC%2BYrPX%2F3CHx1tZwm1%2FTlBx%2F9aPfxDRJ34CBi03jDRAtHNwXOKHxAbxR202cCBXUmg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2024/683533c18a45450c5ee8e133db8c114b.webp
cache-control: max-age=3600
cf-ray: 8440abd2296c71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

29f46bcb133aa375fedf7c301a702101.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp
https://static.cdnlbox.club/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp

53 KB
54 KB

263ms
263ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6777f37eb1da4f7fa3abfc943a9b6608ee94141227b3941dfe32318b940e16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Wed, 04 Oct 2023 13:12:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5325
etag: "d5b4-606e3c20bff88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPSAKd4iNy2Xc%2FN9yTUwHHyHawazNDgP60%2BJb%2F5dP%2BsQr04Y4k9NynaAjIJQA59XqTDEO98lSN%2Bg6ofHI2f74SNF41OBte4qYjQr4CmIeNCqr6UxBBOKb4q4dcwkWOCHxfgKCDX0rGQU%2FQkAM%2FeJ0Oig"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddf40198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 54708

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXG1owpY1GPpvm0DwqBdoyE%2BIpMhZ%2BTT2bBHT2MC1BXQ%2BEnUJqzoRPMMdIAmmaCEsJXa8wScI9VtU9m%2B3yof7AZKEpc6NCw%2FtdRR0BVjM5FLI5f9P0s%2Fd9DJ8L79sQC3aMz8CpMTGmM01fjgNoXyvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/29f46bcb133aa375fedf7c301a702101.webp
cache-control: max-age=3600
cf-ray: 8440abd289be71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

6d64fa97eb056adce08f0fd2d055e635.webp
static.cdnlbox.club/poster/web/2019/
Redirect Chain

https://poster.newdeaf.co/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp
https://static.cdnlbox.club/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp

49 KB
50 KB

263ms
263ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38973dea26a9b3a67e0d42d7f0179ea27df496b1fea44c96a3acb0979adc12f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Sun, 12 Nov 2023 10:00:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3059
etag: "c4d8-609f1a0880508"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilQIJO5yh%2BoMNAR4By3i0wsOuP6RB0cNX4ck9pp6RODHc5CVAIT6XijD020lb9F3QSPBxYNQugttPW1KxoWuRkhKwQ2V6bm%2F2jIz8JzEUFgfVqg0Jw%2BX0pFSIyebU9KDXsFmagK%2Bjc01WaTlFath%2BgvL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddf30198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 50392

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6WsSSZUi9EZx9vN4tJ5bQ256le20VHtaQCTax7YFE4BDej8lSj7IwpuGnkiOjb6Kn511DUahk%2FrDhTv%2BlDMy3BuyzRzpXZ5j3zp7nhkrEiAkiGeBqo5J9qcUzKREbYrfVVHcAnbLWetFnkcv0Bz4w%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2019/6d64fa97eb056adce08f0fd2d055e635.webp
cache-control: max-age=3600
cf-ray: 8440abd289c071c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2

200

192276389895b0738b94c2593770688b.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/192276389895b0738b94c2593770688b.webp
https://static.cdnlbox.club/poster/web/2023/192276389895b0738b94c2593770688b.webp

24 KB
25 KB

263ms
263ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/192276389895b0738b94c2593770688b.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 919af4fe8233b6e5b1cf873bb6308ebf900adce56ce64179d066c6837e249665

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Tue, 28 Nov 2023 13:16:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2239
etag: "6184-60b36399ff620"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uy8y6c4kqNlWD%2BKZJmou%2Bt8Aijdg%2BuqrrwZO%2BFrcq%2B7zdm3wW5nU%2Bp8%2FxykCVCp%2Br4BbNVivZMGRS5qEKYJO6vHzrNiYlC61pxyDTv8ny5wxUhroWQWbjlEjRKgb4DkjYXi39Bd6gP5zAsysafnDHy54"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2ddf50198-CDG
alt-svc: h3=":443"; ma=86400
content-length: 24964

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kiqk2D9oulxriq4lcXfrCA10n66sLwQITUFqRxDEbtrvirLe3ik%2FEZ2%2F5D%2FBf%2BBy06tbKpW6KGJbf7i8dW%2BMAuct%2Fpc%2BYIlxx4%2FXeH%2BJKVrIv6i3BTorKNGObfKdpxnxjrGfFH9%2BjvJ9vepN%2B5EEhg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/192276389895b0738b94c2593770688b.webp
cache-control: max-age=3600
cf-ray: 8440abd289c271c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

9062ff093e85d8e8379b3d2defb04614.webp
static.cdnlbox.club/poster/web/2022/
Redirect Chain

https://poster.newdeaf.co/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp
https://static.cdnlbox.club/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp

86 KB
86 KB

8227ms
8227ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b30220310881368606ee53e60273038b111f9550c6ca4fdd482bc91e751540b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Fri, 15 Dec 2023 09:46:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3579
etag: "15658-60c89460ef470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAVw5kzVLiAhyVXmzdv05jFEEodiL7ydLgj8K0MRLGgdRGS7neU%2B4MPbHjTcZaniWg%2F8xcXleeXYkHTLN63tZnRONfVqknUtALt0X9BP6PY80yQ%2F%2BqmXyzER%2FMye9CmNSuQr3RGcWDeqHwr%2FrnkClbsy"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e8a039e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 87640

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duGSdIUUc5cOOSr4ygUH44zLcaQCn0Osqd%2BFN9A%2BF6XFKN4xsVXqGhgUdrDc8ynv4a%2Byd6eS%2Ft6c%2FozHCjcdDnN1LhXGuZDmIrE8TUdHljrmKlU7tscini3immEWKc9nT4c0bqOS%2F2AgglkkyBR%2BCg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2022/9062ff093e85d8e8379b3d2defb04614.webp
cache-control: max-age=3600
cf-ray: 8440abd289c371c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

2333fb2dfb214f7f0df48045c1176e97.webp
static.cdnlbox.club/poster/web/2021/
Redirect Chain

https://poster.newdeaf.co/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp
https://static.cdnlbox.club/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp

40 KB
41 KB

155ms
155ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b92c8c3bd38f2fc8bdc385cdd3081a492a51037defd307929db4be340684cff2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 30 Jan 2023 12:46:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "a136-5f37a9b22ff38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=siXMM2%2Ff51TkmTFE1JFBpG8FxsJjCPELlD8WaaEGarL7Sg4q7OcKd7IprkBPjdQUxCMF95miQH1Ox6hY21XGu9ytbS6ngbp1Pu9unTNY6kvQq7onolHCGWrc1WwErf7mR8UyPWj8osxnCt2SjV0bQ%2BhP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89339e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 41270

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQV2wGFbnIAEtg5qVNlBc%2BCTnQuH4KqlxhJoomr8nAhahg9W4gO9IzcI1WApfYBKmpmVpheU2%2BuNE0AD7Kuh2LluZGYUFvpO%2FNXZgRSroUIzqWaiB%2FpUEjcNlhBXNcwUkzx9a0X%2BgtTis1kveLkuMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2021/2333fb2dfb214f7f0df48045c1176e97.webp
cache-control: max-age=3600
cf-ray: 8440abd289c571c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

f9e884493cfcd5dac212beb25a949759.webp
static.cdnlbox.club/poster/web/2021/
Redirect Chain

https://poster.newdeaf.co/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp
https://static.cdnlbox.club/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp

79 KB
80 KB

1093ms
1093ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ef8779e7af72336ec9486127cffb452632fdf597829326e426877e12a0d44da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Sun, 29 Jan 2023 21:05:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13d00-5f36d76618a50"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LehAXwRI%2BJKkl%2FXcryWTcCbrkiWMFh3zFEfksWz8q0dM2fa3bR%2FoQ3hfaQOD0zkwfym2WaJfKXf3YTkFqBUnOHaeWfrjy7OeM4HWDBf%2FfxuMSm8JtWkedeaIgX6tLFIQRn27Z%2BGejQ8DSbFOFrBHFrKt"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89739e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 81152

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AsUuoyBAWGDb30y4toilw6ZYM8CdpzyboTOQVYGrBGb%2Bm%2Buac8nWMUwsaVvdKHoLQFQJFOQz7uG5WT8AG8GumTDwlRJPTRZw09whhMHds2RI7cgSKB%2FBgyIQC9v3dQtQu%2BAy3EddevPN66H5dfVJGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2021/f9e884493cfcd5dac212beb25a949759.webp
cache-control: max-age=3600
cf-ray: 8440abd289c671c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

d997a08e065576a6056da4b2bffbe86e.webp
static.cdnlbox.club/poster/web/2021/
Redirect Chain

https://poster.newdeaf.co/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp
https://static.cdnlbox.club/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp

103 KB
104 KB

8103ms
8103ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37425a0f9754b20da6ac4756f5e71121f2c0a9f5f8dc31f5fbc39f83e6a1bece

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: MISS
last-modified: Mon, 30 Jan 2023 10:15:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19d8a-5f3787e666490"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tABb4opbmCdIABDYrpFUuD%2FInEsIJ3UyB4NI70oIejUjTUczSWIMNchcJA%2FLfOgFgsv958ytGt6tAA0DoyxPh7c177iK9BdVBwpBlrfzpVs%2FKIPTX9Ahajh4wlxw3I3sINoSdBM8reKGM57ZEx6y5cIA"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89839e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 105866

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdG%2FUtzo26n7a84gPHTtGGCpaqk2IXPQIWeU8T%2FG%2Fu83EiDTj%2FtFMm1LorIyXaUg56nsbu698GYRlACXPKJMR%2BxXhETRKxV7WZyG9vp15W%2B0BgICsG5Mp%2BoIMV4pvEKH%2Bib%2FZdYmq7Gwdh0RnUsluw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2021/d997a08e065576a6056da4b2bffbe86e.webp
cache-control: max-age=3600
cf-ray: 8440abd289c771c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

08d4353fdcb4fd40ba27345451a6dcd7.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp
https://static.cdnlbox.club/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp

29 KB
30 KB

8201ms
8201ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a65e9f8b745e7b730d37a8b45d8300a6a51880a55299caf537c5260d82fa114

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Wed, 22 Nov 2023 14:05:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "75e2-60abe36035908"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wiA3e7wl9v2E7FNsG%2FZ4wmrGGh54mwEqfTIpji9X5vingIKo0VNrQATstBSkJkUP5o6k5beNsWnLK1%2FnkpEu2X1HLwatA7ty2MS4A4KmhdVvGW3MplhXfGYSGEBssrxGFQ%2FL8FGl7GStEgoxpNXRkeAX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89b39e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 30178

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v%2BszEDY4j76QmvvNM%2Fi0h9ka4EEZzLg%2Bz9zOE2xpnf9VaBmBinq08tkhvnTjsK8MdbM779BYO97ETemEaSZpzTy6pKCzGfTjaZiKKi7SyDdsALn6%2BLFqWtNYixU8Z3AIFAeuN4YK5XDi7fAC5pVpg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/08d4353fdcb4fd40ba27345451a6dcd7.webp
cache-control: max-age=3600
cf-ray: 8440abd289c871c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

0e162d0b23fc5930aaa59400dd8657d7.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp
https://static.cdnlbox.club/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp

34 KB
35 KB

8192ms
8192ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67e0fa12e370d1598e43df242be5fb127cd51abeb6d69c3e8177759113a5d2d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 08:28:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "884a-6098bc21ae6d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNsjzTo7lWU8YPtiCNTPnKEoIik2Py9KydlEeiCddsJJ8RkLXndJcYcEnfR%2FK2ZGUpixlw9mdNV7czvsmrEWyd%2FVQvj7%2BOwWejFy6h99WiIV%2Fk8zqXA8N8m3NBW7Px%2B%2FzdBAmT1B8NKs6y2uhJsptFOV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89939e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 34890

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anPF4xEyIv6UMZtuf%2Fq%2FbpULEOytD6EzYcRHvW%2BshosYtcue0yVUznw%2BX3PSBd9qxxmvpA3N5mIMfnw6c9AFZiqVT8u0iJwWqHfJNC24dSV8%2F4%2BrSckiHe99U0UtHgetwaSnb9K9RYgLL5Cd4MLVTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/0e162d0b23fc5930aaa59400dd8657d7.webp
cache-control: max-age=3600
cf-ray: 8440abd289c971c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

16387417d9bc9d0a78d3a5d1005aaed0.webp
static.cdnlbox.club/poster/web/2023/
Redirect Chain

https://poster.newdeaf.co/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp
https://static.cdnlbox.club/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp

19 KB
20 KB

57ms
56ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db57724615a158c45e99f9f1cd400fb3a123f7f760e158128c50c6823ca65490

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Jan 2023 19:53:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 7095
etag: "4cf2-5f36c73b32c88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8WCHZ7BCw95rf5ciRupcpzHUl5elHCYt4fm42Qfyysqm0BbiMxkPAM1RotE6oVdhDzd0Lwp7wl%2FfVGF5v%2BwOWXC0i6r4mxf8K%2BgwN9AgUmudSJUEDmS6SrhDIbtXetfJkKq43dnvCjV5KFbtiHsiMRU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89c39e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 19698

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLqPFwQotl%2FypBeh68NYeQ9aOybZNi9%2BqPcqjMPBUjFja0%2Fn1NbfScKi8yEuUVR7fb3u4ZQVfBcT5Y8FgADSiw4P2kBQwZILnIL05zeWKx4XXv6Iai7l4sMUImHMw2K6ebvDCHxqH5gD8R4tcXepTA%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2023/16387417d9bc9d0a78d3a5d1005aaed0.webp
cache-control: max-age=3600
cf-ray: 8440abd289ca71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

df583fe9b8b80d01e45f8c3c58eb0fa6.webp
static.cdnlbox.club/poster/web/2022/
Redirect Chain

https://poster.newdeaf.co/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp
https://static.cdnlbox.club/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp

20 KB
20 KB

8245ms
8244ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819dd8a4df2302998904325eb89cd6b7aad1cd33d9c123733eae659374f99170

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Fri, 14 Apr 2023 14:28:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "4f98-5f94ca82b77c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afyk8fbKRjsTWAVAXVIhII95Rn%2FVYrQvqmNCvJGTYdxrUZS%2BokQh39radOqpiBlcRkQg0mIIb7%2Bo5cEhU4AvVYgTlX3aMS%2Fq%2BopoZvYGV%2FORP70ZSf2bPc8yiB4HOtpv6Umeh5aFZiGFWy2bfzQwaJ40"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e8a139e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20376

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irQN3uweV5SuMhhsjzLn6FrzXPjTF6qmWCVY%2FQyfGNbKVXV%2FrxfNayJoVx4Y6Gkr%2Bd0NB7dCDSv3hsG1SzbR3L7PQtYbD3J2Lndo8iAsmH9w2jrc3ueA7lQmby%2BGv0%2F9A2Yf%2FrLB8ZWTGCJG1nENUw%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2022/df583fe9b8b80d01e45f8c3c58eb0fa6.webp
cache-control: max-age=3600
cf-ray: 8440abd289cb71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H3

200

086a9f8fb8bb21cc57a032a98748131e.webp
static.cdnlbox.club/poster/web/2022/
Redirect Chain

https://poster.newdeaf.co/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp
https://static.cdnlbox.club/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp

48 KB
48 KB

8217ms
8217ms

Image
image/webp

2606:4700:3035::6815:36ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnlbox.club/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H3
Server: 2606:4700:3035::6815:36ca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 240893a5220a7f0a0e421bb6ab69f1f2946d264a1832a056c672c3abaa5b0981

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
cf-cache-status: HIT
last-modified: Sun, 29 Jan 2023 20:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2
etag: "bf54-5f36d5a9bc4c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FknvS8HZkuUzu1jJKU%2FEBAns5OCeCv40CqEUAUV8a1oqg7iFmWNPCqcncK%2FTSSiSO4fc0oVVexXRrxI6UgbvGxTuedGO6tZfmaEFeNyJNONkUt%2FDL0P%2FGU1hxSZ%2FwqPRsNkKcHD9%2BQZBSc647Wr%2Fy5y"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8440abd2e89e39e8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 48980

Redirect headers

date: Thu, 11 Jan 2024 22:42:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1QWKSIb3EMubtXNHctrPlnCmh51oxjqT%2Bls8f3HZlaANW1vGvwrsJ9WLMa3qVC1URG%2Bx6mO9sNzFbEV3fkmsFH9aT7t6IQ2KQ6bteOELVLqLi5iAXxUpRORHEk0Gav00cTNYJEowKTxm%2B6sawwuQAg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: https://static.cdnlbox.club/poster/web/2022/086a9f8fb8bb21cc57a032a98748131e.webp
cache-control: max-age=3600
cf-ray: 8440abd289cc71c4-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2 200 madstyle.css
code.moviead55.ru/ 209 B
494 B 54ms
15ms Stylesheet
text/css 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/madstyle.css
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401120142.js?v=6082be0687c78f67f9cde54fd23ce155&_t=1705012928164.164
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: c6c569d61b340a87c3352602f80d90e499792b306dfa74b14e1cf72c95d09a9b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: gzip
server: nginx
etag: W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary: Accept-Encoding, Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-max-age: 86400
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
x-movieads-country: NL
cross-origin-resource-policy: cross-origin

GET
H2 200 logger.php
logger.moviead55.ru/ 70 B
214 B 53ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=target_country_load&c=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&a=&m=%7B%22browser%22%3A%22%7B%5C%22name%5C%22%3A%5C%22chrome%5C%22%2C%5C%22version%5C%22%3A%5C%22120%5C%22%7D%22%2C%22isMobile%22%3Afalse%2C%22format%22%3A%22new%22%7D&v=6082be0687c78f67f9cde54fd23ce155&o=%7B%7D
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H2 200 frndnp.php Show response
videotoday.site/ Frame 2FB3 41 KB
19 KB 391ms
42ms Script
text/html 104.21.53.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=6082be0687c78f67f9cde54fd23ce155&cb=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=261&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&frnd=true
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401120142.js?v=6082be0687c78f67f9cde54fd23ce155&_t=1705012928164.164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.53.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f1f2a7ef8041da711fb594d4ecc1b7ae3f82a6d09759d89a587fc9a487cd0de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgzbvLySaKAMNhsoVVW0nA1fNETz8u4JB6XDIeSAmTG6hEFkGW2q552bYIe3I4v3GBfbI6iLdtPgMTzOcnbcWbFWIbdvSkc%2B%2Boa1Oo59u6aTcwEHdf7uSo5SO9Aps5CGUGU%3D"}],"group":"cf-nel","max_age":604800}
x-cache: Yac
content-type: text/html; charset=UTF-8
x-movieads-country: NL
cf-ray: 8440abd518f95d9d-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 bmap Show response
code.moviead55.ru/go/ Frame 598A 161 KB
64 KB 42ms
42ms Script
text/javascript 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/go/bmap?v=6082be0687c78f67f9cde54fd23ce155&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html
Requested by: Host: vak345.com
URL: https://vak345.com/cs/202401120142.js?v=6082be0687c78f67f9cde54fd23ce155&_t=1705012928164.164
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6e5e6fe525a6d40850c185e82c64bf8da82f39de7789c0e187ef6e27decb5067

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
x-movieads-udata: cache,parsed,2356
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ Frame 598A 13 KB
13 KB 228ms
54ms Script
application/x-javascript 23.111.96.52
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: code.moviead55.ru
URL: https://code.moviead55.ru/go/bmap?v=6082be0687c78f67f9cde54fd23ce155&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.111.96.52 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 269de31f460024d676a203b8b6f232ca209a16d4fffc3cd052883cf30bb05615

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
last-modified: Thu, 21 Dec 2023 13:04:03 GMT
server: nginx
etag: "658437c3-3459"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13401
expires: Thu, 11 Jan 2024 23:42:08 GMT

POST
H/1.1 200 ziEZThWJz1qgYkFtgaffncWVSk31x1KbUZ0jpidhgmevFR587r2fzOG2bz0mrdYrAE_1QEDlYibjJyEwdCNCSuRH3_9X7GwnBCWVGD2nXbdIhl9eAefTbWGwqXqtDBnO24QuMW3doULPOToElcTDjUVYyLjFce6XjqXAm-7oEwFySxxC4F0RRo_PCbcTP0JIGyB_R... Show response
aj1907.online/ 3 KB
2 KB 44ms
44ms XHR
application/json 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1907.online/ziEZThWJz1qgYkFtgaffncWVSk31x1KbUZ0jpidhgmevFR587r2fzOG2bz0mrdYrAE_1QEDlYibjJyEwdCNCSuRH3_9X7GwnBCWVGD2nXbdIhl9eAefTbWGwqXqtDBnO24QuMW3doULPOToElcTDjUVYyLjFce6XjqXAm-7oEwFySxxC4F0RRo_PCbcTP0JIGyB_RG__79Abm9-LDuoakyDAerqqXW2i54TTBy7IKCjTQYih-8ly_FfbE1O5_aLfDsMt-ZaxUkMbyx7_2jaXW3si9rv5qhZOYV7F7kBQ2y87iVnzMG8QMyNS1JO7BQKiCrJiWh2DyHw3wH9nqQ7EQeIA2355TpyY3Q_CtP24IOCyD_Rp_QT1wxA9XDLh3SfsCcFB2J9zEFXv4SEcrmhQiutdCmYAZf0elbro2G3ccbHuZSvjKKWUL0iB3TecWSq5ISRmLPO3QNaKqmn9kVY4Y33GE3F3yFbEgwBAYVgdmVyRBBCrbycgesl-2rsT25rT5Rh4Si_EAZvBWTAw4lvh1iLKdnswlUmxj0PHGE2BVGM9ccT7AzxxEd6_5082Xl1C9VAhoO14EKIg?
Requested by: Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: d70bd35d32ee13871851e7be93a0437adbab072f4c509495adc01fe899c25f6b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://11jan.newdeaf.co
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zDDaUNxIS0QC1VMjVn-t8j_AcanOhygiZJYMIRdxYditabYxgnOJgtuoOCDjbCJp-cOVscC3jvot5NTuhftxALwImZMY0GexKas878499C0FrM318b2698BaW2lS3l86uY3KMSNuebIc_JRov_FUjSU_FbReJxY-EQ-SIFyBCizVYBj03X2LCn0dKavnZDxPQioH_... Show response
aj1907.online/ 706 B
1 KB 87ms
43ms XHR
application/json 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1907.online/zDDaUNxIS0QC1VMjVn-t8j_AcanOhygiZJYMIRdxYditabYxgnOJgtuoOCDjbCJp-cOVscC3jvot5NTuhftxALwImZMY0GexKas878499C0FrM318b2698BaW2lS3l86uY3KMSNuebIc_JRov_FUjSU_FbReJxY-EQ-SIFyBCizVYBj03X2LCn0dKavnZDxPQioH__bLGM31itA0JupH7ZIDt6pW6o54t01HO7Ubff4EUPsTIZ0jZJUSZ4BPRsk0q2qtORDXEufSxXcHovQmAc83os02IAh1ohIT4P5c-pfRf0hoWi_6EhGKF9CIP_qp9oDAEwrmSDCEfrkmdqmARAm3vY6MUz5ieIMfi36Z7ZfQKyuJhOaLNsmHEJe4RIE8fV3M2IDzZsozKDqtgd3AORbyBdo7OOsvHfFLS2YQi5lolWQ5hou1nKA_E6Ugs5mVBEqt27sIvzjb8Gp_3ZzSEpv0hdMNW6eXoStENdDJW2EIaJA7eLYQAk70nKQch5BsFbRtGxV25potjwYVu4kIOBtCR13R-YMhpkWY6jglc_hhFlUZGt5FsHXT3exj-vIoJVQ5ua1cAeos?
Requested by: Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 32cc3fabd6804a39df409f47fd352d9ee844779f704d99563bb1dd72fd0261d5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:07 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://11jan.newdeaf.co
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 706
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 z85on0j7Vz6DcNhxxoPadXKkZZofin2h37oVw-UKxXZN2rqRtXo7E75y7jK1t65GXuRYQ5VYv1g0RUkrrYYUKAHyzu_1nlKzqZPR1vbDHxQ9DV6HT_Tp-DEcTRNe1SHiuCaMjtTtC7dC_BfdIVa2Km0ryDZB80BQeuCZsR4G_3TNaQzKAHCaewjzQjOzwGjd9Umru... Show response
aj1907.online/ 33 KB
12 KB 125ms
45ms XHR
application/json 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1907.online/z85on0j7Vz6DcNhxxoPadXKkZZofin2h37oVw-UKxXZN2rqRtXo7E75y7jK1t65GXuRYQ5VYv1g0RUkrrYYUKAHyzu_1nlKzqZPR1vbDHxQ9DV6HT_Tp-DEcTRNe1SHiuCaMjtTtC7dC_BfdIVa2Km0ryDZB80BQeuCZsR4G_3TNaQzKAHCaewjzQjOzwGjd9Umrugp2aUJYe_V9z69xkeArFK2pSDwcr0zQo3HocIvz3-4_YSDPZfXQX3fpaQ7f2w9aNyPXU3oMNjYZWWzONPzUuFSIV0hEyizsXcQgkWSmpaQm6ljvp9-J-sg29vcijvO9L-xH_r_16NyRrwJyW_ve7TMGXcqpKNVtTWqT7iakMi3Ji0Kfjw8a2sFngYoeiNlLG427RPfEoeBKISRLkuhZiQUVAX6vHpyyevW45wg-2jetpznbdYQAGdD5IQzBYYGHjhcSPUV-qYaAe2qGIkUXUZRsUMmmWRVOjSIp8Bt4IS-dW4CKbz_RSLVHRGxnk6Zu-bFp5-JcHttbv8G6PE5bu5JFKGMdimMCjVQXATCv372YqCfvyUmq8DBiGi14LBAs7PwgOfNE?
Requested by: Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 1790f0f5e9dd1e0eb35cd8695283fabbcbf978c327b296945f475f6fd53ecaad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:07 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
vary: accept-encoding
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://11jan.newdeaf.co
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 index.html Show response
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/ Frame 59EE 1 KB
1 KB 825ms
115ms Document
text/html 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
Requested by: Host: aj1907.online
URL: https://aj1907.online/63c0d7d8.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 66ecafe2221854714d3e795feb9751ec6b89b8b96990f99987bf40a7aa2b49b2

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 22:42:09 GMT
etag: W/"967e0d5934c7d0ad7d629d9b86817d28"
last-modified: Wed, 13 Dec 2023 11:52:10 GMT
server: CDN77-Turbo
vary: Accept-Encoding
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-77-age: 309278
x-77-cache: HIT
x-77-nzt: EgwB1GY4sQH3UqEEAAwBJRPCKAH3zBYAAA
x-77-nzt-ray: 1cb09c0ec8a6cc81c16ea06562846d18
x-77-pop: frankfurtDE
x-accel-date: 1704709487
x-accel-expires: @1705715329
x-age-lb: 303442
x-amz-cf-id: PeeNTIdijXi-cT8Xp3wU8RWvcKIeSxkW9SRzQARlnNYRTU_dd-HofA==
x-amz-cf-pop: FRA6-C1
x-amz-id-2: 3RbmLRLwveJiWgXiSD2zFMsh+rBUoAJFXFlsYAVvBncAG91Cn2g7ElUyL2gCzjNivwLe92G2CszlCcjn44b0lpSVQ/C5rJ5+
x-amz-meta-contenttype: text/html
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
x-amz-request-id: 2DAJ1G9K0FSX7QNZ
x-amz-server-side-encryption: AES256
x-cache-lb: HIT

GET
H/1.1 200 zULH4gTAHUG7_IECh2QsmnAWZWZZS4aPJnlw2hyu3lYXvPzaNt26GW9mJN1XtM0ptLGtmcGPrmAChTQBNx1UQVgpdjHWLgWmo4YXG_UmmINNUfBimfGkFryZ0iMI-wmDNK3PDGq7ORbH0AlyqdCoJXMn36XNc8ags07BJ7AIqxcxiEHpKRouDJNpy-8CmxfTWOoDD...
aj1907.online/ 43 B
642 B 43ms
43ms Image
image/gif 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1907.online/zULH4gTAHUG7_IECh2QsmnAWZWZZS4aPJnlw2hyu3lYXvPzaNt26GW9mJN1XtM0ptLGtmcGPrmAChTQBNx1UQVgpdjHWLgWmo4YXG_UmmINNUfBimfGkFryZ0iMI-wmDNK3PDGq7ORbH0AlyqdCoJXMn36XNc8ags07BJ7AIqxcxiEHpKRouDJNpy-8CmxfTWOoDDItO3GeiDzCqs49ZpCc7qqRGSBntTdjnI7NDTkmVe9r0lStGt4St7TVrwQehGtusi8Wla2k7sw83OE-LIHAKx3xC2D95DMHxs-XcvXyRJdYT01poie5D8P2HMH288i1lBBFi17nq-gLAw6rbgBRolt1DSAOurhRczB3YQDbE0iUSR1dBhdHYRvAKbiHoeV1v4fbF2m8Hb4jqHBdotoQm_UYuAhjZDUWPNKcB-cqhgS9Ntwhbl_aZG_Bv1Tf93X5fznsQoUAAU97WPI7d5GF84r8dMFcnJDgbGV8WaTvPzjAZwP91H1sPuAeBX7cFosTY?DC=HZFI
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:07 GMT
last-modified: Tue, 12 Dec 2023 08:06:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1702368398000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
pimg.vb17123filippaaniketos.pw/ 690 B
993 B 506ms
79ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pimg.vb17123filippaaniketos.pw/?type=2&service=ads&banner=player-brend-desktop_BitzAllGeo&advertiser=BitzAllGeo*BrendingBanners&custom=6fb38a5e85b225745288cea6c992175f%7C1&atype=1
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a826acf5aa782be999fff54ef2b9fed70aa8c4700156a2c504639d21d7e1dc28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8WdhSleBbGTNh%2Bo8i%2BrP2Fhl9zspo4o7PN%2FYPq%2FsFy5pipzZno%2BgWD1bqFzF667f%2Bxd4hHwHjFTCT25MwbyujTlqOH0n%2BM7wjsfgZQzuA30Zr%2F9oX8FNTkv5i1CFk8lShgezLwDLW%2BGea1oTH%2BHWl4UbPigMZ1mSUWJ7B0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 8440abd7ec4c3cdd-CDG
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200 zIVeZKP7iv12PbHEX6ayGKXei-5ab8xb9EbHlUv7wsOXa8duN7_viuH35sa38G5v3-8wiLYMsiW-huTYNhf_NXiiPE2IU2Ppb19vqq5lXEOzZPbcS3zkvNx7Kwm7PA2Hhz5sVBAwckhODiZxiqKbv_Wci04iM0hgqow65DT8ipGqlkfg7XYVhbCYmBBCCewR1rC-i...
aj1907.online/ 49 B
512 B 41ms
41ms Image
image/gif 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1907.online/zIVeZKP7iv12PbHEX6ayGKXei-5ab8xb9EbHlUv7wsOXa8duN7_viuH35sa38G5v3-8wiLYMsiW-huTYNhf_NXiiPE2IU2Ppb19vqq5lXEOzZPbcS3zkvNx7Kwm7PA2Hhz5sVBAwckhODiZxiqKbv_Wci04iM0hgqow65DT8ipGqlkfg7XYVhbCYmBBCCewR1rC-iMR907Nj3S3qcWL-jABE2_1NPNC-r3HKGCWNO68IkphdW42KuhmjVW2SAXkpkIAosC1p2ZGdu2DaCSBLk7CVA5wqdUcEhogwncuW58d2pEqtAnYvxYl70WuRMUTSjP97ROJKZpho9eFWmeY-Tgnv81IVe_f-Lrrr4yxHYx78_GEQiZaRb_kUzVV6n0iZmB1uwnc14_gS8IME011Lms0q34odqkIsluQMrMCjClGdnAApfD83C1_NmniFFEDiawdPoVJq1u9h6I_vGaUv8jY6cmWsyj8SELo90uZQn?DC=HZFI
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:07 GMT
last-modified: Tue, 12 Dec 2023 08:06:46 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1702368406000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
pimg.vb17123filippaaniketos.pw/ 690 B
1 KB 480ms
78ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pimg.vb17123filippaaniketos.pw/?type=2&service=ads&banner=pagebanner_BitzAllGeo&advertiser=BitzAllGeo*PageBanners&custom=6fb38a5e85b225745288cea6c992175f%7C2&atype=2
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a826acf5aa782be999fff54ef2b9fed70aa8c4700156a2c504639d21d7e1dc28

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3a5ZZSy13s21iWG1HXt4JMULoH665s8VKCOqsFr6ydLFsyDW2%2BHRnWdfFkLckJzhXUBSiZ4681M8S50r77Ay7qGTeK9MHvAZFd8ABsWeXlcXSWzFgM0K6C07o1a6n9Q1bYj1jploaFjnSzo3duN2wdutAtClQQQXvI1f7qw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cf-ray: 8440abd7ec4f3cdd-CDG
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated Show response
/ Frame 2FB3 8 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b96aba049c7bf3c05364405b705811df4578a1c05d8fb30e410886b165b14d92

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 2FB3 202 KB
70 KB 3214ms
3214ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-11627"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 71207
expires: Thu, 11 Jan 2024 23:42:08 GMT

GET
H2 200 mstream2.js Show response
static.moviead55.ru/mp_dist/ Frame 2FB3 168 KB
58 KB 184ms
33ms Script
application/javascript 2606:4700:3037::ac43:9f81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:9f81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c76e04bc99afe49b88077e2ab7960f02cccacefc8a80898881ef683c72e381

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176
x-movieads-country: RU
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Jan 2024 12:38:42 GMT
server: cloudflare
etag: W/"659d3e52-2a15f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=npuPSrst8Umx%2BBdXt0k%2FYzFjE6JPiF08g6i17REMwSrOB1HtlkHWCZwengyf9SF%2FgYYTKHuvxxDzSEbGueuQ9EnirCMaUoU8qhrHDXlLguFLsQ8Zgj3e%2FoaDJum154VayaswHMBixufYOUGYvZSpkrj9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=7200
access-control-allow-credentials: true
cf-ray: 8440abd66df179cb-AMS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range

GET
H2

200

/ Show response
www.acint.net/mc/ Frame 66DD
Redirect Chain

https://www.acint.net/mc/?dp=167
https://www.acint.net/mc/?dp=167&tc=1

5 KB
5 KB

56ms
55ms

Document
text/html

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.acint.net/mc/?dp=167&tc=1
Requested by: Host: videotoday.site
URL: https://videotoday.site/frndnp.php?ver=1&autoplay=1&v=6082be0687c78f67f9cde54fd23ce155&cb=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&fclose=false&sub_id=ap&fmt_id=1&testad=no&nomon=1&cdiv=261&r=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&frnd=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: bfdbe19653e58f1543076ce2ae3ce14f7158df605f9d7b712fe09e541d2abb4b

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 11 Jan 2024 22:42:09 GMT
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
server: openresty

Redirect headers

content-length: 154
content-type: text/html
date: Thu, 11 Jan 2024 22:42:08 GMT
location: /mc/?dp=167&tc=1
server: openresty

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 2FB3 70 B
213 B 17ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=cdiv&c=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&a=&m=261&v=6082be0687c78f67f9cde54fd23ce155&o=%7B%220%22%3A%22https%3A%2F%2F11jan.newdeaf.co%22%7D
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=gtnt&rnd=1705012928
https://px.adhigh.net/p/cm/skyadvert?u=add8bd3b-4ed7-9015-57f1-f41636ac1a47
https://px.adhigh.net/p/cm/skyadvert?u=add8bd3b-4ed7-9015-57f1-f41636ac1a47&bounced=1
https://code.moviead55.ru/go/csync?cn=gtnt&bid=mBicfCvh9k.AikABlGM-rCiLQ

0
146 B

19ms
18ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=gtnt&bid=mBicfCvh9k.AikABlGM-rCiLQ
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=gtnt&bid=mBicfCvh9k.AikABlGM-rCiLQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=btwcookie&rnd=1705012928
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=34348&callback_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbtwcookie%26bid%3D%24%7BUSER_ID%7D&crf=1&rts=3166442138956273816
https://code.moviead55.ru/go/csync?cn=btwcookie&bid=a46c61bc-ab6c-530c-969e-4bf8f33e2539

0
156 B

30ms
29ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=a46c61bc-ab6c-530c-969e-4bf8f33e2539
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=btwcookie&bid=a46c61bc-ab6c-530c-969e-4bf8f33e2539
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=ohmybid&rnd=1705012928
https://match.ohmy.bid/cm?ssp=skyadv&redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dohmybid%26bid%3D%24%7BUUID%7D
https://code.moviead55.ru/go/csync?cn=ohmybid&bid=afd95819-3348-4710-99c9-ecabea747151

0
154 B

15ms
15ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=afd95819-3348-4710-99c9-ecabea747151
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=ohmybid&bid=afd95819-3348-4710-99c9-ecabea747151
date: Thu, 11 Jan 2024 22:42:08 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-21 1.1376.f4afd3f
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=sapecookie&rnd=1705012928
https://www.acint.net/rmatch?dp=167&euid=967cde82-8a9f-f415-37f7-d94edb33f326&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D%24%7BUSER_ID%7D
https://www.acint.net/rmatch?r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D&dp=167&tc=1&euid=967cde82-8a9f-f415-37f7-d94edb33f326
https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fcode.moviead55.ru%252Fgo%252Fcsync%253Fcn%253Dsapecookie%2526bid%253D$%...
https://acint.net/rmatch?dp=14&euid=5103420AC16EA0650F025319028C19A1&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsapecookie%26bid%3D$%7BUSER_ID%7D
https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007FC06EA0651236754E02EF6FDB

0
154 B

19ms
17ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

date: Thu, 11 Jan 2024 22:42:09 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://code.moviead55.ru/go/csync?cn=sapecookie&bid=0100007FC06EA0651236754E02EF6FDB
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

204

match
dm-eu.hybrid.ai/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=hbrdcookie2&rnd=1705012928
https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

0
282 B

59ms
20ms

Image
text/plain

37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:08 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 510
x-xss-protection: 1; mode=block
expires: -1

Redirect headers

location: https://dm-eu.hybrid.ai/match?id=185&burl=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dhbrdcookie2%26bid%3D%24%7BVID%7D
date: Thu, 11 Jan 2024 22:42:08 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7601/i/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=dgm&rnd=1705012928
https://sync.opendsp.ru/match/MovieAds?id=0af0207a-213a-2f83-526e-1cfe31908e71
https://sync.opendsp.ru/match/MovieAds?id=0af0207a-213a-2f83-526e-1cfe31908e71&chk=1
https://sm.rtb.mts.ru/p?ssp=tradingdesk&id=OTg5YzgzNmQxZGQ1MTY1
https://vma.mts.ru/match/second?ssp=67&exu=OTg5YzgzNmQxZGQ1MTY1
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D67%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://vma.mts.ru/em?next=67&em=1&ssp=konnektu&id=
https://sync.opendsp.ru/match/mts_dsp?id=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd
https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=t0rwwq8hevj9&e=OTg5YzgzNmQxZGQ1MTY1

49 B
555 B

58ms
58ms

Image
image/gif

185.15.175.145
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=t0rwwq8hevj9&e=OTg5YzgzNmQxZGQ1MTY1

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

HTTP/1.1

Server

185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 49
X-XSS-Protection: 1; mode=block

Redirect headers

location: https://dmg.digitaltarget.ru/1/7601/i/i?a=2121&i=t0rwwq8hevj9&e=OTg5YzgzNmQxZGQ1MTY1
date: Thu, 11 Jan 2024 22:42:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=solta&rnd=1705012928
https://kimberlite.io/rtb/sync/skyadvert?u=1464ea02-822d-3c29-cdf0-b61f9662fd36
https://code.moviead55.ru/go/csync?cn=solta&bid=ZaBuwUvMwlo

0
136 B

20ms
19ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=solta&bid=ZaBuwUvMwlo
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
referrer-policy: no-referrer
Server: nginx
access-control-allow-origin: *
location: https://code.moviead55.ru/go/csync?cn=solta&bid=ZaBuwUvMwlo
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0001
Content-Length: 0

GET
H2

200

match
ads.betweendigital.com/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=gonetbid&rnd=1705012928
https://sync.gonet-ads.com/match/SkyAdvert?id=017c14ba-0f2a-c886-2cf1-398bc076149c
https://sync.gonet-ads.com/match/SkyAdvert?id=017c14ba-0f2a-c886-2cf1-398bc076149c&chk=1
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw
https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw&crf=1&rts=7414250997729777857

68 B
598 B

103ms
103ms

Image
image/png

96.46.186.61
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw&crf=1&rts=7414250997729777857
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 96.46.186.61 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: /match?bidder_id=4098&external_user_id=NmQ0ZTc1YzMxM2VhYzA5Nw&crf=1&rts=7414250997729777857
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

204

skyadvert
sync.dmp.otm-r.com/match/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otmbid&rnd=1705012928
https://sync.dmp.otm-r.com/match/skyadvert

0
69 B

124ms
62ms

Image
text/plain

138.201.65.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/skyadvert
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.65.201.138.clients.your-server.de
Software: nginx/1.19.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:08 GMT
server: nginx/1.19.7

Redirect headers

location: https://sync.dmp.otm-r.com/match/skyadvert
date: Thu, 11 Jan 2024 22:42:08 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

400

/
sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=snmd&rnd=1705012928
https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D

0
0

130ms
34ms

Image
text/html

138.201.8.249
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 138.201.8.249 Ergolding, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.249.8.201.138.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

location: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D
date: Thu, 11 Jan 2024 22:42:08 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

204

sync
a.videohead.tech/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=vhd&rnd=1705012928
https://a.videohead.tech/sync?ssp=sky_new

0
684 B

386ms
40ms

Image
text/plain

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.videohead.tech/sync?ssp=sky_new
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xa3QxiO4XLBi4S2AViUMa556fmT6eBqu4%2FQotlkny2K%2B%2FZTGA19vIRzejuDOt84gtTng%2BoXCm0vjrjcev0yUvJMdNcT09BAfsgLf77nTRSl90r2KxVCGCUHJGqpxQ80OB5SK"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8440abd7cf046925-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
alt-svc: h3=":443"; ma=86400

Redirect headers

location: http://a.videohead.tech/sync?ssp=sky_new
date: Thu, 11 Jan 2024 22:42:08 GMT
x-movieads-country: NL
server: nginx
content-length: 0

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=bzcookie&rnd=1705012928
https://exchange.buzzoola.com/cookiesync/redirect/skyadvert?redirect_url=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dbzcookie%26bid%3D%24%7BUUID%7D
https://code.moviead55.ru/go/csync?cn=bzcookie&bid=323cd1af-6b51-4e75-4f8d-29eee80843a0

0
155 B

19ms
18ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=323cd1af-6b51-4e75-4f8d-29eee80843a0
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

location: https://code.moviead55.ru/go/csync?cn=bzcookie&bid=323cd1af-6b51-4e75-4f8d-29eee80843a0
date: Thu, 11 Jan 2024 22:42:08 GMT
server: nginx
content-length: 126
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

csync
code.moviead55.ru/go/ Frame 2FB3
Redirect Chain

https://code.moviead55.ru/go/cinit?cn=otclkbid&rnd=1705012928
https://otclick-adv.ru/core/match.gif?s=30&reference=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dotclkbid%26bid%3D%23%7BUID%7D
https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUFobRe90cyZLWh

0
141 B

20ms
19ms

Image
image/jpeg

193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUFobRe90cyZLWh
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
x-movieads-country: NL
server: nginx
content-length: 0
content-type: image/jpeg

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.24.0
p3p: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
location: https://code.moviead55.ru/go/csync?cn=otclkbid&bid=VUFobRe90cyZLWh
cache-control: no-cache, max-age=0, must-revalidate, no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 124
expires: Thursday, 01-Jan-1970 00:00:00 GMT

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 2FB3 70 B
213 B 16ms
15ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?t=player_frame_loaded_new&c=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&a=&m=0&v=6082be0687c78f67f9cde54fd23ce155&o=%7B%220%22%3A%22https%3A%2F%2F11jan.newdeaf.co%22%7D
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:08 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H/1.1 200
OK json.cgi Show response
ev.adriver.ru/cgi-bin/ Frame 598A 490 B
1 KB 255ms
73ms Fetch
application/json 195.209.108.58
ADRIVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ev.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&cid=0&custom=301=0;302=0;304=0;308=0;309=0
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/AdRiverFPS.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.58 , Russian Federation, ASN52007 (ADRIVER, RU),
Reverse DNS
Software: /
Resource Hash: bef4d26fe31527ff3c8658b7750a9cad3915d2e6c7470bac26d4da483652471d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 22:42:09 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://11jan.newdeaf.co
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
acint.net/ Frame 66DD
Redirect Chain

https://ssp-rtb.sape.ru/rmatch/?r=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D14%26euid%3D%24%7BUSER_ID%7D
https://acint.net/match?dp=14&euid=1C03420AC16EA065020236AA020D279C

43 B
269 B

55ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=14&euid=1C03420AC16EA065020236AA020D279C
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
Server: openresty
Access-Control-Allow-Methods: GET
P3P: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
Access-Control-Allow-Origin: *
Location: https://acint.net/match?dp=14&euid=1C03420AC16EA065020236AA020D279C
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 142
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

match
acint.net/ Frame 66DD
Redirect Chain

https://px.adhigh.net/p/cm/sape?u=0100007FC06EA0651236754E02EF6FDB
https://px.adhigh.net/p/cm/sape?u=0100007FC06EA0651236754E02EF6FDB&bounced=1
https://acint.net/match?dp=17&euid=mBicfCvh9k.AikABlGM-rCiUg

43 B
269 B

60ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=17&euid=mBicfCvh9k.AikABlGM-rCiUg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://acint.net/match?dp=17&euid=mBicfCvh9k.AikABlGM-rCiUg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 66DD
Redirect Chain

https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691
https://ev.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6438691&tuid=-5822445519
https://www.acint.net/rmatch?dp=45&euid=AY9ujBLEfdGFTGx7Qar4mew&r=https%3A%2F%2Fssp.adriver.ru%2Fcgi-bin%2Fsync.cgi%3Fssp_id%3D43%26external_id%3D%24%7BUSER_ID%7D
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC06EA0651236754E02EF6FDB

42 B
201 B

79ms
79ms

Image
image/gif

81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:10 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

date: Thu, 11 Jan 2024 22:42:10 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=43&external_id=0100007FC06EA0651236754E02EF6FDB
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 204 sync
a.utraff.com/ Frame 66DD 0
749 B 162ms
33ms Image
text/plain 2606:4700:20::681a:6bd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.utraff.com/sync?ssp=8&id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbGrdPN8lHIT22IrZSJhKrdtMl4ekj7mE%2BApx15nUOzUry0Q3%2F5R17gTZBMHl3cG%2F35ikRBtqoaZ2EWB4YzPdXeksJ6SIgba5MjHQwHdLV67ESkqUEZ9mLdaavuzv07fgBNA%2B8lGaG%2FAZw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: true
cf-ray: 8440abd7aece35f0-FRA
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 204 match
dm-eu.hybrid.ai/ Frame 66DD 0
280 B 18ms
15ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm-eu.hybrid.ai/match?id=106&vid=0100007FC06EA0651236754E02EF6FDB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://www.acint.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 510
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1 200
OK adcm.js Show response
tag.digitaltarget.ru/ Frame 66DD 3 KB
3 KB 171ms
55ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/adcm.js
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
Last-Modified: Thu, 11 Jan 2024 22:34:19 GMT
Server: nginx
ETag: "65a06ceb-beb"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3051

GET
H2 204 sape
sync.dmp.otm-r.com/match/ Frame 66DD 0
68 B 29ms
26ms Image
text/plain 138.201.65.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/sape?id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.65.201.138.clients.your-server.de
Software: nginx/1.19.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.19.7

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://sync.upravel.com/sape/sync
https://sync.upravel.com/sape/sync?session_tpt=eyJoZWFkZXJzIjp7InJlZmVyZXIiOlsiaHR0cHM6Ly93d3cuYWNpbnQubmV0LyJdfX0
https://www.acint.net/match?dp=71&euid=69abffb7-1544-4ea1-bd60-eb0dbc5a53ec

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=71&euid=69abffb7-1544-4ea1-bd60-eb0dbc5a53ec
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://www.acint.net/match?dp=71&euid=69abffb7-1544-4ea1-bd60-eb0dbc5a53ec
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

match
acint.net/ Frame 66DD
Redirect Chain

https://s.ccsyncuuid.net/match/5/?remote_uid=0100007FC06EA0651236754E02EF6FDB
https://acint.net/match?dp=80&euid=uRQ5ZIRGiFV1McU8LVmg

43 B
269 B

54ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=80&euid=uRQ5ZIRGiFV1McU8LVmg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=80&euid=uRQ5ZIRGiFV1McU8LVmg
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 66DD 42 B
201 B 328ms
80ms Image
image/gif 81.222.128.214
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=153&external_id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.214 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad14.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://ssp.bestssp.com/sspmatch?url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D95%26euid%3D
https://www.acint.net/match?dp=95&euid=QYNLJEXD

43 B
269 B

53ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=95&euid=QYNLJEXD
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=95&euid=QYNLJEXD
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.22.0
content-length: 74
content-type: text/html; charset=utf-8

GET
H2 204 sape
sync.adspend.space/ Frame 66DD 0
46 B 171ms
51ms Image
text/plain 5.189.234.229
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adspend.space/sape?uid=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 5.189.234.229 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.22.1

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://sape-sync.rutarget.ru/sync
https://www.acint.net/match?dp=104&euid=F1TL7vPZO2Qt

43 B
269 B

54ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=104&euid=F1TL7vPZO2Qt
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=104&euid=F1TL7vPZO2Qt
Date: Thu, 11 Jan 2024 22:42:09 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

match
acint.net/ Frame 66DD
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC06EA0651236754E02EF6FDB&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=35313&external_user_id=0100007FC06EA0651236754E02EF6FDB&callback_url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D107%26euid%3D%24%7BUSER_ID%7D&crf=1&rts=-5...
https://acint.net/match?dp=107&euid=995716f2-a6e0-530c-a191-48e3c4312622

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=107&euid=995716f2-a6e0-530c-a191-48e3c4312622
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=107&euid=995716f2-a6e0-530c-a191-48e3c4312622
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

match
acint.net/ Frame 66DD
Redirect Chain

https://ads.adlook.me/csync?pid=sape&uid=0100007FC06EA0651236754E02EF6FDB&url=https%3A%2F%2Facint.net%2Fmatch%3Fdp%3D110%26euid%3D%7BuserId%7D
https://acint.net/match?dp=110&euid=b8dfa271632c448c82168c794ab5d36d

43 B
269 B

55ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acint.net/match?dp=110&euid=b8dfa271632c448c82168c794ab5d36d
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://acint.net/match?dp=110&euid=b8dfa271632c448c82168c794ab5d36d
date: Thu, 11 Jan 2024 22:42:09 GMT
server: Microsoft-IIS/10.0

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=sape&id=0100007FC06EA0651236754E02EF6FDB
https://vma.mts.ru/match/second?ssp=30&exu=0100007FC06EA0651236754E02EF6FDB
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fpixel.konnektu.ru%2Fredirect%2Fmts%3Fcallback_url%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253...
https://pixel.konnektu.ru/redirect/mts?callback_url=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D30%26em%3D1%26ssp%3Dkonnektu%26id%3D%7BUSER_ID%7D
https://vma.mts.ru/em?next=30&em=1&ssp=konnektu&id=
https://www.acint.net/match?dp=125&euid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd

43 B
269 B

56ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=125&euid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:11 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://www.acint.net/match?dp=125&euid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/sape?redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D126%26euid%3D%24%7BUUID%7D
https://www.acint.net/match?dp=126&euid=da13de5c-fc6c-4dd8-7065-2b5f6c04f16e

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=126&euid=da13de5c-fc6c-4dd8-7065-2b5f6c04f16e
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=126&euid=da13de5c-fc6c-4dd8-7065-2b5f6c04f16e
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
content-length: 115
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://s.uuidksinc.net/match/396/?remote_uid=0100007FC06EA0651236754E02EF6FDB
https://www.acint.net/match?dp=127&euid=aT31YqMg601MdtMojC5U

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=127&euid=aT31YqMg601MdtMojC5U
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=127&euid=aT31YqMg601MdtMojC5U
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://ssp.bidvol.com/usersync?dspcsid=8&redirect=1
https://www.acint.net/match?dp=129&euid=ek6px5znsg

43 B
269 B

56ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=129&euid=ek6px5znsg
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx/1.22.0
surrogate-control: no-store
vary: Origin
access-control-allow-origin: *
location: https://www.acint.net/match?dp=129&euid=ek6px5znsg
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
access-control-allow-credentials: true
x-request-id: b21ef39a-f3c6-4630-a4d3-61188f911e18
expires: 0

GET
H/1.1 204
No Content userbind
match.new-programmatic.com/ Frame 66DD 0
215 B 215ms
54ms Image
text/plain 217.65.2.150
CITYTELECOM-AS Fi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.new-programmatic.com/userbind?src=sape&id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Jan 2024 22:42:09 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.22.1
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2

204

0.gif
x01.aidata.io/ Frame 66DD
Redirect Chain

https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC06EA0651236754E02EF6FDB
https://x01.aidata.io/0.gif?pid=9401454&id=0100007FC06EA0651236754E02EF6FDB&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

55ms
54ms

Image
text/plain

89.108.120.68
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 89.108.120.68 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51803.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Thu, 11 Jan 2024 22:42:09 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Thu, 11 Jan 2024 22:42:09 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Thu, 11 Jan 2024 22:42:10 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 sape.js
sync.gonet-ads.com/match/ Frame 66DD 241 B
241 B 33ms
31ms Image
application/javascript 188.42.105.236
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.gonet-ads.com/match/sape.js?id=0100007FC06EA0651236754E02EF6FDB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.42.105.236 , Luxembourg, ASN7979 (SERVERS-COM, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/
sync.bumlam.com/ Frame 66DD
Redirect Chain

https://sync.bumlam.com/?src=sap1&uid=0100007FC06EA0651236754E02EF6FDB
https://sync.bumlam.com/?src=sap1&s_data=CAIQARjB3YGtBmIgMDEwMDAwN0ZDMDZFQTA2NTEyMzY3NTRFMDJFRjZGREKiARCneAWosNIR7ruxACWQyCQ2

0
523 B

43ms
21ms

Image
text/html

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=sap1&s_data=CAIQARjB3YGtBmIgMDEwMDAwN0ZDMDZFQTA2NTEyMzY3NTRFMDJFRjZGREKiARCneAWosNIR7ruxACWQyCQ2
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: text/html; charset=utf-8
Date: Thu, 11 Jan 2024 22:42:10 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 0
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
Server: nginx
ETag: a77805a8-b0d2-11ee-bbb1-002590c82436
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //sync.bumlam.com/?src=sap1&s_data=CAIQARjB3YGtBmIgMDEwMDAwN0ZDMDZFQTA2NTEyMzY3NTRFMDJFRjZGREKiARCneAWosNIR7ruxACWQyCQ2
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

done
pix.bumlam.com/sync/sape/ Frame 66DD
Redirect Chain

https://pix.bumlam.com/sync/sape/check?sspuid=0100007FC06EA0651236754E02EF6FDB
https://sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/sync_ok?guid=a77805a8-b0d2-11ee-bbb1-002590c82436
https://a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com/?src=sape
https://pix.bumlam.com/sync/sape/done

43 B
673 B

21ms
21ms

Image
image/gif

31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.bumlam.com/sync/sape/done

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

HTTP/1.1

Server

31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 22:42:10 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.acint.net
P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
X-Xss-Protection: 0
Expires: 05-Jun-2005 22:00:00 GMT

Redirect headers

location: https://pix.bumlam.com/sync/sape/done
access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:10 GMT
server: nginx/1.24.0
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 0100007FC06EA0651236754E02EF6FDB
an.yandex.ru/mapuid/sapeis/ Frame 66DD 43 B
571 B 214ms
60ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FC06EA0651236754E02EF6FDB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:09 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:09 GMT

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://nr.bidderstack.com/sape/cm?user_id=0100007FC06EA0651236754E02EF6FDB
https://nr.bidderstack.com/sape/cm?user_id=0100007FC06EA0651236754E02EF6FDB&pupa=1
https://www.acint.net/match?dp=251&euid=53c61e05-d879-6812-eb32-d00afcfb1be5

43 B
269 B

54ms
53ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=251&euid=53c61e05-d879-6812-eb32-d00afcfb1be5
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Location: https://www.acint.net/match?dp=251&euid=53c61e05-d879-6812-eb32-d00afcfb1be5
Access-Control-Allow-Origin: *
Date: Thu, 11 Jan 2024 22:42:10 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://cs.agency2.ru/p?ssp=sp&uid=0100007FC06EA0651236754E02EF6FDB
https://www.acint.net/match?dp=186&euid=40326337-2b44-4431-a986-7a0a1cfa90da

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=186&euid=40326337-2b44-4431-a986-7a0a1cfa90da
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:09 GMT
Server: fasthttp
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS, PUT, DELETE
Location: https://www.acint.net/match?dp=186&euid=40326337-2b44-4431-a986-7a0a1cfa90da
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
X-Host: 23.111.107.44
Connection: keep-alive
Access-Control-Allow-Headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://match.ohmy.bid/cm?ssp=sape&redirect_url=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D217%26euid%3D%7Buid%7D
https://www.acint.net/match?dp=217&euid=afd95819-3348-4710-99c9-ecabea747151

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=217&euid=afd95819-3348-4710-99c9-ecabea747151
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=217&euid=afd95819-3348-4710-99c9-ecabea747151
date: Thu, 11 Jan 2024 22:42:09 GMT
access-control-allow-credentials: true
server: nginx
bidder: bid-11 1.1376.f4afd3f
content-length: 0

GET
H/1.1 400
Bad Request user-sync
sync.adkernel.com/ Frame 66DD 22 B
22 B 59ms
15ms Image
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:10 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 22

GET
H2

200

/
dmp.sbermarketing.ru/ Frame 66DD
Redirect Chain

https://sync.programmatica.com/match/01
https://sync.programmatica.com/match/01?chk=1
https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjJmMzNlOWRhMzhkMmYwOQ

35 B
667 B

168ms
53ms

Image
image/gif

37.18.110.198
CLOUDRU-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjJmMzNlOWRhMzhkMmYwOQ

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

37.18.110.198 , Russian Federation, ASN208677 (CLOUDRU-AS, RU),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:39:40 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://dmp.sbermarketing.ru/?dmpkit_cid=9064fc6c-76fe-4a6d-aea6-92ef3f343257&dmpkit_evid=8vhicaia6d0gnvnhrxxom892oalkpb77&user_prg=MjJmMzNlOWRhMzhkMmYwOQ
date: Thu, 11 Jan 2024 22:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H2

204

weborama-sync
adx.com.ru/ Frame 66DD
Redirect Chain

https://adx.com.ru/sape-sync?uid=0100007FC06EA0651236754E02EF6FDB
https://adx.com.ru/sync?sspKey=25&sspUserID=0100007FC06EA0651236754E02EF6FDB
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a06ec2f0e01500010dd26f%2526r%253D%26webouid%3...
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fadx.com.ru%2Fweborama-sync%3Furl%3Dhttps%253A%252F%252Fprodmp.ru%252Fyabbi.gif%253Fuid%253D65a06ec2f0e01500010dd26f%2526r%253D%26webouid%3...
https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a06ec2f0e01500010dd26f%26r%3D&webouid=8m7YtixR0uWzgU83EsA.ZO

0
141 B

92ms
91ms

Image
text/plain

83.222.117.90
MNOGOBYTE-AS Moscow

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a06ec2f0e01500010dd26f%26r%3D&webouid=8m7YtixR0uWzgU83EsA.ZO
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 83.222.117.90 , Russian Federation, ASN42632 (MNOGOBYTE-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
server: nginx/1.22.0
p3p: CP="adx.com.ru does not have a P3P policy"

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 google
last-modified: Thu, 11 Jan 2024 22:42:10 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://adx.com.ru/weborama-sync?url=https%3A%2F%2Fprodmp.ru%2Fyabbi.gif%3Fuid%3D65a06ec2f0e01500010dd26f%26r%3D&webouid=8m7YtixR0uWzgU83EsA.ZO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

404

-5mlqI1FToO7F-2faLSQ3Q
an.yandex.ru/setud/mts_banner/ Frame 66DD
Redirect Chain

https://kimberlite.io/rtb/sync/sape2?u=0100007FC06EA0651236754E02EF6FDB
https://sync.dsp.solta.io/match/kimberlite?id=ZaBuwUvMwlo
https://sync.dsp.solta.io/match/kimberlite?id=ZaBuwUvMwlo&chk=1
https://kimberlite.io/rtb/sync/iage?u=NzAyMGMwYTA2MDg0NDgwNw
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaBuwUvMwlo
https://vma.mts.ru/match/second?ssp=59&exu=ZaBuwUvMwlo
https://tech.rtb.mts.ru/?dsp_uid=fb99a5a8-8d45-4e83-bb17-ed9f68b490dd&return_url=https%3A%2F%2Fan.yandex.ru%2Fsetud%2Fmts_banner%2F-5mlqI1FToO7F-2faLSQ3Q%3Flocation%3Dhttps%253A%252F%252Fvma.mts.ru...
https://an.yandex.ru/setud/mts_banner/-5mlqI1FToO7F-2faLSQ3Q?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1812691448

43 B
176 B

66ms
65ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/mts_banner/-5mlqI1FToO7F-2faLSQ3Q?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1812691448

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:10 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:10 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:10 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:10 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/setud/mts_banner/-5mlqI1FToO7F-2faLSQ3Q?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1812691448
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://sync.dsp.solta.io/match/sape?id=0100007FC06EA0651236754E02EF6FDB
https://sync.dsp.solta.io/match/sape?id=0100007FC06EA0651236754E02EF6FDB&chk=1
https://www.acint.net/match?dp=260&euid=NjQ3ODgxODkxYjJjZDQ5OQ

43 B
269 B

54ms
54ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=260&euid=NjQ3ODgxODkxYjJjZDQ5OQ
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

location: https://www.acint.net/match?dp=260&euid=NjQ3ODgxODkxYjJjZDQ5OQ
date: Thu, 11 Jan 2024 22:42:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H/1.1 200
OK cm.gif
ad.mail.ru/ Frame 66DD 43 B
766 B 824ms
147ms Image
image/gif 2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=48&id=0100007FC06EA0651236754E02EF6FDB
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Thu, 11 Jan 2024 22:42:11 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 12 Jan 2024 04:42:11 GMT

GET
H2 200 set
sync.rambler.ru/ Frame 66DD 0
172 B 300ms
146ms Image
text/plain 91.192.148.52
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=1b87f89d-4fb1-4046-b5d4-1814eb9a34db&id=0100007FC06EA0651236754E02EF6FDB

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.52 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
strict-transport-security: max-age=0
x-passed: 2bal2
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

match
www.acint.net/ Frame 66DD
Redirect Chain

https://ssp.afp.ai/api/sync/sape
https://www.acint.net/match?dp=261&euid=f8d6b3d0-6638-4ad2-b58a-817cd0bf2cfd

43 B
269 B

55ms
55ms

Image
image/gif

193.3.184.137
QWARTA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.acint.net/match?dp=261&euid=f8d6b3d0-6638-4ad2-b58a-817cd0bf2cfd
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: H2
Server: 193.3.184.137 , Russian Federation, ASN50214 (QWARTA, RU),
Reverse DNS: asrv321.qwarta.ru
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
expires: Wed, 19 Apr 2000 11:43:00 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:10 GMT
Server: nginx/1.20.1
Vary: Origin
Access-Control-Allow-Origin
Location: https://www.acint.net/match?dp=261&euid=f8d6b3d0-6638-4ad2-b58a-817cd0bf2cfd
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK processor.js Show response
tag.digitaltarget.ru/ Frame 66DD 16 KB
16 KB 112ms
111ms Script
application/javascript 185.15.175.130
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.digitaltarget.ru/processor.js?i=357358096109125
Requested by: Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.15.175.130 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software: nginx /
Resource Hash: 5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:10 GMT
Last-Modified: Thu, 11 Jan 2024 22:34:20 GMT
Server: nginx
ETag: "65a06cec-3e23"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15907

GET
H2 200 main.57bd202a.js Show response
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/static/js/ Frame 59EE 216 KB
69 KB 29ms
29ms Script
application/javascript 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/static/js/main.57bd202a.js
Requested by: Host: cdn77-fs.aj1907.online
URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 429b1e48a6bcad25b6b03278dec4d32de1412bbe031d3343d91fa8fdfddfe6f9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 92540
x-amz-request-id: 2DAXQVSS921CMWEJ
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704920390
x-amz-id-2: 0g16SwugZDJbRZ1KixcZMIfakiZK3yMF2nAwUOGugC6aSmRYGH/rCq0VUsFu6QVJ3YrWIeRrzjY=
x-77-nzt: EgwB1GY4sQH3fGkBAAwBJRPCLgH3yxYAAA
x-accel-expires: @1705957189
x-77-age: 98375
x-cache-lb: HIT
last-modified: Wed, 13 Dec 2023 11:52:26 GMT
server: CDN77-Turbo
etag: W/"ce50b7b9cf703cc539c2826a03a25238"
x-77-nzt-ray: 1cb09c0ec8a6cc81c26ea0658b6e3516
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/javascript
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
access-control-allow-origin: *
access-control-max-age: 3000
x-amz-meta-contenttype: application/javascript
x-amz-cf-id: Fs5R8irC37K5z7Kvdun8VsCbL-cLxLxyfEmrcqOeb9O-yVfyHNyqjg==

GET
H2 200 logger.php
logger.moviead55.ru/ Frame 2FB3 70 B
213 B 14ms
14ms Image
image/png 193.200.65.146
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://logger.moviead55.ru/logger.php?v=6082be0687c78f67f9cde54fd23ce155&c=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A1.521%2C%22version%22%3A%221704803913459%22%2C%22vt%22%3A100%2C%22dh%22%3Afalse%2C%22l%22%3A%22https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html%22%2C%22scr%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22c%22%3A24%2C%22iw%22%3A778%2C%22ih%22%3A330%7D%7D&o=%7B%220%22%3A%22https%3A%2F%2F11jan.newdeaf.co%22%7D
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.146 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
content-encoding: gzip
x-movieads-country: NL
server: nginx
vary: Accept-Encoding
x-movieads-le: true
content-type: Content-Type: image/png

GET
H2 200 b_1920x1080.webp
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/ Frame 59EE 22 KB
23 KB 238ms
237ms Image
application/octet-stream 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/b_1920x1080.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 43bcd191ef5ce0975c302d1d44bdc1e56063ca375a8e79628350379ebe40a333

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-age-lb: 470958
x-amz-request-id: BEH38N5FEQBKDH1M
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704541972
content-length: 22746
x-amz-id-2: jE+Nof2Vb4Z5MFJxG/ujF63UqUaYXB4qWPxVGFYuMd8BBSu+Obj+rPmfQO1hY6/VpPMZSq7lGk4=
x-77-nzt: EgwB1GY4sQH3ri8HAAwBJRPCNAH32RYAAA
x-accel-expires: @1705578760
x-77-age: 476807
x-cache-lb: HIT
last-modified: Wed, 13 Dec 2023 11:52:20 GMT
server: CDN77-Turbo
etag: "ca96337b129a52f03e88d042903a56bb"
x-77-nzt-ray: 1cb09c0ec8a6cc81c26ea06532a0571e
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/octet-stream
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
access-control-allow-origin: *
accept-ranges: bytes
x-amz-meta-contenttype: application/octet-stream
x-amz-cf-id: ANxE5RpMRtGqzM6qExsQ4NOOfHwq1yoeBhZsK2ZT7Yak35DRAd8bGw==

GET
H2 200 l_150x536.webp
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/ Frame 59EE 32 KB
33 KB 94ms
93ms Image
application/octet-stream 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/l_150x536.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: d33f6b0b120f0200bcf7ff69c32280ab47debcb1d6b331558c6311b87638521b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-age-lb: 470969
x-amz-request-id: BEHFR8T9E3QJ26QD
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704541961
content-length: 32876
x-amz-id-2: VAWk+GIonH5A9vzF4zvKDm4UCr8zHg85AYlglrMnaGu50XGm6E0A03MH+FI2YiIS7SepN90ZuBM=
x-77-nzt: EgwB1GY4sQH3uS8HAAwB1GY4mQH3CxcAAA
x-accel-expires: @1705578760
x-77-age: 476868
x-cache-lb: HIT
last-modified: Wed, 13 Dec 2023 11:52:23 GMT
server: CDN77-Turbo
etag: "100767582cab54c07aa419dac7471790"
x-77-nzt-ray: 1cb09c0ec8a6cc81c26ea065409d4b1e
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/octet-stream
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
access-control-allow-origin: *
accept-ranges: bytes
x-amz-meta-contenttype: application/octet-stream
x-amz-cf-id: zuFTvDMm5ZQjJw0FqktHow0LMzL69cNDXZhDsG5yvRnFuRijG02y5w==

GET
H2 200 t_1200x218.webp
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/ Frame 59EE 58 KB
59 KB 136ms
135ms Image
application/octet-stream 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/t_1200x218.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 16e603d5b67129cedc8a549afff057fabc3064fe3c5ec3004b097bb87a6c76de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
x-age-lb: 508814
x-amz-request-id: BEHBRJ6492KM7ED9
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704504116
content-length: 59444
x-amz-id-2: IJp34FFdJiqvNckfhuvibxSw9YMlR4D8VmHkfKo5JVEtfItQ200yHr4BzUqYas0fxJEffuQ6DmI=
x-77-nzt: EgwB1GY4sQH3jsMHAAwB1GY4nAH30xYAAA
x-accel-expires: @1705540889
x-77-age: 514657
x-cache-lb: HIT
last-modified: Wed, 13 Dec 2023 11:52:19 GMT
server: CDN77-Turbo
etag: "3809396b0f0d50d06b7f3bf4e3812d8e"
x-77-nzt-ray: 1cb09c0ec8a6cc81c26ea0654762531e
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/octet-stream
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
access-control-allow-origin: *
accept-ranges: bytes
x-amz-meta-contenttype: application/octet-stream
x-amz-cf-id: rT1MibUeau8QyHTr_KbeXu-nfkth-AqkBz0z0JtQVdGQIrLbsGeT1Q==

GET
H2 200 r_150x536.webp
cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/ Frame 59EE 34 KB
34 KB 238ms
237ms Image
application/octet-stream 2a02:6ea0:c700::21
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/media/r_150x536.webp
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::21 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f6c4e4e5909bbb979100dc590af60e398f7662212bfaf19d9913a9cd4e71a484

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn77-fs.aj1907.online/551/3077/46479/160/2008/bitz1911/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 11 Jan 2024 22:42:10 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
x-age-lb: 470969
x-amz-request-id: 3G3DTD2XB1KY9CJ1
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704541961
content-length: 34470
x-amz-id-2: pl/OsqS5mAf98VPibkLHWBbqp/VuhVpe1DnX7N9uLeB3JhMUN/XaWQalHrNaU3lTo9QdKmVrD7Y=
x-77-nzt: EgwB1GY4sQH3uS8HAAwB1GY4mQH3CxcAAA
x-accel-expires: @1705578761
x-77-age: 476868
x-cache-lb: HIT
last-modified: Wed, 13 Dec 2023 11:52:06 GMT
server: CDN77-Turbo
etag: "689a2380c545cb50f0aa8b640a304eae"
x-77-nzt-ray: 1cb09c0ec8a6cc81c26ea065805f5a1e
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/octet-stream
x-amz-meta-original_zip_file_uid: f7da2e05-e2db-4dca-a146-434935efe419
access-control-allow-origin: *
accept-ranges: bytes
x-amz-meta-contenttype: application/octet-stream
x-amz-cf-id: XPKx1EzInozI6JeCT-bGm8AOH5jKQrzvKN9HpddoOOhnEiQXLsElcQ==

GET
H2 200 jmap Show response
code.moviead55.ru/go/ Frame 2FB3 13 KB
2 KB 27ms
27ms Fetch
application/json 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/go/jmap?v=6082be0687c78f67f9cde54fd23ce155&sid=ap&cp.referer=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&it=1&tq=2&cp.cb=ecdd23f5-46d1-f05a-17a1-8a3054e39b05&session=2fbc1133-9a6d-4577-9d84-decd7bf4bc46&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&rnd=1705012930674&raw=yes&tanc=https%3A%2F%2F11jan.newdeaf.co&ancs=[%22https://11jan.newdeaf.co%22]
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: bc6f3784815c8703fb6a2ff4640f3cbc7fbd60327f417f4aa43edf0d8f380320

Request headers

Accept: application/json
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
content-encoding: gzip
x-movieads-path: /serial/4149-krasnyj-dermatin-1-sezon.html
x-movieads-udata: cache,parsed,34666
x-movieads-country: NL
x-go-country: NL
server-timing: corsParams;dur=0.0000, getJson;dur=0.0000, initBuilder;dur=0.0000, getAnyQueue;dur=0.0000, buildTagsQueue;dur=0.0000, getLinks;dur=0.0000, validations_606;dur=0.0000, queueSort;dur=0.0000, attachTracking;dur=0.0000, optProc;dur=0.0000, queuesMerge;dur=0.0000, jmapParams;dur=0.0000, keyValidation;dur=0.0000, wmData;dur=0.0000, uData;dur=0.0000, qManager;dur=0.0000, range_links;dur=0.0000, validations_703;dur=0.0000
x-movieads-plc: 1
x-movieads-cors-qex: Referer
x-movieads-qmc: NL
x-movieads-ctvs: 3
server: nginx
vary: Accept-Encoding
x-movieads-ark: true
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://11jan.newdeaf.co
x-movieads-alc: 2
access-control-allow-credentials: true

GET
H2 200 vast2 Show response
code.moviead55.ru/ Frame 2FB3 25 B
671 B 106ms
106ms XHR
text/xml 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/vast2?key=6082be0687c78f67f9cde54fd23ce155&sid=autoplay&cp.adsource=ED_out&cp.adtype=pre&vt=100&fp=[fp]&w=778&h=330&vid=&fpro=&tanc=https%3A%2F%2F11jan.newdeaf.co&suri=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&rdd1=true&cp.referer=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&cp.cb=ecdd23f5-46d1-f05a-17a1-8a3054e39b05
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
content-encoding: gzip
x-movieads-path: /serial/4149-krasnyj-dermatin-1-sezon.html
server: nginx
x-movieads-udata: cache,parsed,123979
x-movieads-mrc: no
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://11jan.newdeaf.co
x-cache-source: Yac
x-movieads-referrer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
access-control-allow-credentials: true
x-movieads-country: NL
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"11jan.newdeaf.co","Path":"/serial/4149-krasnyj-dermatin-1-sezon.html","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-cors-qex: Referer

GET
H2 200 vast2 Show response
code.moviead55.ru/ Frame 2FB3 25 B
670 B 122ms
122ms XHR
text/xml 193.200.65.149
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://code.moviead55.ru/vast2?key=6082be0687c78f67f9cde54fd23ce155&sid=autoplay&cp.adsource=Dhs_out_gam&cp.adtype=pre&vt=100&fp=[fp]&w=778&h=330&vid=&fpro=&tanc=https%3A%2F%2F11jan.newdeaf.co&suri=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&rdd1=true&cp.referer=https%253A%252F%252F11jan.newdeaf.co%252Fserial%252F4149-krasnyj-dermatin-1-sezon.html&cp.cb=ecdd23f5-46d1-f05a-17a1-8a3054e39b05
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.200.65.149 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:10 GMT
content-encoding: gzip
x-movieads-path: /serial/4149-krasnyj-dermatin-1-sezon.html
server: nginx
x-movieads-udata: cache,parsed,83451
x-movieads-mrc: no
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://11jan.newdeaf.co
x-cache-source: Yac
x-movieads-referrer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
access-control-allow-credentials: true
x-movieads-country: NL
x-movieads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"11jan.newdeaf.co","Path":"/serial/4149-krasnyj-dermatin-1-sezon.html","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-cors-qex: Referer

GET
H/1.1

200
OK

cm.gif
ad.mail.ru/ Frame 66DD
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=958518586704343.294511942061686&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705012930965&i=958518586704343.294511942061686&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fser...
https://sync.bumlam.com/?src=mt2
https://ad.mail.ru/cm.gif?p=155&id=a77805a8-b0d2-11ee-bbb1-002590c82436

43 B
766 B

273ms
74ms

Image
image/gif

2a00:1148:db00::17
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mail.ru/cm.gif?p=155&id=a77805a8-b0d2-11ee-bbb1-002590c82436
Requested by: Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1
Protocol: HTTP/1.1
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Thu, 11 Jan 2024 22:42:11 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy: require-corp
Content-Type: image/gif
Cache-Control: max-age=21600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Fri, 12 Jan 2024 04:42:11 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://ad.mail.ru/cm.gif?p=155&id=a77805a8-b0d2-11ee-bbb1-002590c82436
Access-Control-Allow-Origin: https://acint.net
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame 66DD
Redirect Chain

https://dmg.digitaltarget.ru/1/1093/i/i?i=958518586704343.368900409148370&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&c...
https://dmg.digitaltarget.ru/awg/custom/1093/i/i?call_source=awg&ts=1705012930965&i=958518586704343.368900409148370&a=77&e=0100007FC06EA0651236754E02EF6FDB&pref=https%3A%2F%2F11jan.newdeaf.co%2Fser...
https://top-fwz1.mail.ru/counter?id=3210372;pid=XK0UPCefIKmeKrF7-6ub
https://top-fwz1.mail.ru/counter2?id=3210372;pid=XK0UPCefIKmeKrF7-6ub

43 B
960 B

64ms
63ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3210372;pid=XK0UPCefIKmeKrF7-6ub

Requested by

Host: www.acint.net
URL: https://www.acint.net/mc/?dp=167&tc=1

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.acint.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:11 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Thu, 11 Jan 2024 22:42:11 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3210372;pid=XK0UPCefIKmeKrF7-6ub
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 trhls.html Show response
videotoday.site/mp_dist/td/ Frame AB50 9 KB
4 KB 39ms
38ms Document
text/html 104.21.53.214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
Requested by: Host: static.moviead55.ru
URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.53.214 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c7a7de5284db19e9613efd7a96e0fb08e473b2253bc3cca50c41002bcbe395

Request headers

Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8440abe1c80d5d9d-FRA
content-encoding: br
content-type: text/html
date: Thu, 11 Jan 2024 22:42:10 GMT
last-modified: Tue, 09 Jan 2024 12:38:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NLnzeyBiDKzv%2BbjGb5CxXEgA%2FmcyuA0HmPqXSH70OKPIIzhiM3yc55pI3wVnAAbNl5VYbpjTtNM9oVpicQskgvMHS2H%2Fau3bt6vB0NE6k4Qw3nrbXC4oqiubn873HM6IzM%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-movieads-country: NL

GET
DATA 200
OK truncated
/ Frame AB50 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AB50 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AB50 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AB50 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AB50 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame AB50 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 hls.js Show response
user91471.clients-cdnnow.ru/vp_dist/ Frame AB50 329 KB
95 KB 217ms
55ms Script
application/javascript 185.40.155.13
CDNNOW-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Requested by: Host: videotoday.site
URL: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.40.155.13 , Russian Federation, ASN21030 (CDNNOW-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 930118cf0cbea4fd3f9d87ea40c49272e91cee257433df70c8f9426a218fa750

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:24 GMT
content-encoding: gzip
last-modified: Tue, 14 Feb 2023 08:10:38 GMT
server: nginx
etag: W/"63eb41fe-52302"
x-edge-cache: HIT
vary: Accept-Encoding
content-type: application/javascript
x-movieads-country: RU
x-edge-ip: 172.19.32.6

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10245.FbR6JDyuiDyu2ttzcsc02eKOpiHmrV0CSK-XX3mL9vRpn9ESjVS7Xe3z5uFeVkkG.ga2o101NUfvO0wIu_My6Zx9KTrc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10245.ugtt-3KXXG6ELMEBymFvLoSmdsHEuCroXGpbHA_ai6Nk0fxXFE-u0GbObf5oty-rKExigDoyuGRMirCM4eJOT3ILoXxskMfV35R6bQe9zgt3n7MF8s9QRF3gJ9d2O6jz7sQUAJvY7W...

43 B
673 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10245.ugtt-3KXXG6ELMEBymFvLoSmdsHEuCroXGpbHA_ai6Nk0fxXFE-u0GbObf5oty-rKExigDoyuGRMirCM4eJOT3ILoXxskMfV35R6bQe9zgt3n7MF8s9QRF3gJ9d2O6jz7sQUAJvY7WsxQ6ZQpTSVDfvcU_2m3Q1wHh29BxJ8KJUbdNlmQbHh1AW5w5jI0uWUE21icZ9aygmm1StDUxfJdk4w0fsys7a71CQPp8wd_Ks%2C.YjE8bLQp0pNvPo2gN8lFQWkyqU0%2C

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10245.ugtt-3KXXG6ELMEBymFvLoSmdsHEuCroXGpbHA_ai6Nk0fxXFE-u0GbObf5oty-rKExigDoyuGRMirCM4eJOT3ILoXxskMfV35R6bQe9zgt3n7MF8s9QRF3gJ9d2O6jz7sQUAJvY7WsxQ6ZQpTSVDfvcU_2m3Q1wHh29BxJ8KJUbdNlmQbHh1AW5w5jI0uWUE21icZ9aygmm1StDUxfJdk4w0fsys7a71CQPp8wd_Ks%2C.YjE8bLQp0pNvPo2gN8lFQWkyqU0%2C
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK index.m3u8 Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 4 KB
891 B 120ms
36ms XHR
application/vnd.apple.mpegurl 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/index.m3u8
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 80488322784b81ad0527317ba5fc32b8977fb60d216430b24cb69136890bbcd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Content-Encoding: gzip
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: W/"3a1794b0-ff7"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Access-Control-Allow-Headers: *
Expires: Sat, 20 Apr 2024 22:42:11 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
546 B 1162ms
1086ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:11 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 25 Dec 2023 13:57:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "65898a2e-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 11 Jan 2024 23:42:11 GMT

GET
DATA 200
OK truncated
/ Frame AB50 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK seg-1-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 232 KB
233 KB 36ms
35ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-1-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 5c43a81c639cea66bc1c0aaa5a7b2c334ad522c910b085d83c25e216d9c536a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-3a1b8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 238008
Expires: Sat, 20 Apr 2024 22:42:11 GMT

GET
H/1.1 200
OK seg-2-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 221 KB
221 KB 35ms
35ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-2-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 001d1cce503c2f072d35e13f148520c407541e6bc0ac8c8f66e5f64537684663

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-372b8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 225976
Expires: Sat, 20 Apr 2024 22:42:11 GMT

GET
H/1.1 200
OK seg-3-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 326 KB
327 KB 40ms
40ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-3-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 9305f23a37ed24b85c3dbca47a88c4fad77773946047a2f34134fb0fd490da98

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-519b8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 334264
Expires: Sat, 20 Apr 2024 22:42:11 GMT

GET
H/1.1 200
OK seg-4-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 77 KB
77 KB 35ms
35ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-4-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 1d0335c024f5b93b1beab662cc231496960efeb6921f2f8eda61c4eccb9e9611

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:11 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-132f8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 78584
Expires: Sat, 20 Apr 2024 22:42:11 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/53399341/ Frame 2FB3
Redirect Chain

https://mc.yandex.com/watch/53399341?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhf...
https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6u...

439 B
555 B

68ms
68ms

Fetch
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/53399341/1?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A743930260734%3Ahid%3A420084034%3Az%3A60%3Ai%3A20240111234212%3Aet%3A1705012933%3Ac%3A1%3Arn%3A499207876%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A778x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C1%2C1%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705012928345%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8598a3a0b8a404260978093ead619554062ec66c0d934676c4faf6ad82c4ad37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 439
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:12 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/53399341/1?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A743930260734%3Ahid%3A420084034%3Az%3A60%3Ai%3A20240111234212%3Aet%3A1705012933%3Ac%3A1%3Arn%3A499207876%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A778x330%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C0%2C0%2C1%2C1%2C0%2C0%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1705012928345%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3Apl&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29ti%281%29
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:12 GMT

GET
H2 200 90079539 Show response
mc.yandex.com/watch/ 427 B
786 B 63ms
63ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A0%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234211%3Aet%3A1705012931%3Ac%3A1%3Arn%3A301295494%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C681%2C4%2C%2C0%2C%2C497%2C30%2C%2C%2C%2C1246%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012927016%3Afp%3A1071%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14)mc(g-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a9ceafb2868aa42fab0bbd596cacbe181921ea981fcb0e90e03f4621162d2ab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:12 GMT

GET
H2 200 86976169 Show response
mc.yandex.com/watch/ 420 B
458 B 65ms
65ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86976169?wmode=7&page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A142751899570%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234211%3Aet%3A1705012931%3Ac%3A1%3Arn%3A585558924%3Arqn%3A1%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C47%2C681%2C4%2C%2C0%2C%2C497%2C30%2C%2C%2C%2C1246%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012927016%3Afp%3A1071%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14)mc(g-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

bde96068f7ed9d130369053ac3513dbd5196e335013fd7c3468f7305ca8db730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 420
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:12 GMT

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
83 B 62ms
62ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2Finit&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234212%3Aet%3A1705012933%3Ac%3A1%3Arn%3A535868412%3Arqn%3A2%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012933%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-1)clc(0-0-0)rqnt(2)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:12 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:12 GMT

GET
H/1.1 200
OK seg-5-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 297 KB
298 KB 36ms
36ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-5-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 631e94572953a590be7d7079e785a45b7e4db745722d2f44ba1e135ba4f626d6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:13 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-4a438"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 304184
Expires: Sat, 20 Apr 2024 22:42:13 GMT

GET
H/1.1 200 zIgLKadTKvZJd7XPdmj6CexHA_6Y-s-FEEI9BApX-MaZp7iFDUfMT2vA0HalAy2aYk69_P1FnhECDhXJGMECG3z4-Pl4tVyj2fMuhXPiOakLePx_ItEqiCT8PbNNckGoa5MpcMehiC8ItKmJAce7uYOJ91SR0U3FEe_gHxb4iZ6QDnHnic1x9xisx526-T_66zfvx...
aj1907.online/ 43 B
668 B 42ms
41ms Image
image/gif 65.21.196.16
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1907.online/zIgLKadTKvZJd7XPdmj6CexHA_6Y-s-FEEI9BApX-MaZp7iFDUfMT2vA0HalAy2aYk69_P1FnhECDhXJGMECG3z4-Pl4tVyj2fMuhXPiOakLePx_ItEqiCT8PbNNckGoa5MpcMehiC8ItKmJAce7uYOJ91SR0U3FEe_gHxb4iZ6QDnHnic1x9xisx526-T_66zfvxFOn2Pete9TQft8roOodd_m9vCvxcD2cgCwT8CXPydUMn1GP1Qbx-XRWGvNUbn21ZaOr6NUvOV_2rFqmAlKOcVFKBzKop1zrfVM4HBtH0waE6DF8fZo1ao4jfpiSys6BZk2ga5XPAQXsKDEklif8LRPK9IF1LTBB7AxconGrsohuUuUCGrTajsSj6YLqEm_yEPJMrlrl14nGVy3w11Ov-JKKx0h_z8xd4EA-KNAqDSM0E2mRaoTrPkSl12qTvROU1NoJpKiW6YbrH9N3ZHtOLQUsQa7zlqxd9kGnmnW1eEP8QJH6sCmh9Lk_X3e3qhHY?DC=HZFI
Requested by: Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 65.21.196.16 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.16.196.21.65.clients.your-server.de
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:15 GMT
last-modified: Tue, 12 Dec 2023 08:06:38 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1702368398000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

banner_3k.jpg
cdn4.vb17123filippaaniketos.pw/content/stream/Bitz/
Redirect Chain

https://cdn-t.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg
https://cdn4.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg

316 KB
317 KB

56ms
14ms

Image
image/jpeg

50.7.231.242
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg
Protocol: H2
Server: 50.7.231.242 Halfweg, Netherlands, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f88641d32d5857194b723a19276ecdccb170f3d47fb9e9427f0e043924e26cd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:16 GMT
last-modified: Wed, 22 Nov 2023 10:43:04 GMT
server: nginx
etag: "655ddb38-4f0ab"
content-type: image/jpeg
cache-control: max-age=31622400, public
accept-ranges: bytes
content-length: 323755
expires: Sat, 11 Jan 2025 22:42:16 GMT

Redirect headers

location: https://cdn4.vb17123filippaaniketos.pw/content/stream/Bitz/banner_3k.jpg
access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:16 GMT
server: nginx
content-length: 138
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
146 B 65ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2Fload&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234216%3Aet%3A1705012937%3Ac%3A1%3Arn%3A745077799%3Arqn%3A3%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C9660%2C9661%2C%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012937%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-1)clc(0-0-0)rqnt(3)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:16 GMT

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 70ms
70ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2Fsucces&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234216%3Aet%3A1705012937%3Ac%3A1%3Arn%3A1099578%3Arqn%3A4%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012937%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-2)clc(0-0-0)rqnt(4)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:16 GMT

GET
H2 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame 19F4 23 KB
6 KB 157ms
111ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac069e54360c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:16 GMT
expires: Sat, 10 Feb 2024 22:42:16 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FeYdNKtSdIyTiGal53cARds5QXrGEqLFK%2BWHf8x9zZSm7f1lJ8dtuEHDNRb1pa2fPEhY4jMq%2FPwBeIrZgvKRUgTkorag5n3Li3GBmUDp6oVNnLzZQwZDrnuSWsAraGC2iCDEIOlrVDQF5xzWSg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 63ms
63ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234216%3Aet%3A1705012937%3Ac%3A1%3Arn%3A943603795%3Arqn%3A5%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C3%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012937%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-3)clc(0-0-0)rqnt(5)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:16 GMT

GET
H/1.1 200
OK seg-6-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 80 KB
80 KB 36ms
36ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-6-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 95c338053aa80eaac1276125464d6ef78c56bc15bb17ab9e93059f7f941e7afe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:16 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-13eb8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 81592
Expires: Sat, 20 Apr 2024 22:42:16 GMT

GET
H2 200 context2.js Show response
borzjournal.ru/vhook/v7/rtb2/temp/ Frame 19F4 747 KB
119 KB 35ms
35ms Script
application/javascript 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123
Requested by: Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43d5dbba83d7fc5d50b91f3937a7da0cce2e8d21ea9a696544be5aa1a5f2561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 20:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1253948
etag: W/"6564f63a-baaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuuJxGAPZZj10YQczJt8xTGDOZDsXN74ijh44ooz9a0pieXi4wKmLInxujetucDB3jrV4zy%2Bhhs2o8BZ751iOnOCgCuTxWKToa2GeVQu2xoz%2B5doUGQXpp%2Fe3XQQr8L60Rcc0%2Bvo1PvjAAlOMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac075ede360c-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 10:23:08 GMT

GET
H2

200

1
mc.yandex.ru/watch/4250215/ Frame 19F4
Redirect Chain

https://mc.yandex.ru/watch/4250215?page-url=https://rcm62.com/&page-ref=https://yandex.ru/search/?text=%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%...
https://mc.yandex.ru/watch/4250215/1?page-url=https%3A%2F%2Frcm62.com%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%...

43 B
75 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/4250215/1?page-url=https%3A%2F%2Frcm62.com%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aru%3Av%3A802%3Acn%3A1%3Adp%3A1%3Als%3A928365006517%3Ahid%3A206570468%3Az%3A420%3Ai%3A218340182722%3Aet%3A43472239613%3Ac%3A1%3Arn%3A206570468%3Arqn%3A4%3Au%3A5585245260087575000%3Aw%3A555x652%3As%3A1366x768x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A928365006517%3Aco%3A0%3Arqnl%3A1%3Ast%3A928365006517%3At%3Arcm62.com&t=gdpr%2814%29mc%28p-1-h-1%29lt%2861500%29aw%281%29rqnt%282%29ti%282%29

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/

Protocol

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:16 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:16 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:16 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/4250215/1?page-url=https%3A%2F%2Frcm62.com%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ah2b2laelw67j03cmy2kg%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aru%3Av%3A802%3Acn%3A1%3Adp%3A1%3Als%3A928365006517%3Ahid%3A206570468%3Az%3A420%3Ai%3A218340182722%3Aet%3A43472239613%3Ac%3A1%3Arn%3A206570468%3Arqn%3A4%3Au%3A5585245260087575000%3Aw%3A555x652%3As%3A1366x768x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A0%3Ans%3A928365006517%3Aco%3A0%3Arqnl%3A1%3Ast%3A928365006517%3At%3Arcm62.com&t=gdpr%2814%29mc%28p-1-h-1%29lt%2861500%29aw%281%29rqnt%282%29ti%282%29
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:16 GMT

GET
H2 200 0d452bb36fbd52d71853.js Show response
yastatic.net/partner-code-bundles/916422/ Frame 19F4 14 KB
5 KB 308ms
195ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/0d452bb36fbd52d71853.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a0935a5cceb67e31427704dbca2ab5b032e012c9e6a15ef7e2b601eeb885a4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4773
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "053c3c9130b57ea18361af7304bed7b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 89a91b205cd96c954e5f.js Show response
yastatic.net/partner-code-bundles/916422/ Frame 19F4 24 KB
8 KB 319ms
206ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/89a91b205cd96c954e5f.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5460f776f1ca266be63f7b0ac3a19682db0a3ec42be65a8e4d68751e101ce874

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7945
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "175acabc4644585c37f98db487b6e7c1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 04dc35b6ded6468565c0.js Show response
yastatic.net/partner-code-bundles/916422/ Frame 19F4 117 KB
25 KB 257ms
143ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/04dc35b6ded6468565c0.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7130e32e6ada0df807e9016a918a0a812efa084fd33d52dd5a0d5b891240d33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24582
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "b007aa54bb8c9b88ffe67896e2f40d69"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame 19F4 33 KB
9 KB 291ms
178ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:18:11 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame 19F4 25 KB
26 KB 218ms
106ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d2b5fc6fa6fcedd7
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 04:27:39 GMT

GET
H2 200 4250215 Show response
yandex.ru/ads/meta/ Frame 19F4 276 KB
67 KB 378ms
267ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/4250215?target-ref=https%3A%2F%2Frcm62.com%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&pcode-test-ids=909920%2C0%2C21%3B897722%2C0%2C87%3B911254%2C0%2C33%3B907878%2C0%2C42%3B911375%2C0%2C35%3B905123%2C0%2C88%3B901183%2C0%2C63%3B909817%2C0%2C23%3B913182%2C0%2C37%3B910552%2C0%2C2%3B910732%2C0%2C28%3B908466%2C0%2C28%3B882586%2C0%2C77%3B907884%2C0%2C62%3B892905%2C0%2C41%3B906702%2C0%2C74%3B910442%2C0%2C98%3B911316%2C0%2C86%3B910219%2C0%2C92%3B910505%2C0%2C25%3B914205%2C0%2C18%3B893897%2C0%2C10%3B912945%2C0%2C43%3B914601%2C0%2C62%3B916422%2C0%2C24%3B681842%2C0%2C66&pcode-flags-map=eJy1Wdty2zgS%2FRc9O1neL3kDSVDCmrcFQdtKyoXSJt6Mt2xny3FmZpPKv283AEqkJENxMpsHR6TVB0BfTp%2BGvy0uSC%2F7VXspSSErktFKli2XrJEZaRrKF2%2FefVv8vrn7crN4sxB8oIuzxdPN5yf2AZ6jyPeDePH9%2BmwH0%2FG2GHLRy7aRHRl6akWI3TTwNULBepJVVObt0AjJacE4zQXshHSdHcNzgsDb7gKWlPVQCcbbqgK0RuAHyuUlEfmKFlKwmsq2LHsq7Li%2B58S703Eq%2BBpP1VBx2fJzSTlv7f6JwyiI0y0CrJ6fg5PX7SBkX7Xwg72lMoMDF4Qz2tvB4sQNXAWGJ0CMjlN1yN1xL1hBW2l%2BP4NzHfg3w0v9NHZO4GVDWYLraN2JtaxYzfZBX4x40RFW%2FPU7LAf4%2FLOoDebqX7zTZzB%2FKT7HMf9%2FHvjZ6GOyLznJZEWbpVjNjKBYk6lZ4iROHGzNaKNIQHACpXLB%2BoFUmleQleiVoLyBN0Vvp4TE9SLnJ0DVi56UVJac1HbqUmtoeuAceaaHbwBhwYICybQjCAHYvUIlQ8FamXNKBLs4UepJ4HhuuN3%2BGCTRAgn1gnCBNFQyDgvlq6E5lyVh1QwxnEc8CbzY2wESITCm%2FUsQfRsgnBVYN68YBequ6BK8yZqylZcrphi9uaCwhE5%2B9M%2BJ04dOkkx4tykgCUmGLiAFIrEeXgy8wk1f0qw95c3YCXYsvKRwxqEXbS0vatJtvXtBqmEe8WivbpIo9KNdo6E5QOSC6KSpSVXZtxEnQRAcWitLecnESgrIxZdgjLGrBwF9DZxx2JLCmXnquU6kzHvwqjQtt8B0FeuOYtvv2kvKaVmyHIKZr2dgN3%2F%2BZw43K11SFGOldWQJLbYTDKpCFwKmmnJ3xZpz%2BxnTNDV9bmznDVXyZCweDL1tX6nrgCZQCF3eFvQXMZS0EepckHw9nGlmCN%2F003Bu6wXGzaOoMWIm77lt0TB1IcDKUJGwlmByaFjJIEqsATYpSU7tGIlnVAseGUIJWbKSVbtkuc0uchM%2F0mtDvQIV1DJbj8WHGQ7tIWOFFQKyy3Nn5wbPc8iFRhjxg02qhxjQRvZ7HH6wn9Q1qZ5jgbTNSAQleEEyRdBwLFJQ%2B6biJI109WMalKCzmqJaa4LHhN%2BXl3b77FyJNs3pmtAAA2o5a%2B0oaWCaBaJUFFIREGqrTZQEkXbnxG1LDqKkoP25aO37TqLA9af%2BU%2BQAlAwgE7wGZKgK%2BHIAzQ0tH7V3TqFErG6NXSeIw7H76UwTA29MeKAVQLTFirfDcmUt99h1R3auyNu1iqhUZTs1%2B7b4183T%2B9%2FqzePH24fFGzd0zhb3n%2F55e3fTv9%2Fc3T58XLzxvs9QQygDzXQ1UuQ%2FBjpQ6PWdzCpUARWbd6F3i%2FvN7d3rxy%2Bwt%2F9uHj7c%2FAmf%2F3Z7v%2Fl483n26uPmXr358PXmQX998%2Fvt0yf98f715OHDw615i8hbBHjxuPl69%2Bnrb%2BbXXx%2F1%2F18eN68fbv74fPCFf28%2B3d8q0%2BvjR2w0pdWUL%2FFnwYgUZNlb4%2Bd7nkkuVRYUYg%2FUmCvKthuGvuOZHiIgE0sCVKUZvxnqjFoZLg5d34hENRyq8Q57BcybNNcVCQKNAXecgIkdnX1AI8DrNRLcUlEOK0pyGN6Z55IwTA23zyp4WheiHfKVro6q7dUOdbPl9O9A5SeqA4ovSI6toGUnFGSGWdjBD3ij1BdrmDjSwA%2BQgyB058iTXSuKYktJeghOr6jKipa6EM4TnkBMFCqkKXaXBGautqfKEfQJbsWWKxC1K1r%2F6B6BaYzAwKgroW20pR0AmFRn7BpMoFZyne9Z1UIMgE5Bpgp6hBL4K%2FbKC6CdO8ErFyCnz97es7%2F3HKhn8soLYf6KPbCfpmDipJGrJULJrsCtpFMlrC8EhqVVdrlhEAYTbkNFy2osQHSLJgMrQOgGqQYoeyicFuYedmW38H3TTAzXAFPgFIU9jKj0xYQA%2BQr00wx2qCA1wsrEQvVwdeV0QhIkkRcmehcrwgsl7fQGeuAhQfKV1RooL4q2wmjZCQmJyDpr7qCRcZVSX3j6FofFF%2B8dpHLkHwHqhgx6JTCBsO9%2BZ7%2B7KKuR%2BvT4MV%2F9XZpie4i9sxQiFzh%2BdBb5KXRsP5xlYQJUns5AzfCW4zj4S7i%2B9tqkXnHiyCFudvWfhLEpDE7rFjMNyD2z8kwCiWHEVdmP2mgcbiTUtqwJTjZQIfZxxnWS9AQZqvEzx9uCVjUHHHq4IjKkx4qWQt8fEGimJxaLjFZu6MDR51jB9nOCjcl%2FwrgWSZPJZD6VOMB5wdzaD%2BJkaw29DHkDA8OK2bLvXCd0nOvnTV%2Bc%2B0dXVve8%2B7eesLaTxmdpGp65DoTjDJ99eA7Up%2FCZXe14D%2FSx6t5IRaoJWoc8xwnDo0IAIpyPHLei6pynemnqQHTcadKP9x5tBzviIoN5gUjsYVcniup6ButFqYZFCOU1nAl7RQC1Yl71ara3zd3dfG8%2BzBJ6GFBzGDqMUxDF0EJhzNNZYD9d7BqZrr6s2g0OiMhj5rJ%2FSQ9SyY%2FAzknnB4IJ1dkiqS6uBnRkcrzBFOA6LCYoZMXP%2BwP3wc7SdDKpcyDFrazSgTjBOGkce0dudfpzBsMClPF51wJlWzFS1%2FXCvbudtjNduUe4mTnov57ueTeJk%2BftCcxRPbXfL00wSNEX5weM4IL03runUG%2Bm9I%2B6yO7s0PV%2BRDBuLxWVmmcVE2vZZj3le9Lk%2FdNeorpuMsVvB9ELCEKtUM1thn3GwARz46MYW%2FvtrZ8eV%2FX3sKFWVMw26OHl%2BUvBa3I1Vlevy3MGeRxuwmHqT1ikU8XVLPXdIN71cZYfVEPwei%2BmvmvE7jiazV1IKqM%2BYJ1JbOAbRNDlGsgprwboKzUne4ywHypoE6F3LBUM%2FY2VdOqazdcgK2j2eANhRpcVNFU1IdjTBWgtmnJu8RbvNMbj4bbURc3YtdWr3gaZJCAyfwBy1XL2FjTvS0H3fTUvdfth48TcDo7leskKSA3wF%2BbJCe3gpWZifuYaq4RBgIOesW8his3wb%2B4mWaN4fz%2BzTKnzbV6dyKTxD7hG82UtVy3XriuQv4xWxPVHp4yljUcr2nyo8fpxm9%2Fjzk5kpeem02NqF%2F3qKcPJncVeB7VbBt7EsqAVWUOhqDu2fa6a6yPobcfNDD93bc8OGOX24fZp8QwO3tAULcpp%2B4ZhaAp3Fmto5%2FTqmOGB44PIcXc394c9LAo8b26h3ny%2F%2Fv4%2FkfGKuA%3D%3D&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62&pcode-icookie=NlH1UKiSThJAFN8BkeRDSrmU7ZRPKsVNDo4abyjya%2B8EpIzatMEpdC%2F5LMqQCZsp1xoGIs4mXgynxc7CbW70P%2BDxx6U%3D&imp-id=1&partner-stat-id=111&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=531064116216834&ad-session-id=9151181705012936924&target-id=92266053&tga-with-creatives=1&top-ancestor=https%3A%2F%2Frcm62.com&top-ancestor-undetermined=0&pcode-version=916422&pcodever=916422&flash-ver=0&layout-config=%7B%22win_width%22%3A650%2C%22win_height%22%3A400%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A650%2C%22h%22%3A400%2C%22width%22%3A0%2C%22height%22%3A400%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B8291750286501%5D

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

5c3986ed472d91df0d30bb323c8d3c5cd3319c30ee5421da54c6e2ba4a7c1c4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1705012937064691-8498619914697235633-balancer-l7leveler-kubr-yp-vla-109-BAL-9562
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:17 GMT

GET
H2 200 38c76556f728f62addb4.js Show response
yastatic.net/partner-code-bundles/916422/ Frame 19F4 59 KB
15 KB 290ms
192ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/38c76556f728f62addb4.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

327f27e8dadc7186a5425643fa096960251b33ad2cc3570a9aa564802c327217

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14845
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "bff11b55879f085c86136d8809b2c205"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 3504af7a9f6c0b9e8cd1.js Show response
yastatic.net/partner-code-bundles/916422/ Frame 19F4 598 KB
115 KB 147ms
147ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1dcbf404e84d061249df6c089462866088e2f3a0c016fc6e465311df8d6f860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117232
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "96b82e3b810ed1b42b71010843d70906"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame CE53 23 KB
6 KB 108ms
107ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac083b685d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:17 GMT
expires: Sat, 10 Feb 2024 22:42:17 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vowCUhG7%2F5PeQkfXpkMaaKj30VWjO5MyxfzqqiFV1PCaN1c49Jwb2CY8EFeDAMgb6qi0KtKn%2FrQFb7ND2BB28Q8tG2tiRd32fo%2F%2F%2FxBUONaTA%2BDmAhHjWzzqBV24BS%2Bad2i%2BovBaYRAgMPehGg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
211 B 65ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234216%3Aet%3A1705012937%3Ac%3A1%3Arn%3A834944033%3Arqn%3A6%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012937%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-4)clc(0-0-0)rqnt(6)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:17 GMT

GET
H3 200 context2.js Show response
borzjournal.ru/vhook/v7/rtb2/temp/ Frame CE53 747 KB
119 KB 39ms
39ms Script
application/javascript 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123
Requested by: Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43d5dbba83d7fc5d50b91f3937a7da0cce2e8d21ea9a696544be5aa1a5f2561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 20:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1185995
etag: W/"6564f63a-baaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWROdHaWP8Iqo21zHLfMDdYpAcN49r9Zh%2BRdzGTBCRnTnCZKQZenxV249N5aze7u8nfD4%2F1Ugi7Lvq0xsX%2BGBSMrThr%2Bk4YlDmLuRmBNGQquxetmAjVPpNy0pkKAXjD2XeJIMz82YNKbAj7%2Fgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac08ec105d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 05:15:42 GMT

GET
H2 200 4201533
mc.yandex.ru/watch/ Frame CE53 43 B
72 B 70ms
70ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/4201533?page-url=https://riastrela.ru/&page-ref=https://yandex.ru/search/?text=%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&charset=utf-8&cnt-class=1&browser-info=pv:1:ar:1:gdpr:14:vf:h2b2laelw67j03cmy2kg:fu:0:en:utf-8:la:ru:v:802:cn:1:dp:1:ls:699146227016:hid:919328081:z:420:i:218340182722:et:11445637846:c:1:rn:919328081:rqn:4:u:8480189459395494000:w:555x652:s:1366x768x24:sk:1:cpf:1:eu:0:ns:699146227016:co:0:rqnl:1:st:699146227016:t:riastrela.ru&t=gdpr(14)mc(p-1-h-1)lt(61500)aw(1)rqnt(2)ti(2)

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:17 GMT

GET
H2 200 0d452bb36fbd52d71853.js Show response
yastatic.net/partner-code-bundles/916422/ Frame CE53 14 KB
5 KB 264ms
264ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/0d452bb36fbd52d71853.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a0935a5cceb67e31427704dbca2ab5b032e012c9e6a15ef7e2b601eeb885a4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4773
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "053c3c9130b57ea18361af7304bed7b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 89a91b205cd96c954e5f.js Show response
yastatic.net/partner-code-bundles/916422/ Frame CE53 24 KB
8 KB 265ms
265ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/89a91b205cd96c954e5f.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5460f776f1ca266be63f7b0ac3a19682db0a3ec42be65a8e4d68751e101ce874

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7945
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "175acabc4644585c37f98db487b6e7c1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 04dc35b6ded6468565c0.js Show response
yastatic.net/partner-code-bundles/916422/ Frame CE53 117 KB
25 KB 267ms
266ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/04dc35b6ded6468565c0.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7130e32e6ada0df807e9016a918a0a812efa084fd33d52dd5a0d5b891240d33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24582
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "b007aa54bb8c9b88ffe67896e2f40d69"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame CE53 33 KB
9 KB 268ms
268ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:18:11 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame CE53 25 KB
26 KB 269ms
269ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d2b5fc6fa6fcedd7
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 04:27:39 GMT

GET
H2 200 4201533 Show response
yandex.ru/ads/meta/ Frame CE53 266 KB
62 KB 717ms
717ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/4201533?target-ref=https%3A%2F%2Friastrela.ru%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&charset=utf-8&pcode-test-ids=909920%2C0%2C21%3B897722%2C0%2C87%3B911254%2C0%2C33%3B907878%2C0%2C42%3B911375%2C0%2C35%3B905123%2C0%2C88%3B901183%2C0%2C63%3B909817%2C0%2C23%3B913182%2C0%2C37%3B910552%2C0%2C2%3B910732%2C0%2C28%3B908466%2C0%2C28%3B882586%2C0%2C77%3B907884%2C0%2C62%3B892905%2C0%2C41%3B906702%2C0%2C74%3B910442%2C0%2C98%3B911316%2C0%2C86%3B910219%2C0%2C92%3B910505%2C0%2C25%3B914205%2C0%2C18%3B893897%2C0%2C10%3B912945%2C0%2C43%3B914601%2C0%2C62%3B916422%2C0%2C24%3B681842%2C0%2C66&pcode-flags-map=eJy1Wdty2zgS%2FRc9O1neL3kDSVDCmrcFQdtKyoXSJt6Mt2xny3FmZpPKv283AEqkJENxMpsHR6TVB0BfTp%2BGvy0uSC%2F7VXspSSErktFKli2XrJEZaRrKF2%2FefVv8vrn7crN4sxB8oIuzxdPN5yf2AZ6jyPeDePH9%2BmwH0%2FG2GHLRy7aRHRl6akWI3TTwNULBepJVVObt0AjJacE4zQXshHSdHcNzgsDb7gKWlPVQCcbbqgK0RuAHyuUlEfmKFlKwmsq2LHsq7Li%2B58S703Eq%2BBpP1VBx2fJzSTlv7f6JwyiI0y0CrJ6fg5PX7SBkX7Xwg72lMoMDF4Qz2tvB4sQNXAWGJ0CMjlN1yN1xL1hBW2l%2BP4NzHfg3w0v9NHZO4GVDWYLraN2JtaxYzfZBX4x40RFW%2FPU7LAf4%2FLOoDebqX7zTZzB%2FKT7HMf9%2FHvjZ6GOyLznJZEWbpVjNjKBYk6lZ4iROHGzNaKNIQHACpXLB%2BoFUmleQleiVoLyBN0Vvp4TE9SLnJ0DVi56UVJac1HbqUmtoeuAceaaHbwBhwYICybQjCAHYvUIlQ8FamXNKBLs4UepJ4HhuuN3%2BGCTRAgn1gnCBNFQyDgvlq6E5lyVh1QwxnEc8CbzY2wESITCm%2FUsQfRsgnBVYN68YBequ6BK8yZqylZcrphi9uaCwhE5%2B9M%2BJ04dOkkx4tykgCUmGLiAFIrEeXgy8wk1f0qw95c3YCXYsvKRwxqEXbS0vatJtvXtBqmEe8WivbpIo9KNdo6E5QOSC6KSpSVXZtxEnQRAcWitLecnESgrIxZdgjLGrBwF9DZxx2JLCmXnquU6kzHvwqjQtt8B0FeuOYtvv2kvKaVmyHIKZr2dgN3%2F%2BZw43K11SFGOldWQJLbYTDKpCFwKmmnJ3xZpz%2BxnTNDV9bmznDVXyZCweDL1tX6nrgCZQCF3eFvQXMZS0EepckHw9nGlmCN%2F003Bu6wXGzaOoMWIm77lt0TB1IcDKUJGwlmByaFjJIEqsATYpSU7tGIlnVAseGUIJWbKSVbtkuc0uchM%2F0mtDvQIV1DJbj8WHGQ7tIWOFFQKyy3Nn5wbPc8iFRhjxg02qhxjQRvZ7HH6wn9Q1qZ5jgbTNSAQleEEyRdBwLFJQ%2B6biJI109WMalKCzmqJaa4LHhN%2BXl3b77FyJNs3pmtAAA2o5a%2B0oaWCaBaJUFFIREGqrTZQEkXbnxG1LDqKkoP25aO37TqLA9af%2BU%2BQAlAwgE7wGZKgK%2BHIAzQ0tH7V3TqFErG6NXSeIw7H76UwTA29MeKAVQLTFirfDcmUt99h1R3auyNu1iqhUZTs1%2B7b4183T%2B9%2FqzePH24fFGzd0zhb3n%2F55e3fTv9%2Fc3T58XLzxvs9QQygDzXQ1UuQ%2FBjpQ6PWdzCpUARWbd6F3i%2FvN7d3rxy%2Bwt%2F9uHj7c%2FAmf%2F3Z7v%2Fl483n26uPmXr358PXmQX998%2Fvt0yf98f715OHDw615i8hbBHjxuPl69%2Bnrb%2BbXXx%2F1%2F18eN68fbv74fPCFf28%2B3d8q0%2BvjR2w0pdWUL%2FFnwYgUZNlb4%2Bd7nkkuVRYUYg%2FUmCvKthuGvuOZHiIgE0sCVKUZvxnqjFoZLg5d34hENRyq8Q57BcybNNcVCQKNAXecgIkdnX1AI8DrNRLcUlEOK0pyGN6Z55IwTA23zyp4WheiHfKVro6q7dUOdbPl9O9A5SeqA4ovSI6toGUnFGSGWdjBD3ij1BdrmDjSwA%2BQgyB058iTXSuKYktJeghOr6jKipa6EM4TnkBMFCqkKXaXBGautqfKEfQJbsWWKxC1K1r%2F6B6BaYzAwKgroW20pR0AmFRn7BpMoFZyne9Z1UIMgE5Bpgp6hBL4K%2FbKC6CdO8ErFyCnz97es7%2F3HKhn8soLYf6KPbCfpmDipJGrJULJrsCtpFMlrC8EhqVVdrlhEAYTbkNFy2osQHSLJgMrQOgGqQYoeyicFuYedmW38H3TTAzXAFPgFIU9jKj0xYQA%2BQr00wx2qCA1wsrEQvVwdeV0QhIkkRcmehcrwgsl7fQGeuAhQfKV1RooL4q2wmjZCQmJyDpr7qCRcZVSX3j6FofFF%2B8dpHLkHwHqhgx6JTCBsO9%2BZ7%2B7KKuR%2BvT4MV%2F9XZpie4i9sxQiFzh%2BdBb5KXRsP5xlYQJUns5AzfCW4zj4S7i%2B9tqkXnHiyCFudvWfhLEpDE7rFjMNyD2z8kwCiWHEVdmP2mgcbiTUtqwJTjZQIfZxxnWS9AQZqvEzx9uCVjUHHHq4IjKkx4qWQt8fEGimJxaLjFZu6MDR51jB9nOCjcl%2FwrgWSZPJZD6VOMB5wdzaD%2BJkaw29DHkDA8OK2bLvXCd0nOvnTV%2Bc%2B0dXVve8%2B7eesLaTxmdpGp65DoTjDJ99eA7Up%2FCZXe14D%2FSx6t5IRaoJWoc8xwnDo0IAIpyPHLei6pynemnqQHTcadKP9x5tBzviIoN5gUjsYVcniup6ButFqYZFCOU1nAl7RQC1Yl71ara3zd3dfG8%2BzBJ6GFBzGDqMUxDF0EJhzNNZYD9d7BqZrr6s2g0OiMhj5rJ%2FSQ9SyY%2FAzknnB4IJ1dkiqS6uBnRkcrzBFOA6LCYoZMXP%2BwP3wc7SdDKpcyDFrazSgTjBOGkce0dudfpzBsMClPF51wJlWzFS1%2FXCvbudtjNduUe4mTnov57ueTeJk%2BftCcxRPbXfL00wSNEX5weM4IL03runUG%2Bm9I%2B6yO7s0PV%2BRDBuLxWVmmcVE2vZZj3le9Lk%2FdNeorpuMsVvB9ELCEKtUM1thn3GwARz46MYW%2FvtrZ8eV%2FX3sKFWVMw26OHl%2BUvBa3I1Vlevy3MGeRxuwmHqT1ikU8XVLPXdIN71cZYfVEPwei%2BmvmvE7jiazV1IKqM%2BYJ1JbOAbRNDlGsgprwboKzUne4ywHypoE6F3LBUM%2FY2VdOqazdcgK2j2eANhRpcVNFU1IdjTBWgtmnJu8RbvNMbj4bbURc3YtdWr3gaZJCAyfwBy1XL2FjTvS0H3fTUvdfth48TcDo7leskKSA3wF%2BbJCe3gpWZifuYaq4RBgIOesW8his3wb%2B4mWaN4fz%2BzTKnzbV6dyKTxD7hG82UtVy3XriuQv4xWxPVHp4yljUcr2nyo8fpxm9%2Fjzk5kpeem02NqF%2F3qKcPJncVeB7VbBt7EsqAVWUOhqDu2fa6a6yPobcfNDD93bc8OGOX24fZp8QwO3tAULcpp%2B4ZhaAp3Fmto5%2FTqmOGB44PIcXc394c9LAo8b26h3ny%2F%2Fv4%2FkfGKuA%3D%3D&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62&pcode-icookie=NlH1UKiSThJAFN8BkeRDSrmU7ZRPKsVNDo4abyjya%2B8EpIzatMEpdC%2F5LMqQCZsp1xoGIs4mXgynxc7CbW70P%2BDxx6U%3D&imp-id=1&partner-stat-id=111&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=531064116216834&ad-session-id=9151181705012936924&target-id=99303541&tga-with-creatives=1&top-ancestor=https%3A%2F%2Friastrela.ru&top-ancestor-undetermined=0&pcode-version=916422&pcodever=916422&flash-ver=0&layout-config=%7B%22win_width%22%3A650%2C%22win_height%22%3A400%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A650%2C%22h%22%3A400%2C%22width%22%3A0%2C%22height%22%3A400%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B8297415469893%5D

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3c48fde388a2b8280c381b89f6c4f2cbee1d07dd2e50238b5a1ea4d08850ace9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1705012937232972-6262295552144340917-balancer-l7leveler-kubr-yp-vla-109-BAL-6443
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:17 GMT

GET
H2 200 38c76556f728f62addb4.js Show response
yastatic.net/partner-code-bundles/916422/ Frame CE53 59 KB
15 KB 291ms
290ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/38c76556f728f62addb4.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

327f27e8dadc7186a5425643fa096960251b33ad2cc3570a9aa564802c327217

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14845
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "bff11b55879f085c86136d8809b2c205"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 3504af7a9f6c0b9e8cd1.js Show response
yastatic.net/partner-code-bundles/916422/ Frame CE53 598 KB
115 KB 310ms
310ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1dcbf404e84d061249df6c089462866088e2f3a0c016fc6e465311df8d6f860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117232
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "96b82e3b810ed1b42b71010843d70906"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame B212 23 KB
6 KB 192ms
192ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac0a1df25d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:17 GMT
expires: Sat, 10 Feb 2024 22:42:17 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eoiOoXuBjkHYfmmiAymUh8ktfGzQn4bZsqYrQXT3rRHaCV%2Bf8F8GBNuwn3TY%2BpjCmlFCZ%2Fjos3BUC9pyIoGHXD49FOr7ALVhqqee%2Br2YRCAQXOxj0c%2BclWCdVFFsBPzH0HciGG0D3osuTdqFA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 62ms
62ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234217%3Aet%3A1705012937%3Ac%3A1%3Arn%3A916178980%3Arqn%3A7%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012937%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-5)clc(0-0-0)rqnt(7)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:17 GMT

GET
H3 200 context2.js Show response
borzjournal.ru/vhook/v7/rtb2/temp/ Frame B212 747 KB
119 KB 40ms
40ms Script
application/javascript 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123
Requested by: Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43d5dbba83d7fc5d50b91f3937a7da0cce2e8d21ea9a696544be5aa1a5f2561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 20:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1185995
etag: W/"6564f63a-baaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLBLvWPDqWijPtZmqp5l%2BuhENkoCgxxtViiziVx3acv2YKWskQblNu7nXBNkFEN5kBbfdap6t%2Bxls16LtWPvXEjOfKn5ehzZe2Cg1N25mcju65%2BsCAixchlgW2iMjTe8Yomkl71X93RkEq2OKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac0b9f655d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 05:15:42 GMT

GET
H3 200 text2.txt Show response
borzjournal.ru/vhook/v7/rtb2/ Frame B212 368 KB
105 KB 220ms
220ms Fetch
text/plain 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/text2.txt
Requested by: Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fe66f078bae968ef7252bf3e67190379facc5af796ddcbdca789eff5ce5476

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 11 Jan 2024 22:42:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a06eba-5be65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=knfeVDFpxOnuhajdpWpVMwifwlslgo8aHIjNRM7kZcgsUr61qNKidRbYnZxPCzR2d8aBhY6mczrZfqmEPaK3SBw%2F3mpsmCJFPTIJgVboHhMuvGgjPDtVpZjWDtBsn4nNAEQcB9Wafw%2BHBF6y6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac0baf8f5d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 22:42:17 GMT

GET
H2 200 relap-banner.html Show response
msk-reality.ru/ Frame 1E48 7 KB
3 KB 209ms
159ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a52d2730bc37a7efe5edf8de86777275a015e3dac7359578128aa76074dd870d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac0c48061e5a-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:17 GMT
expires: Sat, 10 Feb 2024 22:42:17 GMT
last-modified: Sat, 30 Sep 2023 12:31:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZrtxUYf7GnWl5Fe13r2PgZjj7a5iluci8i8JeZ8l%2F1wNWLgWF2kIlwjfOvdMEgGH8Au%2Fpwyr8kKeNc2fvmymiF1KG1%2BtLBMAQHraD86CI4YLS0srw0V1mEJRpcSpP%2Frl85UqzkAIT2oiQzaDw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 65ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234217%3Aet%3A1705012938%3Ac%3A1%3Arn%3A431497832%3Arqn%3A8%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012938%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-6)clc(0-0-0)rqnt(8)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:17 GMT

GET
H2 200 0d452bb36fbd52d71853.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B212 14 KB
5 KB 55ms
55ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/0d452bb36fbd52d71853.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a0935a5cceb67e31427704dbca2ab5b032e012c9e6a15ef7e2b601eeb885a4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4773
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "053c3c9130b57ea18361af7304bed7b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 89a91b205cd96c954e5f.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B212 24 KB
8 KB 114ms
114ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/89a91b205cd96c954e5f.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5460f776f1ca266be63f7b0ac3a19682db0a3ec42be65a8e4d68751e101ce874

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7945
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "175acabc4644585c37f98db487b6e7c1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 04dc35b6ded6468565c0.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B212 117 KB
25 KB 127ms
127ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/04dc35b6ded6468565c0.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7130e32e6ada0df807e9016a918a0a812efa084fd33d52dd5a0d5b891240d33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24582
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "b007aa54bb8c9b88ffe67896e2f40d69"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame B212 33 KB
9 KB 140ms
140ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:18:11 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame B212 25 KB
26 KB 148ms
147ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d2b5fc6fa6fcedd7
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 04:27:39 GMT

GET
H2 200 38c76556f728f62addb4.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B212 59 KB
15 KB 161ms
161ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/38c76556f728f62addb4.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

327f27e8dadc7186a5425643fa096960251b33ad2cc3570a9aa564802c327217

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14845
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "bff11b55879f085c86136d8809b2c205"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 3504af7a9f6c0b9e8cd1.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B212 598 KB
115 KB 263ms
263ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1dcbf404e84d061249df6c089462866088e2f3a0c016fc6e465311df8d6f860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117232
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "96b82e3b810ed1b42b71010843d70906"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 css_uzvrkhaWwR08Auub7eXD5hi-mpXoLjs0OeLFmTUhG2o.css
msk-reality.ru/css/ Frame 1E48 16 KB
3 KB 30ms
29ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msk-reality.ru/css/css_uzvrkhaWwR08Auub7eXD5hi-mpXoLjs0OeLFmTUhG2o.css
Requested by: Host: msk-reality.ru
URL: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce07d82c24047dc74aedd97815099c855af720a7ca89ebeeae2b78d3a16b7f06

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 19:21:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1108320
etag: W/"6515d223-3fc5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lFh8wuppriXliybIOWAVIx8%2BhK6UKO%2BMLlr5rsIfzxR%2BNu1OCpWD3ipEBfrArFDb1bHhYMBXMULz5mEGMQMu8NV4In1yWky6262K%2FC5vebjFc8mS7uoOu1LmhmhZXaQhKl7GIlUywdUL7eHKaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 8440ac0d48e01e5a-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 29 Jan 2024 02:50:17 GMT

GET
H2 200 css_ndEA-vo3iFrxU0gZymmsNkga_In0aeuJol6BjWOW6BY.css
msk-reality.ru/css/ Frame 1E48 43 KB
9 KB 747ms
747ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://msk-reality.ru/css/css_ndEA-vo3iFrxU0gZymmsNkga_In0aeuJol6BjWOW6BY.css
Requested by: Host: msk-reality.ru
URL: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5083a88394811cb781b46b48c49bb0318820a9476ad17d05dbf08e7a0f4bcde4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://msk-reality.ru/relap-banner.html?pl=1&_t=72746
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 28 Sep 2023 19:21:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1251349
etag: W/"6515d223-aa9f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4AiW82KOXit28yk8D7Vje5F0Jfe9msFWmBNiX6zkpvujj4XFikU3dc%2FZNX4J8VjwS3ntWK9sTaBz4AZPITUzhE6fe15H8HFZlTILTEZ5Cy0rN6wnsNKqkuHhL7NN67MJSBx5kdIUr%2BARh6cqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=2592000
cf-ray: 8440ac0d48e11e5a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 11:06:28 GMT

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame A5EF 23 KB
6 KB 914ms
914ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bloha.ru&id=4567093&pl=1&statId=111&_t=7790
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac0dd8b45d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:17 GMT
expires: Sat, 10 Feb 2024 22:42:17 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efdyzcozvVd35eJFwp561wOA1t2Mr9MavdL%2FP%2B2fhi8317cCGNUwV%2FPMgi1xCtQ%2F1%2FRSPiMKA%2F1gk5AoYGo%2B9IeY7%2Bb5LaNPMdy4wWGM0g%2BlopI0cC4ZWFD6N%2BH%2BAgS2cPrM0m5IX1DzMsWJKg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 343ms
342ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234217%3Aet%3A1705012938%3Ac%3A1%3Arn%3A932655123%3Arqn%3A9%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012938%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-7)clc(0-0-0)rqnt(9)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:17 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:17 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:17 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 483ms
122ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame 19F4 0
188 B 408ms
407ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame 19F4 157 KB
56 KB 550ms
126ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Thu, 11 Jan 2024 23:42:18 GMT

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/5296029/LwHSbq-9LBedJcaxXQsVDw/ Frame 19F4 5 KB
6 KB 297ms
181ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5296029/LwHSbq-9LBedJcaxXQsVDw/y180
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: a414a85699781367b328ae6a1b874f2c9fca80149dbc628d52ebb2cd39ea1706

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Wed, 10 Aug 2022 12:26:19 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 5460
x-request-id: 38016cf9742d37eb

GET
H/1.1 200
Ok samaragruz.ru
favicon.yandex.net/favicon/ Frame 19F4 640 B
853 B 263ms
56ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/samaragruz.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

65361756fbeeb484699e581dce37c9174737dc4f6cc3e9f976dbd44693ee40d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x180
avatars.mds.yandex.net/get-direct/5391252/Db_7e2596WUnhyugaNmMQA/ Frame 19F4 5 KB
6 KB 296ms
181ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5391252/Db_7e2596WUnhyugaNmMQA/x180
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: af350de2513e7d494cd6b0bde4e7f1e8df9040376fe70c8f6741906f8aba78a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Tue, 30 Aug 2022 09:34:34 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 5580
x-request-id: f6e982ad657ecd74

GET
H/1.1 200
Ok storage.cargo-avto.ru
favicon.yandex.net/favicon/ Frame 19F4 517 B
730 B 325ms
61ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/storage.cargo-avto.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f2835312483462d9c07208579dea1260f6662156c4b4640172778daa7e6c4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/3595100/xu1aaRcpq4E7ChEmyuNjTw/ Frame 19F4 26 KB
26 KB 296ms
181ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/3595100/xu1aaRcpq4E7ChEmyuNjTw/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8c8aa615ee5e3de8f87add35e682392f09e99b4e114c33f6efb24a5bf3177d2b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Thu, 17 Aug 2023 12:25:06 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 26368
x-request-id: 5262c9eeedd92aec

GET
H/1.1 200
Ok zolotov.studio
favicon.yandex.net/favicon/ Frame 19F4 502 B
715 B 287ms
134ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/zolotov.studio?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8d6de74d55908b8d6c212407a13171f2e173af54e5b4c7fbc21347a528d31da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/ Frame 19F4 13 KB
14 KB 295ms
180ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/y180
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 053d184910cfc0faa536fd5fa16049187b4d86b4fe960cbace8f20a9c4d9824d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Wed, 20 Sep 2023 20:44:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 13520
x-request-id: 4a627a531b2c1ae2

GET
H/1.1 200
Ok bizibar.ru
favicon.yandex.net/favicon/ Frame 19F4 1003 B
1 KB 206ms
58ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/bizibar.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

41eb6fb84ab83ed2c2a4a5f30c58dd683473013041d3a2dccf549a87c4a7f35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame FB21 24 KB
7 KB 471ms
56ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Thu, 11 Jan 2024 22:42:18 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 11 Jan 2054 05:16:34 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 331ms
122ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame 19F4 0
51 B 408ms
408ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

POST
H2 200 1TDz53x-0L4200000000U9nJF21sMY4yTqgU8QVWsTp8j-L_BK_cBKXb009Fc4ZeKNNbajZqMmuCgOn0yKnEGSrKa7WfY5Tx5KYqCfO1oKuG7mYO66Oo7Ze2uInaZ7E3i5OoVg-6o6y42MnW1X9x6RjkSJ4S1SkSPGI9N6K4ITvbP91XOFZBE8k9WM4k4qXaALC3a...
yandex.ru/an/rtbcount/ Frame 19F4 43 B
444 B 377ms
377ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1TDz53x-0L4200000000U9nJF21sMY4yTqgU8QVWsTp8j-L_BK_cBKXb009Fc4ZeKNNbajZqMmuCgOn0yKnEGSrKa7WfY5Tx5KYqCfO1oKuG7mYO66Oo7Ze2uInaZ7E3i5OoVg-6o6y42MnW1X9x6RjkSJ4S1SkSPGI9N6K4ITvbP91XOFZBE8k9WM4k4qXaALC3aBsMYGV8ESlq7mYkCkK3nLyn2Rmwk5ANKv2HWMjoiTDcFZQ6lqmi82SnimB9NcP583cL6MJ4N6Oca3EOcHmL8CvWljCGEScj_N_TIMPOA5m5gxmB9dyoEpZnGpp1qcWK1lR52fP3dUmRM1Xti30UO66woGBnq0VxXomlTgPLsFZVi7_B0lBC0bREawopVFZ0qZTPLuYr2Syky_3xoWfoUGTR0yi4jWDhrxHzMZNxLDuCjYk7WnUmdTtKS-h5XIiBTZ2kP8CPTe3DumGRyoCstgH4LokNKdE3YWpBVFENR31hVx8fgVChFCz-RZ-HFIcZOHftyZlxMUnibePc9aP62zWPLx0pRc1lQcZWsS7ESu9T_07xfDQvCvvycdkZzWSxpm8Ee5zMSDphOTt0yVqxumuEnbiS687vb8E1eS6-bnFagQcS8Fyku6nWNi5Pk85p8TC9JjOBd8mlE1a_S3B-u6HSm0Kq400gMxOv?pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012938107489-1600156511706895789-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame 8B06 23 KB
6 KB 646ms
646ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=tehno-rating.ru&id=4384699&pl=1&statId=111&_t=18899
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac0fb9dc5d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:18 GMT
expires: Sat, 10 Feb 2024 22:42:18 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFUFdl0a0lOusjMK5nu0Skqo3%2BJOyiyaG60Uy6Uy337SZZROzuX7pInOEndiuIYD5lVfAWwNk%2Bu9ySsGax4nO64upRi0qboVmeuHQZU20CbqckNrXd41pwmhKbE9ssFcHeNMLAgFC54fuIDtSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
146 B 66ms
66ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012938%3Ac%3A1%3Arn%3A326879089%3Arqn%3A10%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012938%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-8)clc(0-0-0)rqnt(10)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 63ms
63ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame CE53 0
51 B 353ms
353ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame CE53 157 KB
56 KB 84ms
83ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Thu, 11 Jan 2024 23:42:18 GMT

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/ Frame CE53 13 KB
14 KB 325ms
324ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/y180
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 053d184910cfc0faa536fd5fa16049187b4d86b4fe960cbace8f20a9c4d9824d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Wed, 20 Sep 2023 20:44:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 13520
x-request-id: 4a627a531b2c1ae2

GET
H/1.1 200
Ok bizibar.ru
favicon.yandex.net/favicon/ Frame CE53 1003 B
1 KB 55ms
55ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/bizibar.ru?size=32&stub=2

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

41eb6fb84ab83ed2c2a4a5f30c58dd683473013041d3a2dccf549a87c4a7f35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H/1.1 200
Ok zolotov.studio
favicon.yandex.net/favicon/ Frame CE53 502 B
715 B 64ms
64ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/zolotov.studio?size=32&stub=2

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8d6de74d55908b8d6c212407a13171f2e173af54e5b4c7fbc21347a528d31da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/5390434/I79X5fs8aIxfvY-HH4k-mQ/ Frame CE53 32 KB
32 KB 310ms
309ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5390434/I79X5fs8aIxfvY-HH4k-mQ/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: d8668c2b8d78eb0abe47704e406ceef4ab86f119a1f52e133db321812333d20b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Thu, 17 Aug 2023 12:30:57 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 32300
x-request-id: 7293e33d775d913a

GET
H2 200 x180
avatars.mds.yandex.net/get-direct/5324097/fGjfyWrFshtARqg5VZJRCA/ Frame CE53 8 KB
9 KB 420ms
419ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5324097/fGjfyWrFshtARqg5VZJRCA/x180
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1b65cf3205f0cd8eb93b3a45083f98be47f0a1f11cdf8921655f359b207362d1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Fri, 05 Jan 2024 14:47:14 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 8484
x-request-id: 81f219f6c20cddca

GET
H/1.1 200
Ok britvabarber.ru
favicon.yandex.net/favicon/ Frame CE53 1 KB
1 KB 123ms
123ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/britvabarber.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

cb6d9ba8a39ac95f4709ca6df568cb4ceaa260fda65282a52bd5a695530a69c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4012453/Isno0SkGiFWMJ9K29opEzA/ Frame CE53 6 KB
6 KB 421ms
420ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4012453/Isno0SkGiFWMJ9K29opEzA/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8d8469000ebe37310a8f2d75683b100a8e1b4ee3d2e67c7465e79722d3011f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Mon, 26 Jun 2023 08:37:12 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 5706
x-request-id: 26842e75aa339566

GET
H/1.1 200
Ok stankopolimer.ru
favicon.yandex.net/favicon/ Frame CE53 908 B
1 KB 95ms
55ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/stankopolimer.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

9cb558577101c0a1082ee20c04f3b17e03dc92be5ed9f64a580d275e79aa6401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET d.png
ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/ Frame FB21 0
0

GET
H2

200

5f5313159e17f427c2a783
an.yandex.ru/mapuid/arcspireis/ Frame FB21
Redirect Chain

https://px.arcspire.io/yndx?id=9d4cd41a-f59d-4815-8a89-9d30806f5389
https://an.yandex.ru/mapuid/arcspireis/5f5313159e17f427c2a783

43 B
80 B

317ms
317ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/arcspireis/5f5313159e17f427c2a783

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/arcspireis/5f5313159e17f427c2a783
date: Thu, 11 Jan 2024 22:42:17 GMT
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

0100007FC06EA0651236754E02EF6FDB
an.yandex.ru/mapuid/sapeis/ Frame FB21
Redirect Chain

https://acint.net/rmatch/?dp=151&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fsapeis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/sapeis/0100007FC06EA0651236754E02EF6FDB

43 B
80 B

331ms
329ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/sapeis/0100007FC06EA0651236754E02EF6FDB

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

date: Thu, 11 Jan 2024 22:42:18 GMT
server: openresty
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location: https://an.yandex.ru/mapuid/sapeis/0100007FC06EA0651236754E02EF6FDB
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 154
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2

200

995716f2-a6e0-530c-a191-48e3c4312622
an.yandex.ru/mapuid/betweendigitalis/ Frame FB21
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F%24%7BUSER_ID%7D
https://an.yandex.ru/mapuid/betweendigitalis/995716f2-a6e0-530c-a191-48e3c4312622

43 B
80 B

289ms
289ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/995716f2-a6e0-530c-a191-48e3c4312622

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/995716f2-a6e0-530c-a191-48e3c4312622
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/adobedmp/
https://dpm.demdex.net/ibs:dpid=423652&dpuuid=F6A84AE2474A5FB9
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F6A84AE2474A5FB9

42 B
717 B

35ms
35ms

Image
image/gif

52.19.219.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F6A84AE2474A5FB9

Protocol

Server

52.19.219.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-219-1.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-01a4861f9.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: NH3y7Z16SeE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-08e40c941.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: 2SjQQLgdRwI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=423652&dpuuid=F6A84AE2474A5FB9
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

match
ads.betweendigital.com/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/betweenx/
https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFEAB26BEBA31C3E

68 B
598 B

443ms
442ms

Image
image/png

96.46.186.61
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFEAB26BEBA31C3E
Protocol: H2
Server: 96.46.186.61 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938520838-1833031315205010981-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://ads.betweendigital.com/match?bidder_id=161&external_user_id=EFEAB26BEBA31C3E
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H/1.1

204
No Content

pixel
im.bluevoox.com/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/blueseaxcom/
https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D7FD3AA13CA0D89D

0
241 B

333ms
105ms

Image
text/plain

52.45.175.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D7FD3AA13CA0D89D
Protocol: HTTP/1.1
Server: 52.45.175.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-175-185.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Connection: close
Date: Thu, 11 Jan 2024 22:42:18 GMT
Server: openresty

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938521082-9481203198701111821-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://im.bluevoox.com/pixel?s1=1&s2=1315&s3=vldyrx2shs82pv9o&cm=1&rd=1&puid=D7FD3AA13CA0D89D
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandex_llc
https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
409 B

108ms
31ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938521339-15072573018841417772-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandex_llc&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexcom
https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

110ms
33ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938521616-4924910835441419830-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexcom&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/google/?partner-tag=yandexru
https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

170 B
232 B

108ms
32ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938521930-11798412351685842898-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=yandexru&google_hm=AE7D6AC955F4E3BE&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2 200 /
yandex.ru/an/mapuid/mailweb/ Frame FB21 0
0 71ms
65ms Image
text/html 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/mailweb/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2

200

sync
x.bidswitch.net/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/minimobww/
https://yandex.digital-services.solutions/api/sync?demand=YANV2EU&userid=D0577A5CA40FA3E0&expires=1&usergroup=1
https://x.bidswitch.net/sync?dsp_id=469&user_id=D0577A5CA40FA3E0&expires=1&user_group=1

43 B
146 B

89ms
21ms

Image
image/gif

18.195.61.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=469&user_id=D0577A5CA40FA3E0&expires=1&user_group=1
Protocol: H2
Server: 18.195.61.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-61-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=469&user_id=D0577A5CA40FA3E0&expires=1&user_group=1
date: Thu, 11 Jan 2024 22:42:18 GMT
x-powered-by: Express
content-length: 109
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 /
yandex.ru/an/mapuid/operacom/ Frame FB21 0
0 72ms
65ms Image
text/html 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/operacom/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H/1.1

200
OK

user-sync
sync.adkernel.com/ Frame FB21
Redirect Chain

https://yandex.ru/an/mapuid/xapadsssp/
https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=99B1D6B8B3E6D772

42 B
202 B

45ms
14ms

Image
image/gif

77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=99B1D6B8B3E6D772
Protocol: HTTP/1.1
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:18 GMT
Cache-Control: no-store
Server: nginx
Connection: close
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012938522967-3155727814868703853-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://sync.adkernel.com/user-sync?dsp=94&t=image&uid=99B1D6B8B3E6D772
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H2 200 /
yandex.ru/an/mapuid/yeahmobissp/ Frame FB21 0
0 129ms
123ms Image
text/html 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yandex.ru/an/mapuid/yeahmobissp/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2

200

ae9f9476f636badf5a7729f8bf946ea8acddd3b73e5fdde3aeabef9b10693174
an.yandex.ru/mapuid/mediascope/ Frame FB21
Redirect Chain

https://cm.tns-counter.ru/yacm
https://an.yandex.ru/mapuid/mediascope/ae9f9476f636badf5a7729f8bf946ea8acddd3b73e5fdde3aeabef9b10693174

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediascope/ae9f9476f636badf5a7729f8bf946ea8acddd3b73e5fdde3aeabef9b10693174

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
server: ms-counter-4.4.3/1.22.1
content-type: text/html
location: https://an.yandex.ru/mapuid/mediascope/ae9f9476f636badf5a7729f8bf946ea8acddd3b73e5fdde3aeabef9b10693174
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 204 cr
cr.frontend.weborama.fr/ Frame FB21 0
284 B 73ms
20ms Image
text/plain 34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=yandex&url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fdmpweborama%2F{WEBO_CID}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
via: 1.1 google
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 204 match
dm.hybrid.ai/ Frame FB21 0
279 B 24ms
18ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=182

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: https://yastatic.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-mode: 513
x-xss-protection: 1; mode=block
expires: -1

GET
H2 204 yandexdmp-match
dm.hybrid.ai/ Frame FB21 0
237 B 24ms
18ms Image
text/plain 37.230.131.22
HYBRID-POLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/yandexdmp-match

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.230.131.22 Amsterdam, Netherlands, ASN200197 (HYBRID-POLAND, PL),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 512
x-xss-protection: 1; mode=block
expires: -1

GET
H2

200

XK0UPCefIKmeKrF7-6ub
an.yandex.ru/mapuid/dmpamberdata/ Frame FB21
Redirect Chain

https://dmg.digitaltarget.ru/1/119/i/i?i=1705012937
https://an.yandex.ru/mapuid/dmpamberdata/XK0UPCefIKmeKrF7-6ub

43 B
80 B

332ms
331ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpamberdata/XK0UPCefIKmeKrF7-6ub

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:18 GMT
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
X-Permitted-Cross-Domain-Policies: master-only
X-Frame-Options: DENY
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/dmpamberdata/XK0UPCefIKmeKrF7-6ub
Access-Control-Max-Age: 86400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2

200

qlEVXQPDOGGWowBaoycGDIzNxPIkspdW
an.yandex.ru/mapuid/mediasurferis/ Frame FB21
Redirect Chain

https://dsp.mpartner.digital/dmp/syncsspdmp?sspid=4
https://an.yandex.ru/mapuid/mediasurferis/qlEVXQPDOGGWowBaoycGDIzNxPIkspdW

43 B
80 B

205ms
205ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mediasurferis/qlEVXQPDOGGWowBaoycGDIzNxPIkspdW

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/mediasurferis/qlEVXQPDOGGWowBaoycGDIzNxPIkspdW
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8
content-length: 109
p3p: policyref="//dsp.mpartner.digital/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"

GET
H2 200 server_match
euw-ice.360yield.com/ Frame FB21 43 B
199 B 115ms
33ms Image
image/gif 34.247.112.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://euw-ice.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fazerionis%2F{PUB_USER_ID}
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.112.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-112-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:18 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

fe2d3571-74e0-438f-6f87-8aafdd0b6b85
an.yandex.ru/mapuid/buzzooladspis/ Frame FB21
Redirect Chain

https://exchange.buzzoola.com/cookiesync/redirect/yandex?redirect_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbuzzooladspis%2F%24%7BUUID%7D
https://an.yandex.ru/mapuid/buzzooladspis/fe2d3571-74e0-438f-6f87-8aafdd0b6b85

43 B
80 B

357ms
357ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/buzzooladspis/fe2d3571-74e0-438f-6f87-8aafdd0b6b85

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/buzzooladspis/fe2d3571-74e0-438f-6f87-8aafdd0b6b85
date: Thu, 11 Jan 2024 22:42:18 GMT
server: nginx
content-length: 113
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

404

12908933990099532848
an.yandex.ru/mapuid/part_id/ Frame FB21
Redirect Chain

https://eye.targetads.io/sync/yandex/
https://an.yandex.ru/mapuid/part_id/12908933990099532848

43 B
80 B

79ms
78ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/part_id/12908933990099532848

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/part_id/12908933990099532848
date: Thu, 11 Jan 2024 22:42:18 GMT
server: ycalb
content-length: 0

GET
H/1.1

500
Internal Server Error

mts
kimberlite.io/rtb/sync/ Frame FB21
Redirect Chain

https://kimberlite.io/rtb/sync/yandex
https://solta-sync.rutarget.ru/sync
https://kimberlite.io/rtb/sync/segmento?u=F1TL7vPZO2Qt
https://sm.rtb.mts.ru/p?ssp=toptraffic&id=ZaBuwUvMwlo
https://vma.mts.ru/match/second?ssp=59&exu=ZaBuwUvMwlo
https://tech.rtb.mts.ru/?dsp_uid=e1819881-1ec9-4694-ac44-11ce27d29f6d&return_url=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3D9503528%26dest%3Dhttps%253A%252F%252Fvma.mts.ru%252Fem%253Fnext%253D59%2...
https://x01.aidata.io/0.gif?pid=9503528&dest=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D2%26ssp%3Daidata%26id%3D%24UID
https://vma.mts.ru/em?next=59&em=2&ssp=aidata&id=aEe1/DROFJJPiSyFzk4I5w
https://kimberlite.io/rtb/sync/mts?u=e1819881-1ec9-4694-ac44-11ce27d29f6d

43 B
336 B

89ms
89ms

Image
image/gif

217.199.220.44
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kimberlite.io/rtb/sync/mts?u=e1819881-1ec9-4694-ac44-11ce27d29f6d
Protocol: HTTP/1.1
Server: 217.199.220.44 , Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS: s4.kimberlite.io
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx
Content-Type: image/gif
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
Connection: keep-alive
server-timing: app;srv=0;dur=0.0001
Content-Length: 43

Redirect headers

Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx
Vary: Origin
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
Location: https://kimberlite.io/rtb/sync/mts?u=e1819881-1ec9-4694-ac44-11ce27d29f6d
Cache-Control: no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

/
an.yandex.ru/mapuid/targetrtbis/ Frame FB21
Redirect Chain

https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/mapuid/targetrtbis/

43 B
80 B

195ms
195ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/targetrtbis/

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:18 GMT
Server: nginx/1.22.1
Vary: Origin
Access-Control-Allow-Origin: *
Location: https://an.yandex.ru/mapuid/targetrtbis/
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET pixel
mitdmp.whiteboxdigital.ru/ Frame FB21 0
0

GET
H/1.1

204
No Content

cm
nr.bidderstack.com/yandex/ Frame FB21
Redirect Chain

https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}
https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1

0
194 B

28ms
28ms

Image
text/plain

167.235.186.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nr.bidderstack.com/yandex/cm?user_id={partner_user_id}&pupa=1
Protocol: HTTP/1.1
Server: 167.235.186.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.113.186.235.167.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 11 Jan 2024 22:42:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: /yandex/cm?user_id={partner_user_id}&pupa=1
Access-Control-Allow-Origin: *
Date: Thu, 11 Jan 2024 22:42:18 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

/
an.yandex.ru/mapuid/ramblerssp/ Frame FB21
Redirect Chain

https://profile.ssp.rambler.ru/sync3.302?pid=188
https://an.yandex.ru/mapuid/ramblerssp/

43 B
80 B

72ms
58ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=0
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
location: //an.yandex.ru/mapuid/ramblerssp/
content-type: application/x-javascript
x-passed: 0bal1
content-length: 0

GET
H2

200

mBicfCvh9k.AikABlGM-rCiUg
an.yandex.ru/mapuid/getintentis/ Frame FB21
Redirect Chain

https://px.adhigh.net/p/cm/yandexssp
https://an.yandex.ru/mapuid/getintentis/mBicfCvh9k.AikABlGM-rCiUg

43 B
80 B

333ms
331ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/getintentis/mBicfCvh9k.AikABlGM-rCiUg

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
server: nginx
x-backend-id: f17-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://an.yandex.ru/mapuid/getintentis/mBicfCvh9k.AikABlGM-rCiUg
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 y
rtb-eu-warsaw.intent.ai/um/ Frame FB21 68 B
831 B 187ms
61ms Image
image/png 2606:4700:20::ac43:48bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb-eu-warsaw.intent.ai/um/y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:48bf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 68
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IvyIOa2%2Bd86KxVnN54V5JJQIbKjsT6p4hHRrt1KT2HBsBaej4CRKFYXnZ7Wr6%2BYj6lwa8UtV7chqU8jeTWZuaXtW%2Bh7%2FMHcWZPfMFrWNO5f6Ja6GZv7YHn9gfI3MEmTsYYJMPBBcxNfxY8mdD2x6vqVE6Oce"}],"group":"cf-nel","max_age":604800}
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
cf-ray: 8440ac14e86c9131-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
expires: Wed, 11 Nov 1998 11:11:11 GMT

GET
H2

200

aT31YqMg601MdtMojC5U
an.yandex.ru/mapuid/kadamis/ Frame FB21
Redirect Chain

https://s.uuidksinc.net/match/501
https://an.yandex.ru/mapuid/kadamis/aT31YqMg601MdtMojC5U

43 B
80 B

346ms
346ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/kadamis/aT31YqMg601MdtMojC5U

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/kadamis/aT31YqMg601MdtMojC5U
date: Thu, 11 Jan 2024 22:42:18 GMT
server: nginx/1.23.2
content-length: 0

GET
H2

200

pixel
shopnetic.com/api/rtb/dmp/ Frame FB21
Redirect Chain

https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex
https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1

43 B
406 B

48ms
48ms

Image
image/gif

77.244.216.90
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1

Protocol

Server

77.244.216.90 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS"
content-type: image/gif
cache-control: no-cache, private, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 03:00:00 MSK

Redirect headers

location: https://shopnetic.com/api/rtb/dmp/pixel?partner=yandex&tc=1
date: Thu, 11 Jan 2024 22:42:19 GMT
server: nginx
content-length: 154
content-type: text/html

GET
H2

200

e1819881-1ec9-4694-ac44-11ce27d29f6d
an.yandex.ru/mapuid/mtsdspis/ Frame FB21
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=yandex&id=map
https://vma.mts.ru/match/second?ssp=55
https://tech.rtb.mts.ru/?dsp_uid=e1819881-1ec9-4694-ac44-11ce27d29f6d&return_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fmtsdspis%2Fe1819881-1ec9-4694-ac44-11ce27d29f6d
https://an.yandex.ru/mapuid/mtsdspis/e1819881-1ec9-4694-ac44-11ce27d29f6d

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/mtsdspis/e1819881-1ec9-4694-ac44-11ce27d29f6d

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://an.yandex.ru/mapuid/mtsdspis/e1819881-1ec9-4694-ac44-11ce27d29f6d
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H2

200

data_sess_sync.php
sonar.semantiqo.com/fbfli/ Frame FB21
Redirect Chain

https://sonar.semantiqo.com/dmp/scr.php
https://counter.yadro.ru/id127/reff-id.gif?sid=0212a393c481436ca32a1df3f0fd04b5
https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=0212a393c481436ca32a1df3f0fd04b5

0
355 B

43ms
42ms

Image
text/html

95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=0212a393c481436ca32a1df3f0fd04b5
Protocol: H2
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

Redirect headers

Location: https://sonar.semantiqo.com/fbfli/data_sess_sync.php?spid=&sid=0212a393c481436ca32a1df3f0fd04b5
Date: Thu, 11 Jan 2024 22:42:19 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 364
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

Y9ujBLEfdGFTGx7Qar4mew
an.yandex.ru/mapuid/dmpadriver/ Frame FB21
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?dsp_id=109
https://an.yandex.ru/mapuid/dmpadriver/Y9ujBLEfdGFTGx7Qar4mew?sign=3518169985

43 B
152 B

61ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpadriver/Y9ujBLEfdGFTGx7Qar4mew?sign=3518169985

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/dmpadriver/Y9ujBLEfdGFTGx7Qar4mew?sign=3518169985
Date: Thu, 11 Jan 2024 22:42:18 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2

200

AY9ujBLEfdGFTGx7Qar4mew
an.yandex.ru/mapuid/adriveris/ Frame FB21
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=19
https://an.yandex.ru/mapuid/adriveris/AY9ujBLEfdGFTGx7Qar4mew

43 B
80 B

119ms
119ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adriveris/AY9ujBLEfdGFTGx7Qar4mew

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Location: //an.yandex.ru/mapuid/adriveris/AY9ujBLEfdGFTGx7Qar4mew
Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H/1.1 200
OK /
sync.bumlam.com/ Frame FB21 43 B
552 B 21ms
21ms Image
image/gif 31.172.81.172
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=yandex
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.172 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 11 Jan 2024 22:42:18 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Server: nginx
Connection: keep-alive
Content-Length: 43
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H2

200

a77805a8-b0d2-11ee-bbb1-002590c82436
an.yandex.ru/mapuid/adsniperis/ Frame FB21
Redirect Chain

https://sync.bumlam.com/?src=yandex2
https://an.yandex.ru/mapuid/adsniperis/a77805a8-b0d2-11ee-bbb1-002590c82436

43 B
80 B

173ms
173ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adsniperis/a77805a8-b0d2-11ee-bbb1-002590c82436

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Date: Thu, 11 Jan 2024 22:42:18 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://an.yandex.ru/mapuid/adsniperis/a77805a8-b0d2-11ee-bbb1-002590c82436
Access-Control-Allow-Origin: https://yastatic.net
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2 204 yandexortb
sync.dmp.otm-r.com/match/ Frame FB21 0
68 B 34ms
31ms Image
text/plain 138.201.65.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/yandexortb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 138.201.65.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.75.65.201.138.clients.your-server.de
Software: nginx/1.19.7 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 11 Jan 2024 22:42:18 GMT
server: nginx/1.19.7

GET
H2

200

NTdmYWZiZWJkMjk3MTI0Mw
an.yandex.ru/mapuid/gonetisnew/ Frame FB21
Redirect Chain

https://sync.gonet-ads.com/match/yandex?id=[buyerUid]
https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw

43 B
80 B

233ms
233ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
x-frame-options: SAMEORIGIN
location: https://an.yandex.ru/mapuid/gonetisnew/NTdmYWZiZWJkMjk3MTI0Mw
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

69abffb7-1544-4ea1-bd60-eb0dbc5a53ec
an.yandex.ru/mapuid/upravelis/ Frame FB21
Redirect Chain

https://sync.upravel.com/yandex/sync
https://an.yandex.ru/mapuid/upravelis/69abffb7-1544-4ea1-bd60-eb0dbc5a53ec

43 B
80 B

355ms
354ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/upravelis/69abffb7-1544-4ea1-bd60-eb0dbc5a53ec

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

date: Thu, 11 Jan 2024 22:42:18 GMT
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://an.yandex.ru/mapuid/upravelis/69abffb7-1544-4ea1-bd60-eb0dbc5a53ec
access-control-allow-origin: *
content-type: image/png
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-credentials: false
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length: 0

GET
H2

200

aEe1%2FDROFJJPiSyFzk4I5w
an.yandex.ru/mapuid/dmpaidatame/ Frame FB21
Redirect Chain

https://x01.aidata.io/0.gif?pid=YANDEX
https://an.yandex.ru/mapuid/dmpaidatame/aEe1%2FDROFJJPiSyFzk4I5w?sign=942833232

43 B
80 B

331ms
330ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpaidatame/aEe1%2FDROFJJPiSyFzk4I5w?sign=942833232

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
last-modified: Thu, 11 Jan 2024 22:42:17 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
location: https://an.yandex.ru/mapuid/dmpaidatame/aEe1%2FDROFJJPiSyFzk4I5w?sign=942833232
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 11 Jan 2024 22:42:17 GMT

GET
H2

200

F1TL7vPZO2Qt
an.yandex.ru/mapuid/dmpsegmento/ Frame FB21
Redirect Chain

https://yandex-dmp-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/dmpsegmento/F1TL7vPZO2Qt?sign=1116141935

43 B
80 B

60ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/dmpsegmento/F1TL7vPZO2Qt?sign=1116141935

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/dmpsegmento/F1TL7vPZO2Qt?sign=1116141935
Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

F1TL7vPZO2Qt
an.yandex.ru/mapuid/rutargetis/ Frame FB21
Redirect Chain

https://yandex-sync.rutarget.ru/sync
https://an.yandex.ru/mapuid/rutargetis/F1TL7vPZO2Qt

43 B
80 B

61ms
60ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/rutargetis/F1TL7vPZO2Qt

Protocol

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:19 GMT

Redirect headers

Location: https://an.yandex.ru/mapuid/rutargetis/F1TL7vPZO2Qt
Date: Thu, 11 Jan 2024 22:42:19 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame BBAF 24 KB
7 KB 65ms
64ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Thu, 11 Jan 2024 22:42:18 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 11 Jan 2054 05:16:34 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame 2804 23 KB
6 KB 389ms
388ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=29795
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac11bb7b5d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:18 GMT
expires: Sat, 10 Feb 2024 22:42:18 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgfTTqAsPtwjyZHvzQo3w5fsKQT4Q7JCZWyixPtu0KAL4nNBySWaQuGVYcw9YL2yZfm%2B9KGibk45VJOs3j8TMYwgLihLozWd5G59bXLMugFEDGYRnKXKD%2B2Mb83d8RFpts6OUqD9%2FdyzgUKuaA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 70ms
70ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A1022923109%3Arqn%3A11%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-9)clc(0-0-0)rqnt(11)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 4250215 Show response
mc.yandex.ru/watch/ Frame 19F4 391 B
525 B 64ms
62ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4250215?wmode=7&page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1031927150230%3Ahid%3A1019879250%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A981239911%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936683%3Arqnl%3A1%3Ast%3A1705012939%3At%3A&t=clc(0-0-0)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e8de55465da05f45b3044f7c06a40d4bee9859dcad3f8c0b286db96ba58cb8ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 391
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1
mc.yandex.com/watch/86976169/ 43 B
74 B 68ms
68ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86976169/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_59b63a929da3b9b832f74b1a93646e86bee505e133f9d905de77e4808ddbb9d1&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A142751899570%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A177522072%3Arqn%3A2%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C9660%2C9661%2C3%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939&t=gdpr(14%2C14%2C14)mc(g-10)clc(0-0-0)rqnt(2)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1
mc.yandex.com/watch/90079539/ 43 B
74 B 72ms
72ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A503514371%3Arqn%3A12%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939&t=gdpr(14%2C14%2C14)mc(g-10-p-1)clc(0-0-0)rqnt(12)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1Ld2p1a90ba200000000U9nJF21sMY4yTqgU8QTWvBRaj-L_BK_cBKXb009Fc4Yei-jItLXR6GU6L4QWU2QduDNr8F5I4A_sAf1ePIm3afqWFX0mCSnaV1RF2cOlP7GAO06pLZ8MB8Oes0YYDZ03YRsCpwwACXm5ovnb18bSPGH9tcLaa65W-CiuYuc1OIuJI6GfK...
yandex.ru/an/rtbcount/ Frame CE53 43 B
401 B 61ms
61ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Ld2p1a90ba200000000U9nJF21sMY4yTqgU8QTWvBRaj-L_BK_cBKXb009Fc4Yei-jItLXR6GU6L4QWU2QduDNr8F5I4A_sAf1ePIm3afqWFX0mCSnaV1RF2cOlP7GAO06pLZ8MB8Oes0YYDZ03YRsCpwwACXm5ovnb18bSPGH9tcLaa65W-CiuYuc1OIuJI6GfKmEGlPQ91yWvo_GV2AuovGF5Np49x4sPby0foCZ0hLRcj9cFZU4l4yZ2LcQG0tgP5O7aL6QG4NEPcK3EO6PoL80uW_bEG-Gaj_R_TIUPOQ5m5QpoBfZyoUpWn0_n14lCeL2msrUmx3uYj865SGSBum4MffiGdp5yi7_8yc9dMeMD_mtxjomWponWvJp9Eik73onzWRLXGKD30zDDrXLYRSApoppylhA2VD31ri0oWUt0sZLjdrRDFfKtW-tAuU05R6StzPnwSU7AWXsCAzbWXXvWypZ1nlo8ZJSfqTMgEAV0e2B3Cj_y9HlC-fziV8igIcT6lR2Vo9wKqJ2DE_cT_InsDaj3CnCZemNiZ2lO6JUmDpKqyEnWvpd1Blw0VLBht1bFFiszKVk3dMS1nxFzeYiu3YqGtC3nuHZR3Wx6MnmOWVgKWu6XmRwN4-IvgPmWVo_WR61UmLcuWNCXqmbErWkSZ2yu6JzmClxWP5p01JGG0EWLkDK0?pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012938638167-7246129569712476434-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:18 GMT

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame CE53 0
51 B 213ms
213ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:18 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 62ms
61ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:18 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 4201533 Show response
mc.yandex.ru/watch/ Frame CE53 256 B
293 B 71ms
70ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4201533?wmode=7&page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A2%D0%B5%D1%85%D0%BD%D0%B8%D1%87%D0%B5%D1%81%D0%BA%D0%BE%D0%B5%20%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B8%D1%80%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1481390652817%3Ahid%3A606800857%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A816560345%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936981%3Arqnl%3A1%3Ast%3A1705012939%3At%3A&t=clc(0-0-0)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

947d9992578adf16ba646fec7951a1c6fd42cc5f67dd928b0eb92267b801f70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1
mc.yandex.com/watch/86976169/ 43 B
74 B 65ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86976169/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_59b63a929da3b9b832f74b1a93646e86bee505e133f9d905de77e4808ddbb9d1&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A142751899570%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A612161483%3Arqn%3A3%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939&t=gdpr(14%2C14%2C14)mc(g-10-p-2)clc(0-0-0)rqnt(3)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1
mc.yandex.com/watch/90079539/ 43 B
74 B 83ms
83ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A260385802%3Arqn%3A13%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939&t=gdpr(14%2C14%2C14)mc(g-10-p-3)clc(0-0-0)rqnt(13)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

POST
H2 200 1
mc.yandex.ru/watch/4250215/ Frame 19F4 43 B
0 74ms
73ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4250215/1?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012938_fd829570eced0274cbfb6ff1221a43d590171eb5ddaa220f575ad396a7311d2b&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1031927150230%3Ahid%3A1019879250%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A576329554%3Arqn%3A1%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C45%2C112%2C1%2C0%2C0%2C%2C6%2C0%2C798%2C798%2C0%2C165%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936683%3Arqnl%3A1%3Ast%3A1705012939&t=mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 4250215
mc.yandex.ru/watch/ Frame 19F4 43 B
0 74ms
74ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4250215?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%A3%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%BF%D0%BE%D1%82%D0%BE%D0%BA%D0%BE%D0%BC%20%D0%B4%D0%B0%D0%BD%D0%BD%D1%8B%D1%85&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012938_fd829570eced0274cbfb6ff1221a43d590171eb5ddaa220f575ad396a7311d2b&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1031927150230%3Ahid%3A1019879250%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A393810930%3Arqn%3A2%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936683%3Arqnl%3A1%3Ast%3A1705012939%3At%3A&t=mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 dreamstime_m_139955316.jpg
msk-reality.ru/images/ Frame 1E48 1 KB
2 KB 29ms
29ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://msk-reality.ru/images/dreamstime_m_139955316.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8827f6011a4b94623db59a5b2616c70acc9309a13d5a2011a2949ae98786b90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 143625
alt-svc: h3=":443"; ma=86400
content-length: 1280
last-modified: Thu, 28 Sep 2023 19:21:16 GMT
server: cloudflare
etag: "6515d22c-500"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Tmqq2DoGLon4ozj2XndOLioIHH76ysfz4m3Px7oJ8mspa%2B0R7zrpdzJH%2BMB413TZjWovCfbypUw5BcMShbVLwBg746mO9ibRfOHNoGI8MfDxpNoxcYmNC9mZ0mNShMvdly9vVvhKDX0cgzwtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8440ac12bd601e5a-FRA
expires: Fri, 09 Feb 2024 06:48:33 GMT

POST
H2 200 1
mc.yandex.ru/watch/4201533/ Frame CE53 43 B
0 70ms
70ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4201533/1?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012938_ecce775bf3478cf42cb10e259de1ca4194cbfd7be780d1d9bce706b91cd21626&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1481390652817%3Ahid%3A606800857%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A247960038%3Arqn%3A1%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C107%2C2%2C0%2C0%2C%2C4%2C0%2C581%2C581%2C0%2C114%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936981%3Arqnl%3A1%3Ast%3A1705012939&t=mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 4201533
mc.yandex.ru/watch/ Frame CE53 43 B
0 63ms
62ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/4201533?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Friastrela.ru%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012938_ecce775bf3478cf42cb10e259de1ca4194cbfd7be780d1d9bce706b91cd21626&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1481390652817%3Ahid%3A606800857%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A904681597%3Arqn%3A2%3Au%3A1705012939171676611%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012936981%3Arqnl%3A1%3Ast%3A1705012939%3At%3A&t=mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 2441870
mc.yandex.ru/watch/ Frame B212 43 B
72 B 70ms
70ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/2441870?page-url=https://modnica.info/&page-ref=https://yandex.ru/search/?text=%D0%B2%D0%B8%D1%82%D0%B0%D0%BC%D0%B8%D0%BD%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%BE%D1%82%D0%B5%D0%BD%D1%86%D0%B8%D0%B8&charset=utf-8&cnt-class=1&browser-info=pv:1:ar:1:gdpr:14:vf:h2b2laelw67j03cmy2kg:fu:0:en:utf-8:la:ru:v:802:cn:1:dp:1:ls:622185734219:hid:722644823:z:420:i:218340182722:et:31848660316:c:1:rn:722644823:rqn:4:u:9274967308997521000:w:555x652:s:1366x768x24:sk:1:cpf:1:eu:0:ns:622185734219:co:0:rqnl:1:st:622185734219:t:modnica.info&t=gdpr(14)mc(p-1-h-1)lt(61500)aw(1)rqnt(2)ti(2)

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H2 200 2441870 Show response
yandex.ru/ads/meta/ Frame B212 255 KB
61 KB 369ms
369ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/2441870?target-ref=https%3A%2F%2Fmodnica.info%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%B2%D0%B8%D1%82%D0%B0%D0%BC%D0%B8%D0%BD%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%BE%D1%82%D0%B5%D0%BD%D1%86%D0%B8%D0%B8&charset=utf-8&pcode-test-ids=909920%2C0%2C21%3B897722%2C0%2C87%3B911254%2C0%2C33%3B907878%2C0%2C42%3B911375%2C0%2C35%3B905123%2C0%2C88%3B901183%2C0%2C63%3B909817%2C0%2C23%3B913182%2C0%2C37%3B910552%2C0%2C2%3B910732%2C0%2C28%3B908466%2C0%2C28%3B882586%2C0%2C77%3B907884%2C0%2C62%3B892905%2C0%2C41%3B906702%2C0%2C74%3B910442%2C0%2C98%3B911316%2C0%2C86%3B910219%2C0%2C92%3B910505%2C0%2C25%3B914205%2C0%2C18%3B893897%2C0%2C10%3B912945%2C0%2C43%3B914601%2C0%2C62%3B916422%2C0%2C24%3B681842%2C0%2C66&pcode-flags-map=eJy1Wdty2zgS%2FRc9O1neL3kDSVDCmrcFQdtKyoXSJt6Mt2xny3FmZpPKv283AEqkJENxMpsHR6TVB0BfTp%2BGvy0uSC%2F7VXspSSErktFKli2XrJEZaRrKF2%2FefVv8vrn7crN4sxB8oIuzxdPN5yf2AZ6jyPeDePH9%2BmwH0%2FG2GHLRy7aRHRl6akWI3TTwNULBepJVVObt0AjJacE4zQXshHSdHcNzgsDb7gKWlPVQCcbbqgK0RuAHyuUlEfmKFlKwmsq2LHsq7Li%2B58S703Eq%2BBpP1VBx2fJzSTlv7f6JwyiI0y0CrJ6fg5PX7SBkX7Xwg72lMoMDF4Qz2tvB4sQNXAWGJ0CMjlN1yN1xL1hBW2l%2BP4NzHfg3w0v9NHZO4GVDWYLraN2JtaxYzfZBX4x40RFW%2FPU7LAf4%2FLOoDebqX7zTZzB%2FKT7HMf9%2FHvjZ6GOyLznJZEWbpVjNjKBYk6lZ4iROHGzNaKNIQHACpXLB%2BoFUmleQleiVoLyBN0Vvp4TE9SLnJ0DVi56UVJac1HbqUmtoeuAceaaHbwBhwYICybQjCAHYvUIlQ8FamXNKBLs4UepJ4HhuuN3%2BGCTRAgn1gnCBNFQyDgvlq6E5lyVh1QwxnEc8CbzY2wESITCm%2FUsQfRsgnBVYN68YBequ6BK8yZqylZcrphi9uaCwhE5%2B9M%2BJ04dOkkx4tykgCUmGLiAFIrEeXgy8wk1f0qw95c3YCXYsvKRwxqEXbS0vatJtvXtBqmEe8WivbpIo9KNdo6E5QOSC6KSpSVXZtxEnQRAcWitLecnESgrIxZdgjLGrBwF9DZxx2JLCmXnquU6kzHvwqjQtt8B0FeuOYtvv2kvKaVmyHIKZr2dgN3%2F%2BZw43K11SFGOldWQJLbYTDKpCFwKmmnJ3xZpz%2BxnTNDV9bmznDVXyZCweDL1tX6nrgCZQCF3eFvQXMZS0EepckHw9nGlmCN%2F003Bu6wXGzaOoMWIm77lt0TB1IcDKUJGwlmByaFjJIEqsATYpSU7tGIlnVAseGUIJWbKSVbtkuc0uchM%2F0mtDvQIV1DJbj8WHGQ7tIWOFFQKyy3Nn5wbPc8iFRhjxg02qhxjQRvZ7HH6wn9Q1qZ5jgbTNSAQleEEyRdBwLFJQ%2B6biJI109WMalKCzmqJaa4LHhN%2BXl3b77FyJNs3pmtAAA2o5a%2B0oaWCaBaJUFFIREGqrTZQEkXbnxG1LDqKkoP25aO37TqLA9af%2BU%2BQAlAwgE7wGZKgK%2BHIAzQ0tH7V3TqFErG6NXSeIw7H76UwTA29MeKAVQLTFirfDcmUt99h1R3auyNu1iqhUZTs1%2B7b4183T%2B9%2FqzePH24fFGzd0zhb3n%2F55e3fTv9%2Fc3T58XLzxvs9QQygDzXQ1UuQ%2FBjpQ6PWdzCpUARWbd6F3i%2FvN7d3rxy%2Bwt%2F9uHj7c%2FAmf%2F3Z7v%2Fl483n26uPmXr358PXmQX998%2Fvt0yf98f715OHDw615i8hbBHjxuPl69%2Bnrb%2BbXXx%2F1%2F18eN68fbv74fPCFf28%2B3d8q0%2BvjR2w0pdWUL%2FFnwYgUZNlb4%2Bd7nkkuVRYUYg%2FUmCvKthuGvuOZHiIgE0sCVKUZvxnqjFoZLg5d34hENRyq8Q57BcybNNcVCQKNAXecgIkdnX1AI8DrNRLcUlEOK0pyGN6Z55IwTA23zyp4WheiHfKVro6q7dUOdbPl9O9A5SeqA4ovSI6toGUnFGSGWdjBD3ij1BdrmDjSwA%2BQgyB058iTXSuKYktJeghOr6jKipa6EM4TnkBMFCqkKXaXBGautqfKEfQJbsWWKxC1K1r%2F6B6BaYzAwKgroW20pR0AmFRn7BpMoFZyne9Z1UIMgE5Bpgp6hBL4K%2FbKC6CdO8ErFyCnz97es7%2F3HKhn8soLYf6KPbCfpmDipJGrJULJrsCtpFMlrC8EhqVVdrlhEAYTbkNFy2osQHSLJgMrQOgGqQYoeyicFuYedmW38H3TTAzXAFPgFIU9jKj0xYQA%2BQr00wx2qCA1wsrEQvVwdeV0QhIkkRcmehcrwgsl7fQGeuAhQfKV1RooL4q2wmjZCQmJyDpr7qCRcZVSX3j6FofFF%2B8dpHLkHwHqhgx6JTCBsO9%2BZ7%2B7KKuR%2BvT4MV%2F9XZpie4i9sxQiFzh%2BdBb5KXRsP5xlYQJUns5AzfCW4zj4S7i%2B9tqkXnHiyCFudvWfhLEpDE7rFjMNyD2z8kwCiWHEVdmP2mgcbiTUtqwJTjZQIfZxxnWS9AQZqvEzx9uCVjUHHHq4IjKkx4qWQt8fEGimJxaLjFZu6MDR51jB9nOCjcl%2FwrgWSZPJZD6VOMB5wdzaD%2BJkaw29DHkDA8OK2bLvXCd0nOvnTV%2Bc%2B0dXVve8%2B7eesLaTxmdpGp65DoTjDJ99eA7Up%2FCZXe14D%2FSx6t5IRaoJWoc8xwnDo0IAIpyPHLei6pynemnqQHTcadKP9x5tBzviIoN5gUjsYVcniup6ButFqYZFCOU1nAl7RQC1Yl71ara3zd3dfG8%2BzBJ6GFBzGDqMUxDF0EJhzNNZYD9d7BqZrr6s2g0OiMhj5rJ%2FSQ9SyY%2FAzknnB4IJ1dkiqS6uBnRkcrzBFOA6LCYoZMXP%2BwP3wc7SdDKpcyDFrazSgTjBOGkce0dudfpzBsMClPF51wJlWzFS1%2FXCvbudtjNduUe4mTnov57ueTeJk%2BftCcxRPbXfL00wSNEX5weM4IL03runUG%2Bm9I%2B6yO7s0PV%2BRDBuLxWVmmcVE2vZZj3le9Lk%2FdNeorpuMsVvB9ELCEKtUM1thn3GwARz46MYW%2FvtrZ8eV%2FX3sKFWVMw26OHl%2BUvBa3I1Vlevy3MGeRxuwmHqT1ikU8XVLPXdIN71cZYfVEPwei%2BmvmvE7jiazV1IKqM%2BYJ1JbOAbRNDlGsgprwboKzUne4ywHypoE6F3LBUM%2FY2VdOqazdcgK2j2eANhRpcVNFU1IdjTBWgtmnJu8RbvNMbj4bbURc3YtdWr3gaZJCAyfwBy1XL2FjTvS0H3fTUvdfth48TcDo7leskKSA3wF%2BbJCe3gpWZifuYaq4RBgIOesW8his3wb%2B4mWaN4fz%2BzTKnzbV6dyKTxD7hG82UtVy3XriuQv4xWxPVHp4yljUcr2nyo8fpxm9%2Fjzk5kpeem02NqF%2F3qKcPJncVeB7VbBt7EsqAVWUOhqDu2fa6a6yPobcfNDD93bc8OGOX24fZp8QwO3tAULcpp%2B4ZhaAp3Fmto5%2FTqmOGB44PIcXc394c9LAo8b26h3ny%2F%2Fv4%2FkfGKuA%3D%3D&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62&pcode-icookie=NlH1UKiSThJAFN8BkeRDSrmU7ZRPKsVNDo4abyjya%2B8EpIzatMEpdC%2F5LMqQCZsp1xoGIs4mXgynxc7CbW70P%2BDxx6U%3D&imp-id=1&partner-stat-id=111&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=531064116216834&ad-session-id=9151181705012936924&target-id=78444577&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fmodnica.info&top-ancestor-undetermined=0&pcode-version=916422&pcodever=916422&flash-ver=0&layout-config=%7B%22win_width%22%3A650%2C%22win_height%22%3A400%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A650%2C%22h%22%3A400%2C%22width%22%3A0%2C%22height%22%3A400%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B1871141635490%5D

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1b967296d80ecf7aef45e65c091e3e4a30dbd425bcbb61fa11a8f499b96e8ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1705012938793419-1192783667833038858-balancer-l7leveler-kubr-yp-vla-109-BAL-4100
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:18 GMT

GET
H3 200 RTBs5.html Show response
borzjournal.ru/vhook/v7/rtb2/ Frame 5AE3 23 KB
6 KB 127ms
127ms Document
text/html 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=14192
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac137cb05d3d-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:18 GMT
expires: Sat, 10 Feb 2024 22:42:18 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtTRGtVVJ28yIK2CPXknDM3tUzd582237vEXALyPmMVM%2FnAEX7FHzqQe7B4YzzX1ZkmRKb0I3sT%2B4PxZ2%2Fw%2Fyz4XcZAIXNTIMs0%2BofP5QnsgiAD4HLdgWwmLcjdEzg4KNx4OimvGkROAMXo%2BIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 66ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234218%3Aet%3A1705012939%3Ac%3A1%3Arn%3A878843020%3Arqn%3A14%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-10-p-4)clc(0-0-0)rqnt(14)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:18 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:18 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:18 GMT

GET
H3 200 context2.js
borzjournal.ru/vhook/v7/rtb2/temp/ Frame A5EF 651 KB
0 202ms
202ms Script
application/javascript 2606:4700:3034::6815:393c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123
Requested by: Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:393c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 20:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1185996
etag: W/"6564f63a-baaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Oq0ggN%2BcIUEFxbfOrOchFqXbF%2BhlhvE9LQBFP5K7k1u8ACFuk8VFV3ze77NzqphMXrQ7JMe9W6omtpJ2WoMYUnWNKJSmn82W9pn23QV%2B6ZHaTnhJInCFm5TAn89la8%2FNLTa4dBrBTi3VG6ypw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac13bce75d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 28 Jan 2024 05:15:42 GMT

GET text2.txt
borzjournal.ru/vhook/v7/rtb2/ Frame A5EF 0
0

GET context2.js
borzjournal.ru/vhook/v7/rtb2/temp/ Frame 8B06 0
0

GET text2.txt
borzjournal.ru/vhook/v7/rtb2/ Frame 8B06 0
0

GET context2.js
borzjournal.ru/vhook/v7/rtb2/temp/ Frame 2804 0
0

GET text2.txt
borzjournal.ru/vhook/v7/rtb2/ Frame 2804 0
0

GET context2.js
borzjournal.ru/vhook/v7/rtb2/temp/ Frame 5AE3 0
0

GET
H2 200 4318252
mc.yandex.ru/watch/ Frame 5AE3 43 B
168 B 588ms
588ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/4318252?page-url=https://darunok.ru/&page-ref=https://yandex.ru/search/?text=%D0%A1%D1%82%D1%80%D0%B0%D1%85%D0%BE%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&charset=utf-8&cnt-class=1&browser-info=pv:1:ar:1:gdpr:14:vf:h2b2laelw67j03cmy2kg:fu:0:en:utf-8:la:ru:v:802:cn:1:dp:1:ls:507217319094:hid:345867754:z:420:i:218340182722:et:44303865563:c:1:rn:345867754:rqn:4:u:7369921283270213000:w:555x652:s:1366x768x24:sk:1:cpf:1:eu:0:ns:507217319094:co:0:rqnl:1:st:507217319094:t:darunok.ru&t=gdpr(14)mc(p-1-h-1)lt(61500)aw(1)rqnt(2)ti(2)

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET
H2 200 RTBs5.html Show response
data.ufcplayer.ru/vhook/v7/rtb2/ Frame B95D 23 KB
6 KB 178ms
178ms Document
text/html 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ufcplayer.ru/vhook/v7/rtb2/RTBs5.html?domian=forum.awd.ru&id=4510786&pl=1&statId=111&_t=83075
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb/get_content.js?t=1411042141207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2592000
cf-cache-status: DYNAMIC
cf-ray: 8440ac155fd80e2e-AMS
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 11 Jan 2024 22:42:19 GMT
expires: Sat, 10 Feb 2024 22:42:19 GMT
last-modified: Tue, 28 Nov 2023 10:22:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z3c5I4YlYVJMFyge%2Bv5LGxXv2h1OqFb5sETPF4rPJshYOzgJ2%2FVxaziXbyPRT9n%2Bz8AbJJD5DzI4uErqk6NhhNDEZcL1GZFJoTOWijHLWhoeE6L0XuKiyUhKKsMglu4e81D4H9DEWhEXZyGlYI30A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 554ms
554ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012939%3Ac%3A1%3Arn%3A236949355%3Arqn%3A15%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-11-p-4)clc(0-0-0)rqnt(15)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET RTBs5.html
borzjournal.ru/vhook/v7/rtb2/ Frame 319F 0
0

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 313ms
313ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012939%3Ac%3A1%3Arn%3A545527652%3Arqn%3A16%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012939%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-12-p-4)clc(0-0-0)rqnt(16)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 527ms
526ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame B212 0
123 B 60ms
59ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:20 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ Frame B212 157 KB
56 KB 124ms
124ms Script
application/javascript 87.250.251.119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

mc.yandex.ru

Software

Resource Hash

fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
Origin: https://borzjournal.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Thu, 11 Jan 2024 23:42:19 GMT

GET
H/1.1 200
Ok samaragruz.ru
favicon.yandex.net/favicon/ Frame B212 640 B
853 B 328ms
328ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/samaragruz.ru?size=32&stub=2

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

65361756fbeeb484699e581dce37c9174737dc4f6cc3e9f976dbd44693ee40d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 x180
avatars.mds.yandex.net/get-direct/5391252/Db_7e2596WUnhyugaNmMQA/ Frame B212 5 KB
6 KB 141ms
140ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5391252/Db_7e2596WUnhyugaNmMQA/x180
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: af350de2513e7d494cd6b0bde4e7f1e8df9040376fe70c8f6741906f8aba78a8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
last-modified: Tue, 30 Aug 2022 09:34:34 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 5580
x-request-id: f6e982ad657ecd74

GET
H/1.1 200
Ok storage.cargo-avto.ru
favicon.yandex.net/favicon/ Frame B212 517 B
730 B 55ms
55ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/storage.cargo-avto.ru?size=32&stub=2

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

f2835312483462d9c07208579dea1260f6662156c4b4640172778daa7e6c4a3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 y180
avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/ Frame B212 13 KB
14 KB 141ms
140ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4422678/GwGkE56dFQIhip1sjSKdzw/y180
Requested by: Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 053d184910cfc0faa536fd5fa16049187b4d86b4fe960cbace8f20a9c4d9824d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
last-modified: Wed, 20 Sep 2023 20:44:02 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 13520
x-request-id: 4a627a531b2c1ae2

GET
H/1.1 200
Ok bizibar.ru
favicon.yandex.net/favicon/ Frame B212 1003 B
1 KB 60ms
60ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/bizibar.ru?size=32&stub=2

Requested by

Host: yastatic.net
URL: https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

41eb6fb84ab83ed2c2a4a5f30c58dd683473013041d3a2dccf549a87c4a7f35f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 wy300
avatars.mds.yandex.net/get-direct/4303925/c7Kq9yBLl1bnHgAeH5VB5g/ Frame B212 29 KB
29 KB 156ms
155ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/4303925/c7Kq9yBLl1bnHgAeH5VB5g/wy300
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9555d4fbd401c8314068df48298ca66518c12a4c09e7711dbeb8d5f4ffd8a2da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
last-modified: Wed, 10 Aug 2022 12:39:24 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 29200
x-request-id: bbf73724e5a6b35a

GET
H2 200 x180
avatars.mds.yandex.net/get-direct/5426325/hnI44DW8p5GEAU3tXkFNFw/ Frame B212 6 KB
6 KB 629ms
628ms Image
image/webp 2a02:6b8::184
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.mds.yandex.net/get-direct/5426325/hnI44DW8p5GEAU3tXkFNFw/x180
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6b8::184 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2ae4fe0e9ec53c27a426f57d9f628c4b9176177c2ec20f10bef65d52a5fe4724

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
last-modified: Tue, 01 Aug 2023 11:04:17 GMT
server: nginx
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=VLA"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
access-control-allow-credentials: true
content-length: 6052
x-request-id: cbbd9872e0485d96

GET
H/1.1 200
Ok easy-lunch.ru
favicon.yandex.net/favicon/ Frame B212 600 B
813 B 59ms
59ms Image
image/png 2a02:6b8::36
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://favicon.yandex.net/favicon/easy-lunch.ru?size=32&stub=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::36 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

011bbb6a47f69fc68578cc2e2533f0170be4a82139b27206bbcc9c4f9a696d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-origin: *
Cache-Control: max-age=691200
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Content-Type: image/png

GET
H2 200 render.html Show response
yastatic.net/safeframe-bundles/0.83/1-1-0/ Frame 9A48 24 KB
7 KB 64ms
64ms Document
text/html 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html

Requested by

Host: yastatic.net
URL: https://yastatic.net/safeframe-bundles/0.83/host.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, max-age=946708560
content-encoding: br
content-length: 6262
content-type: text/html
date: Thu, 11 Jan 2024 22:42:19 GMT
etag: "eb77de48712912aadc9aa8171ac75ede"
expires: Sun, 11 Jan 2054 05:16:34 GMT
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
server: nginx/1.17.9
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
vary: Accept-Encoding
x-robots-tag: noindex, noarchive, nofollow

OPTIONS
H2 200 event_confirmation
an.yandex.ru/ Frame 0
0 387ms
387ms Preflight 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://borzjournal.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://borzjournal.ru
access-control-max-age: 1728000
content-encoding: gzip
date: Thu, 11 Jan 2024 22:42:19 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-xss-protection: 1; mode=block

POST
H2 200 event_confirmation Show response
an.yandex.ru/ Frame B212 0
51 B 117ms
117ms XHR
text/plain 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/event_confirmation

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 22:42:20 GMT

POST
H2 200 1KtYgpt_0L4200000000U9nJF21sMY4yTqgU8QVWpb-7tfR_jJoLjo2L0GWyOIAX2vYT96Bxd5GPKXc1ufcSWfaVGUAb85xjLI3HobW693j1V21WOfZ9kDKLmbd8UEmJH7GbetaCXBKH9BM16KZiPTmLnSjm52npbX4aSfKH97cNaK66WU4luomc1eQvJ22HfKmDG...
yandex.ru/an/rtbcount/ Frame B212 43 B
381 B 60ms
60ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1KtYgpt_0L4200000000U9nJF21sMY4yTqgU8QVWpb-7tfR_jJoLjo2L0GWyOIAX2vYT96Bxd5GPKXc1ufcSWfaVGUAb85xjLI3HobW693j1V21WOfZ9kDKLmbd8UEmJH7GbetaCXBKH9BM16KZiPTmLnSjm52npbX4aSfKH97cNaK66WU4luomc1eQvJ22HfKmDGFPQ9XuWvopJVo2uofGF57_59D0WQPhAASZ8aForrsap7nl3NoOMa9EOMO5aBxCYa9pA339YBZCJo1dCJ8uA46Smtsc8dEJM_h_k93Ci5Aw2LTu5ap-P7Ppu8PvW4Imo1Fjd1SkHpImRM1Xti30UO66woGBnq0VxXomlTgPLsFZVi7_B0lBC0bREawopVFZ0qZTPLuYr2Syky_3xoWfoUGTR0yi4jWDhrxHzMZNxLDuCjYk7WnUmdTtKS-h5XIiBTZ2kP8CPTe3DumGRyoCstgH4LokJN3_pYWpBVFENR31hVxBzA-wRdyx-t7uYUr96mpJkv7VsizZPB0tDJ8oC5h0phc1dtC3UrD30iuETvmIx-0FsIQrpPppvDFT6xGzsdWKSMxjPLt0SUygyWMFx3iOT78otE302yoa70qE3VIydo5DJEK7-NS3PmBo2it03vqAc4voi5pWPNt0oVk1a_C79k80BQ2007Asqhm00?pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=modnica.info&id=2441870&pl=1&statId=111&_t=46135

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012939632615-9235728375225118332-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:19 GMT

GET
H2 200 2441870 Show response
mc.yandex.ru/watch/ Frame B212 256 B
335 B 202ms
201ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2441870?wmode=7&page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%B2%D0%B8%D1%82%D0%B0%D0%BC%D0%B8%D0%BD%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%BE%D1%82%D0%B5%D0%BD%D1%86%D0%B8%D0%B8&nohit=1&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A0%3Als%3A1185488909178%3Ahid%3A835880056%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A882236200%3Au%3A1705012940669738872%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012937281%3Arqnl%3A1%3Ast%3A1705012940%3At%3A&t=clc(0-0-0)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3830d50c10dbb840b9479931d9d9929dadf6257ae21b378ad10c546c888d5ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 256
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

POST
H2 200 1
mc.yandex.com/watch/86976169/ 43 B
74 B 196ms
196ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/86976169/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_59b63a929da3b9b832f74b1a93646e86bee505e133f9d905de77e4808ddbb9d1&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A142751899570%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A935136386%3Arqn%3A4%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012940&t=gdpr(14%2C14%2C14)mc(g-13-p-4)clc(0-0-0)rqnt(4)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

POST
H2 200 1
mc.yandex.com/watch/90079539/ 43 B
74 B 198ms
198ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539/1?page-url=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A224968199%3Arqn%3A17%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012940&t=gdpr(14%2C14%2C14)mc(g-13-p-5)clc(0-0-0)rqnt(17)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1&site-info=%7B%22__ym%22%3A%7B%22adSessionID%22%3A%229151181705012936924%22%7D%7D

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET RTBs5.html
borzjournal.ru/vhook/v7/rtb2/ Frame 5E73 0
0

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
74 B 185ms
185ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A432463756%3Arqn%3A18%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012940%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-13-p-6)clc(0-0-0)rqnt(18)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET
H/1.1 200
OK seg-7-v1-a1.ts Show response
static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/ Frame AB50 265 KB
265 KB 35ms
35ms XHR
video/mp2t 195.191.235.32
ROZETKA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.filmskino.site/hls/trailers/arJIA_8cyT0.mp4/seg-7-v1-a1.ts
Requested by: Host: user91471.clients-cdnnow.ru
URL: https://user91471.clients-cdnnow.ru/vp_dist/hls.js?v2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.191.235.32 Warsaw, Poland, ASN208566 (ROZETKA-AS, PL),
Reverse DNS: unallocated.giveme.network
Software: nginx /
Resource Hash: 12160671828c9ef8056597504b515260e96d0a4672fe9d995cecd3e655f46255

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://videotoday.site/mp_dist/td/trhls.html?v5891608759
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 22:42:19 GMT
Last-Modified: Sun, 19 Nov 2000 08:52:00 GMT
Server: nginx
ETag: "3a1794b0-422f8"
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Server,range,Content-Length,Content-Range
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 271096
Expires: Sat, 20 Apr 2024 22:42:19 GMT

POST
H2 200 1
mc.yandex.ru/watch/2441870/ Frame B212 43 B
0 65ms
65ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2441870/1?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012939_3d2a65b3f155e593e354307db396398e64dcb68157c227fea17af2c887fe6167&browser-info=pa%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1185488909178%3Ahid%3A835880056%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A220342241%3Arqn%3A1%3Au%3A1705012940669738872%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Ads%3A0%2C0%2C191%2C66%2C0%2C0%2C%2C1%2C0%2C847%2C847%2C0%2C259%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012937281%3Arqnl%3A1%3Ast%3A1705012940&t=mc(p-1-h-1)clc(0-0-0)rqnt(1)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET
H2 200 2441870
mc.yandex.ru/watch/ Frame B212 43 B
0 126ms
126ms Fetch
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/2441870?page-url=https%3A%2F%2Fborzjournal.ru%2Fvhook%2Fv7%2Frtb2%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%B2%D0%B8%D1%82%D0%B0%D0%BC%D0%B8%D0%BD%D1%8B%20%D0%B4%D0%BB%D1%8F%20%D0%BF%D0%BE%D1%82%D0%B5%D0%BD%D1%86%D0%B8%D0%B8&charset=utf-8&cnt-class=1&uah=chm%0A%3F0&hittoken=1705012939_3d2a65b3f155e593e354307db396398e64dcb68157c227fea17af2c887fe6167&browser-info=pv%3A1%3Aar%3A1%3Avf%3A6xnlnf9l49q2dxhnxcbm1hnf%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A1%3Adp%3A1%3Als%3A1185488909178%3Ahid%3A835880056%3Aphid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A621624122%3Arqn%3A2%3Au%3A1705012940669738872%3Aw%3A650x400%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1705012937281%3Arqnl%3A1%3Ast%3A1705012940%3At%3A&t=mc(p-1-h-1)clc(0-0-0)rqnt(2)aw(1)rcm(1)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:19 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:19 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:19 GMT

GET
H2 200 bundle.js Show response
yastatic.net/q/set/s/rsya-tag-users/ Frame FB21 102 KB
35 KB 78ms
78ms Script
application/x-javascript 178.154.131.216
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Requested by

Host: 11jan.newdeaf.co
URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.154.131.216 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

static.yandex.net

Software

nginx/1.17.9 /

Resource Hash

6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/safeframe-bundles/0.83/1-1-0/render.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:19 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
last-modified: Tue, 18 Jul 2023 19:47:42 GMT
server: nginx/1.17.9
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
etag: W/"fad15dadf56fc1d71be6b240cc30b915"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: 1c2914e95e382517
timing-allow-origin: *
expires: Sun, 14 Jan 2024 10:41:55 GMT

GET RTBfc.html
borzjournal.ru/vhook/v7/rtb2/ Frame A42C 0
0

POST
H2 200 90079539
mc.yandex.com/watch/ 43 B
146 B 65ms
65ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234219%3Aet%3A1705012940%3Ac%3A1%3Arn%3A809934158%3Arqn%3A19%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012940%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-14-p-6)clc(0-0-0)rqnt(19)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 22:42:20 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 11-Jan-2024 22:42:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://11jan.newdeaf.co
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 11-Jan-2024 22:42:20 GMT

GET
H2 200 watch.js
mc.yandex.ru/metrika/ Frame FB21 39 KB
0 415ms
415ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Wed, 27 Dec 2023 07:32:12 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "658bd2fc-dd84"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 56708
expires: Thu, 11 Jan 2024 23:42:20 GMT

GET
H2 200 data Show response
yandex.ru/set/s/rsya-tag-users/ Frame FB21 362 B
764 B 75ms
75ms Fetch
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/set/s/rsya-tag-users/data?

Requested by

Host: yastatic.net
URL: https://yastatic.net/q/set/s/rsya-tag-users/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://yastatic.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012940088241-13137133938505478155-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://yastatic.net
cache-control: public,max-age=300
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

POST
H2 200 1Ri8iwpz0L4200000000U9nJF21sMY4yTqgU8QVWsTp8j-L_BK_cBKXb009Fc4ZeKNNbajZqMmuCgOn0yKnEGSrKa7WfY5Tx5KYqCfO1oKuG7mYO66Oo7Ze2uInaZ7E3i5OoVg-6o6y42MnW1X9x6RjkSJ4S1SkSPGG9NmMJTnaPP1WO_ZBEOc9WcCi44bdAr01ah...
yandex.ru/an/rtbcount/ Frame 19F4 43 B
417 B 60ms
60ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1Ri8iwpz0L4200000000U9nJF21sMY4yTqgU8QVWsTp8j-L_BK_cBKXb009Fc4ZeKNNbajZqMmuCgOn0yKnEGSrKa7WfY5Tx5KYqCfO1oKuG7mYO66Oo7Ze2uInaZ7E3i5OoVg-6o6y42MnW1X9x6RjkSJ4S1SkSPGG9NmMJTnaPP1WO_ZBEOc9WcCi44bdAr01ahsNY0NBEClq7WgjC-K3nLqm2hmwkrEKKP6JWcbpij9cFZU4l4ml8ISoiGBANMH58JcK66J6NcGda36OcHmM8CvZlD4HEScl_NtUI6HOALy4gxuB9dymEJlmGJx0q6eM1VR62vL0d-mOMnXqiZ0TOc6woG3pqmVuXoukTQHKs_ZVitxA0FBE0bVCawomVFh3qJTOLOct2iyiy_BwoWbpUmTR0Ce7jmDerRPzMpJwLDuFjok7W1MndD_MSUd7Xoe8TZ2lPO8OTOFCumSRyY8qtAT7LogNKtA0YmpBV_2KRpDgVR4hg_0hFiv_RJsHFocYOnftypduMEvkbePc9aT42TiOLx8mRs9iQ6dXsiFESO1T_m3wfTUwC9v_ctgZzmSwpW0FebnKSztfODt1y_ywuWuFn5WT6O3xbO61eiE_b17bgAYV8lmiu6vXNS1Pku5p8T8AJzG8dumjEnW-SZ3yu6HTm0Gq402RHjZS0?confirmTime=2108000&confirmRatio=1000000&test-tag=531064116216834&actual-format=14&rnd=9014936411512&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92&banner-sizes=eyI3MjA1NzYwNjU4MDcwOTQxNiI6IjE1OHg0MDAiLCI3MjA1NzYwNjcwNjE4NTYyMCI6IjE1OHg0MDAiLCI3MjA1NzYwNDYxNzc4NDI3MyI6IjE1OHg0MDAiLCI3MjA1NzYwOTA5OTM0NDc1NCI6IjE1OHg0MDAifQ%3D%3D&width=650&height=400

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012940213970-4985200609505754200-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:20 GMT

GET
H2 200 context2.js Show response
data.ufcplayer.ru/vhook/v7/rtb2/temp/ Frame B95D 747 KB
119 KB 30ms
30ms Script
application/javascript 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b43d5dbba83d7fc5d50b91f3937a7da0cce2e8d21ea9a696544be5aa1a5f2561

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 27 Nov 2023 20:04:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1253698
etag: W/"6564f63a-baaf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m8jqGuG%2FAMH%2FaVzdDmExNWuWnmaFmcnfWYgrlzNx79erDBWqt0jFZk6rJiD%2BuELqbmg5Ky1sWJ2dxvvWKmo%2FyGADzblQT51eXyVJjVBoPpmQ5s6hwlP2I5TcZsDEIwANGfi%2BX70JEQG%2FAtojSfrjEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac1c3f490e2e-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 27 Jan 2024 10:27:22 GMT

GET
H2 200 text2.txt Show response
data.ufcplayer.ru/vhook/v7/rtb2/ Frame B95D 368 KB
105 KB 179ms
179ms Fetch
text/plain 2606:4700:3038::6815:e9f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ufcplayer.ru/vhook/v7/rtb2/text2.txt
Requested by: Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:e9f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79fe66f078bae968ef7252bf3e67190379facc5af796ddcbdca789eff5ce5476

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 11 Jan 2024 22:42:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65a06eba-5be65"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BiS%2BHPXpvSYJWiYhx1iNSByMEm4%2BpTmv9UN8%2ByAWjEGzSXE44JX63Kk%2F9Iqxo1hXKAAOjtXEzNtwyAvQIiaT24yJTQsz2KTZ5Zs8EE9kldFf56TgOSg8HmEfEijwNsYwuIui9M7FKrFlxJuQqR2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: max-age=2592000
cf-ray: 8440ac1c5f560e2e-AMS
alt-svc: h3=":443"; ma=86400
expires: Sat, 10 Feb 2024 22:42:20 GMT

GET RTBs5.html
borzjournal.ru/vhook/v7/rtb2/ Frame E0C3 0
0

POST 90079539
mc.yandex.com/watch/ 0
0

POST
H2 200 WRiejI_zOoVX2LbG0MqD02CNMHv4emTH1i7aTxpUS8VhTx8wZbvdhv2JhQ3hs1pTVp3x3uqb3A3ZL94QJMUCu9GkeU19GGMQmS4kEtmXwE1rOGJmPhlKsZJ-A9koNK-VKoGIIDOQIDQadoGWweqCDdyKY05XijQrHUFQW6syIgLIgRJ0OijcHuKYRODTHlP2C1lTl...
yandex.ru/an/count/ Frame 19F4 43 B
277 B 65ms
65ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/count/WRiejI_zOoVX2LbG0MqD02CNMHv4emTH1i7aTxpUS8VhTx8wZbvdhv2JhQ3hs1pTVp3x3uqb3A3ZL94QJMUCu9GkeU19GGMQmS4kEtmXwE1rOGJmPhlKsZJ-A9koNK-VKoGIIDOQIDQadoGWweqCDdyKY05XijQrHUFQW6syIgLIgRJ0OijcHuKYRODTHlP2C1lTlubj4ScsLanX3cO2E8WdRE1g69zrWTDgs7qDcKcpVT9ecpJP38tUgqn9McC0OHz0TZ40VGi6ityRZqd9PLsHqeL1wx_8UJ7BOcm3st61MxJ7LUO8TOO6Pi9YPyXDcKPbqy8GdwGh2aeVm8IwMqGHWqoP9vJPqZBP6HuKifw2JkkwZeqHqp3c11wbOBysGgGmMMWOSGMjhiDulzYuee4LWG0c564HnSX9eW7SrFEBpU-ohBdxtpW2MTVrB9OsNx0Qd299Dz8LxaXR00bT0WtdwImJgagVTI_Iiq3vsJpio3XYW8vI5lmZcspvDce_i2E1Xu_xsWe7igl3Q76AJwGsgFh7-xU6xAY5Kuyw8TOjzEa05-bxI-8TID5mLpAOy_fs7rPrEuCNRQsrDm00~2=WNKejI_zOoVX2Ldx03qB06DKJZ8Wm1-wVY2y89XybnKlPljZ8nUidKRwQwSimWvvgU-CeS_dScVFzZjttd3dgsnQ6EAJT4L1wGEOK7UBA6BGSQJGnFYOLcHHZ4vdQ-y-xDxSfBwiTBHQEZkcS8e5QATmL0hGJhrw5A2TUb4Le9rwyIX0E_MQAa1xdyCvNnDHW4Wpy2BSoUbUhxB8I8Yo1ySrg4z9kzap426gmm1Sv_CD4m_XZkz-rWNkYPQMbfPMLm1V6S0G8DJEREch2cKFxeAC8JU_sBYYWHM102R0T9TbJUwVmlZ52KJj-64lf0ZN1r_uqlxlXI_jzpA05VArzP75dmrWYrdEmVnwffTUUfSwt2Az-ph2x-xDjExBT1SYPa_stIP7B3y6iPtonD5_FO2BiaU1YxABlTPdZUTuKFcilu9yyy7qiezGg24F_52Auw-LICLIfzRGk6r1pLvuuMdaSx24jKHxXuTkowXakp-nVKpPQAqH~2=WOSejI_zOoVX2La10SqB00CML38Wm1-wVY2y89XybnKlPljZ8nUidKRwQwSimWvvgU-CeS_dScVFzZjttd3dgsnQ6EAJT4L1wGEOK7UBA6BGSGJw8Mdb25MNGQ_EbeBj4o-0MzxAJJfQBPqTKpZ50hHJE2e5QATUFGhGJhse2j1ElNWKe9rwJHMWlS_XdA-99OnXMRh4EChfLb0aBFuGRdxmUW_SoG1OwPmWE3lAjcf0ChijhBCkS1NS7iKruYTQMbfQMbq846fdjlHLXJADXdME8JU_sBYYWHM102R0T9TbJUuI2P8lHc2mwuUzs1JZ1qzGI_lV2MfftxjpXUvhFtWz_cm69yooFpE_zDBBNEvCmUualMk8GhAbjxwES0lBctsRBtklAszddko3DFNO_LW7o1OIxByVhB5bSVsMrdMTS8qjY-krNa-K73_vR0D_LcXUzqcSkAYuVOn9n6XV90Jv0mtyq8lZfvL8VLH3VK1C9Iru3fkSWCPoo7KAN1ze4HVfvvJgIJW5~2=WM0ejI_zOoVX2Ldl09KA0BCIHp8Wm1-wVY2y89XybnKlPljZ8nUidKRwQwSimWvvgU-CeS_dScVFzZjttd3dgsnQ6EAJT4L1wGEOK7UBA6BGSVJZBMN7S5mF95wThISNoXboIVwmCgMZDV54IqjBIqlhFeTplYpscAXLZN500Ub4PupHw-OhNkiwwmAdrR0xe6DtlKP7W50xiwMlQ0fRfwWOSlEBZIiQM148O09CTrdMv2x7ldpnjzF-i01An1ySyoJ9_yOyIVAz1NJn-DeFQrn-DW0wPjcVcLzwwMqkTnaQp24lYqNllewmIz6RcMA-l27F2jQJlPQFCK8_9g0mS3BFVoceGfW6wBUqhkjzLGZLmBpMWu4T3-5yrdlTTobYbQQO5ILBuX4JYn2P4LG14FnQXpE-DTm-cSKoXnqqA5Mppz5LWT8fsEzU0UMzrV9Yc0vFK2Np1B4E-G4t_p6bLMHN~2=WNCejI_zOoVX2Ldm02qB08FKJJ8Wm1-wVY2y89XybnKlPljZ8nUidKRwQwSimWvvgU-CeS_dScVFzZjttd3dgsnQ6EAJT4L1wGEOK7UBA6BGSVHMHRfJN3kmISewsoIsmZGn8M59AnsjYITQMbfQMbhtEPppfG5tYEH3UC87h_V0zJwmKPhCp5vFJJTx1PujFmKuoT4QEQB0ZYyhNMTTuBGQTbhNzLslqH4WrCviwIkQmZOhF2M6tDInTqnwLDmN6rSqi28Gm0IOxhAioLqo-VlY2blW7tOoMVdW2Kj-_E-49J--5uJYtzVk707yMGj8c6L_PdxffJTckSlGO0veFVRetTSHTYbwirVqPO-rep7FaxrS7roS7nj0n0SVc_yUSJcvWkYtjAxhZLnEhY1whVVkJy9iFkkzxibgJO98-M3oidV4RBInT9O73VoPXpF-i743VLhT9loRvJf1XGjwhy34t7e1Ot2lM84P8m843lnZ2dp8hW00~2?stat-id=1&test-tag=531064116281409&banner-sizes=eyI3MjA1NzYwNjU4MDcwOTQxNiI6IjE1OHg0MDAiLCI3MjA1NzYwNjcwNjE4NTYyMCI6IjE1OHg0MDAiLCI3MjA1NzYwNDYxNzc4NDI3MyI6IjE1OHg0MDAiLCI3MjA1NzYwOTA5OTM0NDc1NCI6IjE1OHg0MDAifQ%3D%3D&actual-format=14&pcodever=916422&banner-test-tags=eyI3MjA1NzYwNjU4MDcwOTQxNiI6IjI4MTQ3NDk3Njg5OTEyMSIsIjcyMDU3NjA2NzA2MTg1NjIwIjoiMjgxNDc0OTc2ODk5MDkwIiwiNzIwNTc2MDQ2MTc3ODQyNzMiOiI3MTI3MjMiLCI3MjA1NzYwOTA5OTM0NDc1NCI6IjI4MTQ3NDk3Njg5OTA5MiJ9&constructor-rendered-assets=eyI3MjA1NzYwNjU4MDcwOTQxNiI6MjAxLCI3MjA1NzYwNjcwNjE4NTYyMCI6MTA0ODc3NywiNzIwNTc2MDQ2MTc3ODQyNzMiOjEwNTA2OTcsIjcyMDU3NjA5MDk5MzQ0NzU0IjoyMDF9&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92&width=650&height=400&confirmTime=2108000&confirmRatio=1000000&wmode=0

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=rcm62.com&id=4250215&pl=1&statId=111&_t=2910

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012940414428-18104832437043738059-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:20 GMT

GET RTBs5.html
borzjournal.ru/vhook/v7/rtb2/ Frame 78A3 0
0

POST 90079539
mc.yandex.com/watch/ 0
0

GET
H2 200 0d452bb36fbd52d71853.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B95D 14 KB
5 KB 56ms
56ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/0d452bb36fbd52d71853.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a0935a5cceb67e31427704dbca2ab5b032e012c9e6a15ef7e2b601eeb885a4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4773
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "053c3c9130b57ea18361af7304bed7b1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 89a91b205cd96c954e5f.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B95D 24 KB
8 KB 120ms
120ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/89a91b205cd96c954e5f.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

5460f776f1ca266be63f7b0ac3a19682db0a3ec42be65a8e4d68751e101ce874

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 7945
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "175acabc4644585c37f98db487b6e7c1"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 04dc35b6ded6468565c0.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B95D 117 KB
25 KB 130ms
129ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/04dc35b6ded6468565c0.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7130e32e6ada0df807e9016a918a0a812efa084fd33d52dd5a0d5b891240d33f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 24582
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "b007aa54bb8c9b88ffe67896e2f40d69"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ Frame B95D 33 KB
9 KB 262ms
262ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:18:11 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ Frame B95D 25 KB
26 KB 262ms
262ms Font
font/woff2 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: d2b5fc6fa6fcedd7
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Jan 2025 04:27:39 GMT

GET
H2 200 38c76556f728f62addb4.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B95D 59 KB
15 KB 286ms
286ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/38c76556f728f62addb4.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

327f27e8dadc7186a5425643fa096960251b33ad2cc3570a9aa564802c327217

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 14845
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "bff11b55879f085c86136d8809b2c205"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET
H2 200 3504af7a9f6c0b9e8cd1.js Show response
yastatic.net/partner-code-bundles/916422/ Frame B95D 598 KB
115 KB 287ms
287ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/916422/3504af7a9f6c0b9e8cd1.js

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

1dcbf404e84d061249df6c089462866088e2f3a0c016fc6e465311df8d6f860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer
Origin: https://data.ufcplayer.ru
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 117232
last-modified: Sat, 25 Nov 2023 11:26:05 GMT
server: nginx/1.17.9
etag: "96b82e3b810ed1b42b71010843d70906"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Sun, 11 Jan 2054 05:13:29 GMT

GET 4510786
mc.yandex.ru/watch/ Frame B95D 0
0

GET
H2 200 4510786
yandex.ru/ads/meta/ Frame B95D 238 KB
0 297ms
296ms XHR
application/json 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/meta/4510786?target-ref=https%3A%2F%2Fforum.awd.ru%2F&page-ref=https%3A%2F%2Fyandex.ru%2Fsearch%2F%3Ftext%3D%D0%BF%D0%BB%D0%B0%D1%81%D1%82%D0%BC%D0%B0%D1%81%D1%81%D1%8B&charset=utf-8&pcode-test-ids=909920%2C0%2C21%3B897722%2C0%2C87%3B911254%2C0%2C33%3B907878%2C0%2C42%3B911375%2C0%2C35%3B905123%2C0%2C88%3B901183%2C0%2C63%3B909817%2C0%2C23%3B913182%2C0%2C37%3B910552%2C0%2C2%3B910732%2C0%2C28%3B908466%2C0%2C28%3B882586%2C0%2C77%3B907884%2C0%2C62%3B892905%2C0%2C41%3B906702%2C0%2C74%3B910442%2C0%2C98%3B911316%2C0%2C86%3B910219%2C0%2C92%3B910505%2C0%2C25%3B914205%2C0%2C18%3B893897%2C0%2C10%3B912945%2C0%2C43%3B914601%2C0%2C62%3B916422%2C0%2C24%3B681842%2C0%2C66&pcode-flags-map=eJy1Wdty2zgS%2FRc9O1neL3kDSVDCmrcFQdtKyoXSJt6Mt2xny3FmZpPKv283AEqkJENxMpsHR6TVB0BfTp%2BGvy0uSC%2F7VXspSSErktFKli2XrJEZaRrKF2%2FefVv8vrn7crN4sxB8oIuzxdPN5yf2AZ6jyPeDePH9%2BmwH0%2FG2GHLRy7aRHRl6akWI3TTwNULBepJVVObt0AjJacE4zQXshHSdHcNzgsDb7gKWlPVQCcbbqgK0RuAHyuUlEfmKFlKwmsq2LHsq7Li%2B58S703Eq%2BBpP1VBx2fJzSTlv7f6JwyiI0y0CrJ6fg5PX7SBkX7Xwg72lMoMDF4Qz2tvB4sQNXAWGJ0CMjlN1yN1xL1hBW2l%2BP4NzHfg3w0v9NHZO4GVDWYLraN2JtaxYzfZBX4x40RFW%2FPU7LAf4%2FLOoDebqX7zTZzB%2FKT7HMf9%2FHvjZ6GOyLznJZEWbpVjNjKBYk6lZ4iROHGzNaKNIQHACpXLB%2BoFUmleQleiVoLyBN0Vvp4TE9SLnJ0DVi56UVJac1HbqUmtoeuAceaaHbwBhwYICybQjCAHYvUIlQ8FamXNKBLs4UepJ4HhuuN3%2BGCTRAgn1gnCBNFQyDgvlq6E5lyVh1QwxnEc8CbzY2wESITCm%2FUsQfRsgnBVYN68YBequ6BK8yZqylZcrphi9uaCwhE5%2B9M%2BJ04dOkkx4tykgCUmGLiAFIrEeXgy8wk1f0qw95c3YCXYsvKRwxqEXbS0vatJtvXtBqmEe8WivbpIo9KNdo6E5QOSC6KSpSVXZtxEnQRAcWitLecnESgrIxZdgjLGrBwF9DZxx2JLCmXnquU6kzHvwqjQtt8B0FeuOYtvv2kvKaVmyHIKZr2dgN3%2F%2BZw43K11SFGOldWQJLbYTDKpCFwKmmnJ3xZpz%2BxnTNDV9bmznDVXyZCweDL1tX6nrgCZQCF3eFvQXMZS0EepckHw9nGlmCN%2F003Bu6wXGzaOoMWIm77lt0TB1IcDKUJGwlmByaFjJIEqsATYpSU7tGIlnVAseGUIJWbKSVbtkuc0uchM%2F0mtDvQIV1DJbj8WHGQ7tIWOFFQKyy3Nn5wbPc8iFRhjxg02qhxjQRvZ7HH6wn9Q1qZ5jgbTNSAQleEEyRdBwLFJQ%2B6biJI109WMalKCzmqJaa4LHhN%2BXl3b77FyJNs3pmtAAA2o5a%2B0oaWCaBaJUFFIREGqrTZQEkXbnxG1LDqKkoP25aO37TqLA9af%2BU%2BQAlAwgE7wGZKgK%2BHIAzQ0tH7V3TqFErG6NXSeIw7H76UwTA29MeKAVQLTFirfDcmUt99h1R3auyNu1iqhUZTs1%2B7b4183T%2B9%2FqzePH24fFGzd0zhb3n%2F55e3fTv9%2Fc3T58XLzxvs9QQygDzXQ1UuQ%2FBjpQ6PWdzCpUARWbd6F3i%2FvN7d3rxy%2Bwt%2F9uHj7c%2FAmf%2F3Z7v%2Fl483n26uPmXr358PXmQX998%2Fvt0yf98f715OHDw615i8hbBHjxuPl69%2Bnrb%2BbXXx%2F1%2F18eN68fbv74fPCFf28%2B3d8q0%2BvjR2w0pdWUL%2FFnwYgUZNlb4%2Bd7nkkuVRYUYg%2FUmCvKthuGvuOZHiIgE0sCVKUZvxnqjFoZLg5d34hENRyq8Q57BcybNNcVCQKNAXecgIkdnX1AI8DrNRLcUlEOK0pyGN6Z55IwTA23zyp4WheiHfKVro6q7dUOdbPl9O9A5SeqA4ovSI6toGUnFGSGWdjBD3ij1BdrmDjSwA%2BQgyB058iTXSuKYktJeghOr6jKipa6EM4TnkBMFCqkKXaXBGautqfKEfQJbsWWKxC1K1r%2F6B6BaYzAwKgroW20pR0AmFRn7BpMoFZyne9Z1UIMgE5Bpgp6hBL4K%2FbKC6CdO8ErFyCnz97es7%2F3HKhn8soLYf6KPbCfpmDipJGrJULJrsCtpFMlrC8EhqVVdrlhEAYTbkNFy2osQHSLJgMrQOgGqQYoeyicFuYedmW38H3TTAzXAFPgFIU9jKj0xYQA%2BQr00wx2qCA1wsrEQvVwdeV0QhIkkRcmehcrwgsl7fQGeuAhQfKV1RooL4q2wmjZCQmJyDpr7qCRcZVSX3j6FofFF%2B8dpHLkHwHqhgx6JTCBsO9%2BZ7%2B7KKuR%2BvT4MV%2F9XZpie4i9sxQiFzh%2BdBb5KXRsP5xlYQJUns5AzfCW4zj4S7i%2B9tqkXnHiyCFudvWfhLEpDE7rFjMNyD2z8kwCiWHEVdmP2mgcbiTUtqwJTjZQIfZxxnWS9AQZqvEzx9uCVjUHHHq4IjKkx4qWQt8fEGimJxaLjFZu6MDR51jB9nOCjcl%2FwrgWSZPJZD6VOMB5wdzaD%2BJkaw29DHkDA8OK2bLvXCd0nOvnTV%2Bc%2B0dXVve8%2B7eesLaTxmdpGp65DoTjDJ99eA7Up%2FCZXe14D%2FSx6t5IRaoJWoc8xwnDo0IAIpyPHLei6pynemnqQHTcadKP9x5tBzviIoN5gUjsYVcniup6ButFqYZFCOU1nAl7RQC1Yl71ara3zd3dfG8%2BzBJ6GFBzGDqMUxDF0EJhzNNZYD9d7BqZrr6s2g0OiMhj5rJ%2FSQ9SyY%2FAzknnB4IJ1dkiqS6uBnRkcrzBFOA6LCYoZMXP%2BwP3wc7SdDKpcyDFrazSgTjBOGkce0dudfpzBsMClPF51wJlWzFS1%2FXCvbudtjNduUe4mTnov57ueTeJk%2BftCcxRPbXfL00wSNEX5weM4IL03runUG%2Bm9I%2B6yO7s0PV%2BRDBuLxWVmmcVE2vZZj3le9Lk%2FdNeorpuMsVvB9ELCEKtUM1thn3GwARz46MYW%2FvtrZ8eV%2FX3sKFWVMw26OHl%2BUvBa3I1Vlevy3MGeRxuwmHqT1ikU8XVLPXdIN71cZYfVEPwei%2BmvmvE7jiazV1IKqM%2BYJ1JbOAbRNDlGsgprwboKzUne4ywHypoE6F3LBUM%2FY2VdOqazdcgK2j2eANhRpcVNFU1IdjTBWgtmnJu8RbvNMbj4bbURc3YtdWr3gaZJCAyfwBy1XL2FjTvS0H3fTUvdfth48TcDo7leskKSA3wF%2BbJCe3gpWZifuYaq4RBgIOesW8his3wb%2B4mWaN4fz%2BzTKnzbV6dyKTxD7hG82UtVy3XriuQv4xWxPVHp4yljUcr2nyo8fpxm9%2Fjzk5kpeem02NqF%2F3qKcPJncVeB7VbBt7EsqAVWUOhqDu2fa6a6yPobcfNDD93bc8OGOX24fZp8QwO3tAULcpp%2B4ZhaAp3Fmto5%2FTqmOGB44PIcXc394c9LAo8b26h3ny%2F%2Fv4%2FkfGKuA%3D%3D&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62&pcode-icookie=NlH1UKiSThJAFN8BkeRDSrmU7ZRPKsVNDo4abyjya%2B8EpIzatMEpdC%2F5LMqQCZsp1xoGIs4mXgynxc7CbW70P%2BDxx6U%3D&imp-id=1&partner-stat-id=111&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=531064116216834&ad-session-id=5033451705012940670&target-id=42908698&tga-with-creatives=1&top-ancestor=https%3A%2F%2Fforum.awd.ru&top-ancestor-undetermined=0&pcode-version=916422&pcodever=916422&flash-ver=0&layout-config=%7B%22win_width%22%3A650%2C%22win_height%22%3A400%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Atrue%2C%22w%22%3A650%2C%22h%22%3A400%2C%22width%22%3A0%2C%22height%22%3A400%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22ad_no%22%3A0%2C%22safeArea%22%3A%7B%22top%22%3A0%2C%22bottom%22%3A0%2C%22left%22%3A0%2C%22right%22%3A0%7D%2C%22req_no%22%3A0%7D&grab-orig-len=76&grab=eyJncmFiX3ZlcnNpb24iOjJ9Ckw21zYyTkw2t7KzTkwueK-2BtZqicnWZpqvveBme7cVfEr-_w%3D%3D&uniformat=true&callback=Ya%5B6174783693725%5D

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/RTBs5.html?domian=forum.awd.ru&id=4510786&pl=1&statId=111&_t=83075

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
ssr: true
x-yandex-req-id: 1705012940700695-16402586466732166462-balancer-l7leveler-kubr-yp-vla-109-BAL-8325
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: Direct
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
uniformat: true
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: application/json
access-control-allow-origin: https://data.ufcplayer.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:20 GMT

POST
H2 200 click
yandex.ru/clck/ Frame B95D 43 B
137 B 161ms
160ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/clck/click

Requested by

Host: data.ufcplayer.ru
URL: https://data.ufcplayer.ru/vhook/v7/rtb2/RTBs5.html?domian=forum.awd.ru&id=4510786&pl=1&statId=111&_t=83075

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
x-yandex-req-id: 1705012940719164-6569113942403075117-balancer-l7leveler-kubr-yp-vla-109-BAL
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H2 200 1UBTxzK80ba200000000U9nJF21sMY4yTqgU8QTWvBRaj-L_BK_cBKXb009Fc4Yei-jItLXR6GU6L4QWU2QduDNr8F5I4A_sAf1ePIm3afqWFX0mCSnaV1RF2cOlP7GAO06pLZ8MB8Oes0YYDZ03YRsCpwwACXm5ovnb10bV1PDt6Hba61Z-CivYOc2OomGIMShK0...
yandex.ru/an/rtbcount/ Frame CE53 43 B
192 B 250ms
249ms Ping
image/gif 2a02:6b8:a::a
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/an/rtbcount/1UBTxzK80ba200000000U9nJF21sMY4yTqgU8QTWvBRaj-L_BK_cBKXb009Fc4Yei-jItLXR6GU6L4QWU2QduDNr8F5I4A_sAf1ePIm3afqWFX0mCSnaV1RF2cOlP7GAO06pLZ8MB8Oes0YYDZ03YRsCpwwACXm5ovnb10bV1PDt6Hba61Z-CivYOc2OomGIMShK06IlPU81Siuo_GU2gqpvGF5NJ09xK-ObS0eoCd2hbJbjvcDZ-Ci4ih2L6UI0NcP583cL6MJ4N6Oca3EOcHmL8CvWljCGEScj_N_TIMPOA5m5gxmB9dyoEpZnGpp14dCe5Eps5IoxZmXjO67SmS9uW8Nf9iHd31_i7xAys9bMOUD_m_uj2yWp2rWvJxBEyk43IrzWRLZGqD30T9DrXLYRyEmo3x-lh20VTB0ri4nWEx1sJTkdLRDFvSrWkt8uU07RsKqzfrvSkB9W1-DADfYX1zWyJh0nFsBZJKfqjIhEAJ2eoB3CDt_91hF-9nlVeehIcL4lx2Uo9sKqJEDEVcS_YvtDqj3CnCXe0JlZ2dR63UnD3GqyEzXvJh2BFs2Vr3ftnfDFSs_K_c3dMS3nRB_e2ev32mGtS7munhQ3W_4M1qQWFkLWO6Ymx-K4UMug9yZV2pWRc5Tm5cxWNCXqWfFr0YVZ2qx63voCFpWP5t013GG0v7kuqm00?confirmTime=2108000&confirmRatio=1000000&test-tag=531064116216834&actual-format=14&rnd=2862585624401&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92&banner-sizes=eyI3MjA1NzYwOTA5OTM0NDc2MSI6IjE1OHg0MDAiLCI3MjA1NzYwODk0ODg3MDA2MiI6IjE1OHg0MDAiLCI3MjA1NzYwOTM2NzU3MDI4MyI6IjE1OHg0MDAiLCI3MjA1NzYwODU5NTM0NTQ2NSI6IjE1OHg0MDAifQ%3D%3D&width=650&height=400

Requested by

Host: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=80633

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 22:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1705012940773227-2220940783381617357-balancer-l7leveler-kubr-yp-vla-109-BAL
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 11 Jan 2024 22:42:20 GMT
accept-ch: Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Platform, Sec-CH-UA-Full-Version, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: image/gif
access-control-allow-origin: https://borzjournal.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Thu, 11 Jan 2024 22:42:20 GMT

GET RTBfc.html
borzjournal.ru/vhook/v7/rtb2/ Frame 6849 0
0

POST 90079539
mc.yandex.com/watch/ 0
0

POST WRiejI_zOoVX2LbG0MqD02CNMHv4emTH1i7aTxpUS8VhTx8wZbvdhv2JhQ3hs1pTVp3x3uqb3A3ZL94QJMUCu3mQIk99GGMQmS4kEtmXwE1rOGJmPhlKsZJ-A9koNK-VKoGIIDOQIDQadoGWweqCDdyKY05XijQrHUFQW6syIgLIgRJ0Oijc1mzKqsBX5bsDQwFxD...
yandex.ru/an/count/ Frame CE53 0
0

GET RTBs5.html
borzjournal.ru/vhook/v7/rtb2/ Frame CC83 0
0

POST 90079539
mc.yandex.com/watch/ 0
0

OPTIONS event_confirmation
an.yandex.ru/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ysa-static.passport.yandex.ru
URL: https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes

Domain: mitdmp.whiteboxdigital.ru
URL: https://mitdmp.whiteboxdigital.ru/pixel?id=a&source=yandex&redirect=false&href=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fqbitis%2F%7Bmiid%7D

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/text2.txt

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/text2.txt

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/text2.txt

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/temp/context2.js?ggasdadd12123

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bankstoday.net&id=3256559&pl=1&statId=111&_t=82131

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=77931

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBfc.html?domian=appleinsider.ru&id=2914549&pl=2&statId=111&_t=74994

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=riastrela.ru&id=4201533&pl=1&statId=111&_t=83661

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234220%3Aet%3A1705012940%3Ac%3A1%3Arn%3A771986686%3Arqn%3A20%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012940%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-15-p-6)clc(0-0-0)rqnt(20)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=darunok.ru&id=4318252&pl=1&statId=111&_t=45539

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234220%3Aet%3A1705012941%3Ac%3A1%3Arn%3A819410257%3Arqn%3A21%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012941%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-16-p-6)clc(0-0-0)rqnt(21)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/watch/4510786?page-url=https://forum.awd.ru/&page-ref=https://yandex.ru/search/?text=%D0%BF%D0%BB%D0%B0%D1%81%D1%82%D0%BC%D0%B0%D1%81%D1%81%D1%8B&charset=utf-8&cnt-class=1&browser-info=pv:1:ar:1:gdpr:14:vf:h2b2laelw67j03cmy2kg:fu:0:en:utf-8:la:ru:v:802:cn:1:dp:1:ls:994982306965:hid:958135491:z:420:i:218340182722:et:81099416476:c:1:rn:958135491:rqn:4:u:7629727844612701000:w:555x652:s:1366x768x24:sk:1:cpf:1:eu:0:ns:994982306965:co:0:rqnl:1:st:994982306965:t:forum.awd.ru&t=gdpr(14)mc(p-1-h-1)lt(61500)aw(1)rqnt(2)ti(2)

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBfc.html?domian=appleinsider.ru&id=2914549&pl=2&statId=111&_t=23371

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234220%3Aet%3A1705012941%3Ac%3A1%3Arn%3A298091812%3Arqn%3A22%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012941%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-17-p-6)clc(0-0-0)rqnt(22)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Domain: yandex.ru
URL: https://yandex.ru/an/count/WRiejI_zOoVX2LbG0MqD02CNMHv4emTH1i7aTxpUS8VhTx8wZbvdhv2JhQ3hs1pTVp3x3uqb3A3ZL94QJMUCu3mQIk99GGMQmS4kEtmXwE1rOGJmPhlKsZJ-A9koNK-VKoGIIDOQIDQadoGWweqCDdyKY05XijQrHUFQW6syIgLIgRJ0Oijc1mzKqsBX5bsDQwFxDx4j8jdMYYdCmKm01_643LmDuxCkS5eDkwyXCscsJnfjaoQReT5ttSq14GSGzW5a5mFGjs0m-xalsbuNoI5tPmnQ_qNEovaS6oBOZWlSeZskCaUeCpGm4nOxGsxAD2gR5eRur0WXe_G1J031gqg7GQRC4yfiQPdivq4XwodejAxhs1Wn3MFEHfKmmu804fmmMMWOSGMjhiDulzYu4gJM9809HLX4CNAIQ00tzVnYyxiiQ-x-Duv0rdKzYwNDT8yZI-JenYbMLvn0C0HR00tdwInJRuoqxaLw5YZ_6POgo1CfXDG15lmZcspvDce_i2E1Xu_xsWe7igl3Q76AJwGsgFh7-xU6xAY5Kuyw8TOjzEa05-bxI-8TID5mLpAOy_fs7rPrEuCNRQsrDm00~2=WMSejI_zOoVX2Ldf0CqA05CJIZ0Wm1p8WI2y9XgLIX1ClgdBMENnIiULAJkDzDTEMOGTybBV6KEVp-NEdkrtxhpXpbVPj334fqO86QKFO088NbKw33gEtgf8Tufh1pP9MMVh3xUi_0ZKiONaYTPz3kTyQS0T8laGzX-ytWFN-y16QJ8pUpqrtUmta5nUNA30-Np3bACrSiJ6hC2EBojTPrtWj1fsMjVrNQ_HdI9djlHLXN9MU4eCkVd5nfKWjIO1J83fBikQNAQKsHTNs0B_i9F9oWTJCAJolnGCgNnl0cPgNtk0L-vdEI1XblsP-QMNNWveFVRetTSHTYbwirVqPO-rep7FaxrS7roS7nj0n0TVc_yUSJcvqiZbv8gZrzwu8KBvx8J6fp6lUx9Qao1IFfYyx1qng-Gue0HL3lmGS7l_9-mNMY6LHJPU_C0m4zMN8GNNdrT0lAg4n0SZpAbGeJ_1-tbCEJ766m00~2=WLmejI_zOoVX2Ldl07KA05CIHJ0Wm1p8WI2y9XgLIX1ClgdBMENnIiULAJkDzDTEMOGTybBV6KEVp-NEdkrtxhpXpbVPj334fqO86QKFO088NbKw33gEVhobx1YEwu74gxFrv48vGox97rQcjEvpEEVBOe-9cfGI8t1KXyuOezVDLxpMTTO5JgjXTq37xdgDxXGviwMlQ0fRfwWOSlEBZIj1Qaq2c03JNPOrkKliv1T_E-qF2w14_C4maOh_2nEf-BqVoDY-5YTAav_ryCGi-pFpIo-zpEKkGuCvv6MnwDtN4NOfUZDJp9Stv5d1UhBNyZ56wCS450PEvlclqTIFj46_fNLTnpBr8stGQpqOsF4GpcUzrtsN8bPfYbbHiYGUCR6OkLmp0X7y471-_oVirifAPmhAN09jTLGIi7v0hejEuN3SAv0YBk6MnS2kFS4JvibT0UG7dF77LAs_NG40~2=WNWejI_zOoVX2Ldm05KB07EKJZ0Wm1p8WI2y89XyKvUnokELZYjJTXhfhvso23lafRupHa52gTnf0dq-bpjxjj-vyuOxNsNJmX2V6Y5ab3w02I1uLUamw3XgwUoOmYaMe9t2KIb0E_NgKO1swaLLW7RgnQC0xTHhgW3jVGxdV4qSll6m8dba8QTBjCDEouSmyuFNU-1EuHeYj1K4nqTPtVFm3yzhygmBd5GHHgyQSOvUep_HqjBIqkeAu2l33dQAdDdILnNA52A7z8WXDx_Ok1AarYI02J3TPLcJI-inVN659bq_R9SJFxXvkFM_pSEjxxrPalrQcwmZFvi3o2pxC_DBBxtDvIx0Oo8OlViwGgz9RwR1lkph5haUFTdNdV7s_DY09rgqGFz5uge34kYtjAxhZbnrG0AzrW_XWYUczLaccvmTaIDcumSy6t823_o0X-FFLQH-2KCDG4idJP0uDDWN25KNQqieLZZSacLEk7Rh1pZwOqnHCmuQ~2=WOKejI_zOoVX2La30RqB06ELKZ0Wm1p8WI2y89XyKvUnokELZYjJTXhfhvso23lafRupXZwVovqzs-_SUSEThx9fOOXFZH0oIX_0112ygdGOT1o3V81nsM6sXGkZplQ0GpWhI7R8SS5qj5ewEwPmYWLeft1K2j1ElNeKe9rwKHMWdNhnA40xzPegG7kVmpbV4uDIVqeMo9BCwSu07o5_2FyFNk-1wzMs339XDPc22j_i2Yp1eOH3alFvXicMb3jhZS-wm3tHqjBIqkeAu2i3c09EaJDR-gf2sVSuH8iXDx_Ok1AarYI02J3TPLcJImjf_68PB1y_h40Mk0zkFWd-R_D9y7itIF7wsWqz8d-s03fcsP-PNthfZLdkT1YU8BtxEaAjiJSlTr_sRa6UO3tPkz7nqFtO02Oqk3l_7P9p0Y_AEO4TlTQRFVND1V5Pt_H8rHOM8jUOfPTNFbPy1GxyK8pZlvL8FLCzOAGR1UnKrJYRxQ2rODf6mWN7fDmkuNh1MvISyjynwW00~2?stat-id=1&test-tag=531064116281409&banner-sizes=eyI3MjA1NzYwOTA5OTM0NDc2MSI6IjE1OHg0MDAiLCI3MjA1NzYwODk0ODg3MDA2MiI6IjE1OHg0MDAiLCI3MjA1NzYwOTM2NzU3MDI4MyI6IjE1OHg0MDAiLCI3MjA1NzYwODU5NTM0NTQ2NSI6IjE1OHg0MDAifQ%3D%3D&actual-format=14&pcodever=916422&banner-test-tags=eyI3MjA1NzYwOTA5OTM0NDc2MSI6IjI4MTQ3NDk3Njg5OTA4OSIsIjcyMDU3NjA4OTQ4ODcwMDYyIjoiNzEyNzIyIiwiNzIwNTc2MDkzNjc1NzAyODMiOiIyODE0NzQ5ODEwOTM0MjciLCI3MjA1NzYwODU5NTM0NTQ2NSI6IjI4MTQ3NDk3Njg5OTEyNCJ9&constructor-rendered-assets=eyI3MjA1NzYwOTA5OTM0NDc2MSI6MjAxLCI3MjA1NzYwODk0ODg3MDA2MiI6MTA1MDY5NywiNzIwNTc2MDkzNjc1NzAyODMiOjY1NzM3LCI3MjA1NzYwODU5NTM0NTQ2NSI6MjAxfQ&pcode-active-testids=912945%2C0%2C43%3B914601%2C0%2C62%3B910219%2C0%2C92&width=650&height=400&confirmTime=2108000&confirmRatio=1000000&wmode=0

Domain: borzjournal.ru
URL: https://borzjournal.ru/vhook/v7/rtb2/RTBs5.html?domian=bankstoday.net&id=3256559&pl=1&statId=111&_t=14944

Domain: mc.yandex.com
URL: https://mc.yandex.com/watch/90079539?page-url=goal%3A%2F%2F11jan.newdeaf.co%2FrenderFrame&page-ref=https%3A%2F%2F11jan.newdeaf.co%2Fserial%2F4149-krasnyj-dermatin-1-sezon.html&charset=utf-8&uah=chm%0A%3F0&hittoken=1705012932_48c125a6d353e0e4ab212b5ab62676489a5f9d33165d86fca1a002fdfe08f419&browser-info=ar%3A1%3Avf%3A6mv6as6uhfnj8xo3ikdxwgrf%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1201%3Acn%3A2%3Adp%3A1%3Als%3A736945766846%3Ahid%3A712271569%3Az%3A60%3Ai%3A20240111234221%3Aet%3A1705012941%3Ac%3A1%3Arn%3A158483921%3Arqn%3A23%3Au%3A1705012931753708418%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1705012927016%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1705012941%3At%3ANewDeaf%20%7C%20%D0%A1%D0%B5%D1%80%D0%B8%D0%B0%D0%BB%20%D0%9A%D1%80%D0%B0%D1%81%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B5%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%201%20%D1%81%D0%B5%D0%B7%D0%BE%D0%BD%20%D0%B2%D1%81%D0%B5%20%D1%81%D0%B5%D1%80%D0%B8%D0%B8%20%D1%81%20%D1%80%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%BC%D0%B8%20%D1%81%D1%83%D0%B1%D1%82%D0%B8%D1%82%D1%80%D0%B0%D0%BC%D0%B8&t=gdpr(14%2C14%2C14)mc(g-18-p-6)clc(0-0-0)rqnt(23)lt(105400)aw(1)rcm(1)ti(0)&force-urlencoded=1

Domain: an.yandex.ru
URL: https://an.yandex.ru/event_confirmation

Verdicts & Comments Add Verdict or Comment

187 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

139 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 17:38:19	Name: afpix Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 17:45:31	Name: pcssspb Value: 1
yastatic.net/safeframe-bundles/0.83/1-1-0	1970-01-20 17:38:19	Name: pcs3 Value: 1
shopnetic.com/api/rtb/dmp	1969-12-31 23:59:59	Name: test_cookie Value: 1
kimberlite.io/rtb/sync	1970-01-20 17:36:52	Name: f Value: https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D243%26euid%3DZaBuwUvMwlo
kimberlite.io/rtb/sync	1970-01-20 17:46:57	Name: as Value: OFrH4WWgbsqE8n8IZaBuwvlq1HhloG7K
kimberlite.io/rtb/sync	1970-01-20 17:36:52	Name: n Value: 4
.otclick-adv.ru/core	1970-01-21 03:12:52	Name: idntfy Value: VUFobRe90cyZLWh
.newdeaf.co/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb70b80e9e77db3f4cd04888587151b7
vak345.com/	1970-01-21 02:22:28	Name: sky_uuid Value: 4f024d3e-a57f-4029-a885-7fbbe5bceba6
11jan.newdeaf.co/	1970-01-21 02:22:28	Name: _ma Value: 69468891-e56d-449c-9483-e048485ebdde
.aj1907.online/	1970-01-21 03:12:52	Name: UUID Value: bf871787-8f68-5106-9c3c-5cb9a87fb317
.yandex.ru/	1970-01-21 03:12:52	Name: i Value: uJqhPTVvzG6ewM+uwoHiVzlgy04v1B4fFZRW8dtryKMAGIKV9L02hYZGUtbQuW4nEaEX508gPhpHDFuEkehXmcq2iJ4=
.yandex.ru/	1970-01-21 02:22:28	Name: yandexuid Value: 7968113861705012928
code.moviead55.ru/	1970-01-21 03:12:52	Name: sky_uuid Value: d9404c17-8e8b-0705-c71b-c92a93751cf2
sync.gonet-ads.com/	1969-12-31 23:59:59	Name: chk Value: 1
.ohmy.bid/	1970-01-20 18:20:04	Name: uid Value: afd95819-3348-4710-99c9-ecabea747151.65a06ec0.e1320986f1b81d3b
code.moviead55.ru/	1970-01-20 17:38:19	Name: ohmybid Value: afd95819-3348-4710-99c9-ecabea747151
.acint.net/	1970-01-20 17:36:53	Name: test_cookie Value: CheckForPermission
.acint.net/	1970-01-21 03:12:52	Name: aid Value: fwAAAWWgbsBOdTYS22/vArNXHyp99uakgYGtnvgifpBG5Lea
code.moviead55.ru/	1970-01-20 17:38:19	Name: bzcookie Value: 323cd1af-6b51-4e75-4f8d-29eee80843a0
kimberlite.io/	1970-01-20 19:46:28	Name: u Value: ZaBuwUvMwlo~sBbrXtfwoEuVBMfpe7bNF9eCrsc
code.moviead55.ru/	1970-01-20 17:38:19	Name: solta Value: ZaBuwUvMwlo
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp14v4 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp14v6 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp17v2 Value: 1705012929
.acint.net/	1970-01-20 17:38:19	Name: cSyncDp45v5 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp53v5 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp62v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp67v3 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp68v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp71v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp80v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp85v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp95v4 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp98v3 Value: 1705012929
.acint.net/	1970-01-20 17:57:02	Name: cSyncDp104v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp107v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp110v3 Value: 1705012929
.acint.net/	1970-01-20 17:58:28	Name: cSyncDp125v4 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp126v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp127v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp129v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp136v3 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp146v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp148v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp149v3 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp151v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp251v1 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp186v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp217v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp221v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp235v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp239v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp243v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp260v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp244v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp248v2 Value: 1705012929
.acint.net/	1970-01-20 18:20:04	Name: cSyncDp261v1 Value: 1705012929
.adhigh.net/	1970-01-21 02:22:28	Name: gi_u Value: mBicfCvh9k.AikABlGM-rCiUg
.adhigh.net/	1970-01-21 02:22:28	Name: skyadvert_sync Value: L7Cl
code.moviead55.ru/	1970-01-20 17:38:19	Name: gtnt Value: mBicfCvh9k.AikABlGM-rCiLQ
.upravel.com/	1970-01-20 17:36:53	Name: session_tptc Value: 1705012929169
.betweendigital.com/	1970-01-21 02:22:28	Name: dc Value: was1
.betweendigital.com/	1970-01-21 02:22:28	Name: ss Value: 1
.adhigh.net/	1970-01-21 02:22:28	Name: sape_sync Value: L7Cl
.newdeaf.co/	1970-01-20 17:37:36	Name: adrdel Value: 1
.newdeaf.co/	1970-01-21 03:12:52	Name: adrcid Value: ARGHitJq9_ZptLI10On8bTQ
.upravel.com/	1970-01-21 03:12:52	Name: user_id Value: 69abffb7-1544-4ea1-bd60-eb0dbc5a53ec
.utraff.com/	1970-01-20 18:20:15	Name: preutid Value: 1
.rutarget.ru/	1970-01-20 21:56:04	Name: userId Value: F1TL7vPZO2Qt
.ccsyncuuid.net/	1970-01-21 02:22:28	Name: jcsuuid Value: uRQ5ZIRGiFV1McU8LVmg
.videohead.tech/	1970-01-20 18:20:04	Name: prevhead Value: 1
sync.opendsp.ru/	1969-12-31 23:59:59	Name: chk Value: 1
.ssp-rtb.sape.ru/	1970-01-21 03:12:52	Name: sspuid Value: CkIDUWWgbsEZUwIPoRmMAskN42IE3pr/vxrAdyOWQzYRWocz
.betweendigital.com/	1970-01-21 02:22:28	Name: tuuid Value: 995716f2-a6e0-530c-a191-48e3c4312622
.uuidksinc.net/	1970-01-21 02:22:28	Name: jcsuuid Value: aT31YqMg601MdtMojC5U
code.moviead55.ru/	1970-01-20 17:38:19	Name: btwcookie Value: a46c61bc-ab6c-530c-969e-4bf8f33e2539
.opendsp.ru/	1970-01-21 03:12:52	Name: pid Value: OTg5YzgzNmQxZGQ1MTY1
.adriver.ru/	1970-01-21 03:12:52	Name: cid Value: AY9ujBLEfdGFTGx7Qar4mew
ads.adlook.me/	1970-01-21 02:22:22	Name: adlm_userId Value: b8dfa271632c448c82168c794ab5d36d
ads.adlook.me/	1970-01-21 03:12:52	Name: adlk_cmatch Value: sape%3A0100007FC06EA0651236754E02EF6FDB
.bidvol.com/	1970-01-21 03:12:52	Name: bvuid Value: ek6px5znsg
.bumlam.com/	1970-01-21 03:12:52	Name: suuid3 Value: IiRhNzc4MDVhOC1iMGQyLTExZWUtYmJiMS0wMDI1OTBjODI0MzY*
.aidata.io/	1970-01-21 03:12:52	Name: __upin Value: aEe1/DROFJJPiSyFzk4I5w
.aidata.io/	1970-01-21 03:12:52	Name: __upints Value: 1705012929
.yandex.ru/	1970-01-21 02:22:28	Name: yuidss Value: 7968113861705012928
.agency2.ru/	1970-01-21 02:09:31	Name: uuid Value: 40326337-2b44-4431-a986-7a0a1cfa90da
code.moviead55.ru/	1970-01-20 17:38:19	Name: otclkbid Value: VUFobRe90cyZLWh
code.moviead55.ru/	1970-01-20 17:38:19	Name: sapecookie Value: 0100007FC06EA0651236754E02EF6FDB
x01.aidata.io/	1970-01-20 17:41:12	Name: livin Value: 1
sync.programmatica.com/	1969-12-31 23:59:59	Name: chk Value: 1
.programmatica.com/	1970-01-21 03:12:52	Name: pid Value: MjJmMzNlOWRhMzhkMmYwOQ
sync.dsp.solta.io/	1969-12-31 23:59:59	Name: chk Value: 1
.adx.com.ru/	1970-01-21 02:22:28	Name: user Value: 65a06ec2f0e01500010dd26f
.dsp.solta.io/	1970-01-21 03:12:52	Name: pid Value: NzAyMGMwYTA2MDg0NDgwNw
.sbermarketing.ru/	1970-01-21 02:22:29	Name: dmpuid Value: FkZx6lbcR2KUwFn69zmyGA
.weborama.fr/	1970-01-21 03:02:48	Name: AFFICHE_W Value: 8d4LgLk4CPXx41
.mts.ru/	1970-01-21 03:12:52	Name: mts_id_last_sync Value: 1705012930
.mts.ru/	1970-01-21 03:12:52	Name: mts_id Value: 5bb70d32-0896-42b4-b37e-aec4e1bd7801
code.moviead55.ru/	1970-01-21 02:22:28	Name: 581rmads Value: 1705012930
code.moviead55.ru/	1970-01-21 02:22:28	Name: 680rmads Value: 1705012930
.dmg.digitaltarget.ru/	1970-01-21 03:12:52	Name: viuserid Value: XK0UPCefIKmeKrF7-6ub
.mail.ru/	1970-01-21 02:23:55	Name: VID Value: 3D9iCo1eH5oM0025Fz3-mVYM:::0-0-0-abac783-0:CAASEMtZow1i6FyvfGo4kdH4KdMaYKE9xIr5oxveO-BJeTFbWSidp9kZkz80aVbvpHQAr8I954VtKHFTO3nuW98lq7XOpYK-mHeCRpN-DYxa5_0YPsNS8xc1DTmIIvLavzPuNlXjQmjBpfkhgiRGBYM83N0viA
.newdeaf.co/	1970-01-21 02:22:28	Name: _ym_uid Value: 1705012931753708418
.newdeaf.co/	1970-01-21 02:22:28	Name: _ym_d Value: 1705012931
.mc.yandex.com/	1970-01-20 17:36:53	Name: sync_cookie_csrf Value: 185227829fake
.newdeaf.co/	1970-01-20 17:38:04	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 17:36:53	Name: sync_cookie_csrf Value: 1915690497fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1143998111705012932
.yandex.com/	1970-01-21 02:22:28	Name: bh Value: KgI/MA==
.yandex.com/	1970-01-21 02:22:28	Name: yandexuid Value: 7968113861705012928
.yandex.com/	1970-01-21 02:22:28	Name: yuidss Value: 7968113861705012928
.yandex.com/	1970-01-21 03:12:52	Name: i Value: uJqhPTVvzG6ewM+uwoHiVzlgy04v1B4fFZRW8dtryKMAGIKV9L02hYZGUtbQuW4nEaEX508gPhpHDFuEkehXmcq2iJ4=
.yandex.com/	1970-01-21 03:12:52	Name: yp Value: 1705099332.yu.2527366851705012931
.mc.yandex.com/	1970-01-20 17:38:19	Name: sync_cookie_ok Value: synced
.yandex.com/	1970-01-21 02:22:28	Name: ymex Value: 1707604932.oyu.2527366851705012931#1736548932.yrts.1705012932
.aj1907.online/	1970-01-21 02:22:28	Name: ucv Value: 3077-DE-1705099328843-24--3081-DE-1705099336697-24--
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1355381771705012936
.yandex.ru/	1970-01-21 02:22:28	Name: ymex Value: 1736548936.yrts.1705012936
.yandex.ru/	1970-01-21 02:22:28	Name: yashr Value: 8560000881705012937
x01.aidata.io/	1970-01-20 17:46:57	Name: yaya Value: 1
.adhigh.net/	1970-01-21 02:22:28	Name: yandexssp_sync Value: L7Cl
px.arcspire.io/	1970-01-20 18:20:04	Name: arcid Value: 5f5313159e17f427c2a783
.yandex.ru/	1970-01-21 02:22:28	Name: bh Value: KgI/MA==
.gonet-ads.com/	1970-01-21 02:23:55	Name: pid Value: NTdmYWZiZWJkMjk3MTI0Mw
.demdex.net/	1970-01-20 21:56:04	Name: demdex Value: 06646010738798938224476896457829234282
.dsp.mpartner.digital/	1970-01-21 02:22:28	Name: dmp Value: qlEVXQPDOGGWowBaoycGDIzNxPIkspdW
.dpm.demdex.net/	1970-01-20 21:56:04	Name: dpm Value: 06646010738798938224476896457829234282
.targetads.io/	1970-01-21 02:22:28	Name: _TADUID Value: 12908933990099532848
.mts.ru/	1970-01-21 02:09:31	Name: dspid Value: e1819881-1ec9-4694-ac44-11ce27d29f6d
.mts.ru/	1970-01-21 02:09:31	Name: reset_cookie Value: 1
.betweendigital.com/	1970-01-21 02:22:28	Name: ut Value: ZaBuygAJWoh9r7LoQs6eSFt2KOVsQgKbfn_mcQ==
.sonar.semantiqo.com/	1970-01-21 03:12:52	Name: semantiqo_a Value: 0212a393c481436ca32a1df3f0fd04b5
.sonar.semantiqo.com/	1970-01-21 02:32:33	Name: check Value: e3ccab9f29cb43cca4cd0f56d55d2136
shopnetic.com/	1970-01-21 03:12:52	Name: shuniq Value: VoTIzyLbH0u034D2xSdy841klQ8
.tns-counter.ru/	1970-01-21 02:22:28	Name: guid Value: 5257680F65A06ECBX1705012939
.yandex.ru/	1970-01-21 03:12:52	Name: is_gdpr Value: 1
.yandex.ru/	1970-01-21 03:12:52	Name: is_gdpr_b Value: CKT6WBDh5AEYAQ==

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=PiKiX6qq68&consentString=[consentString]&r=https%3A%2F%2Fcode.moviead55.ru%2Fgo%2Fcsync%3Fcn%3Dsnmd%26bid%3D%5BPDID%5D Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.adkernel.com/user-sync?zone=169736&t=image&r=https%3A%2F%2Fwww.acint.net%2Fmatch%3Fdp%3D221%26euid%3D%7BUID%7D Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	warning	URL: https://static.moviead55.ru/mp_dist/mstream2.js?v5891608759 Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://an.yandex.ru/setud/mts_banner/-5mlqI1FToO7F-2faLSQ3Q?location=https%3A%2F%2Fvma.mts.ru%2Fem%3Fnext%3D59%26em%3D0&sign=1812691448 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ysa-static.passport.yandex.ru/static/1/d959d7e39d5067fad30d9c06204866e9/d.png?ex=yes Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://an.yandex.ru/mapuid/part_id/12908933990099532848 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://kimberlite.io/rtb/sync/mts?u=e1819881-1ec9-4694-ac44-11ce27d29f6d Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
javascript	warning	URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html Message: The resource https://11jan.newdeaf.co/templates/newdeaf/css/styles.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html Message: The resource https://11jan.newdeaf.co/templates/newdeaf/css/engine.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://11jan.newdeaf.co/serial/4149-krasnyj-dermatin-1-sezon.html Message: The resource https://11jan.newdeaf.co/templates/newdeaf/css/common.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11jan.newdeaf.co
a.utraff.com
a.videohead.tech
a77805a8-b0d2-11ee-bbb1-002590c82436.n2.sync.bumlam.com
acint.net
ad.mail.ru
ads.adlook.me
ads.betweendigital.com
adx.com.ru
aj1907.online
an.yandex.ru
avatars.mds.yandex.net
borzjournal.ru
cdn-t.vb17123filippaaniketos.pw
cdn4.vb17123filippaaniketos.pw
cdn77-fs.aj1907.online
cm.g.doubleclick.net
cm.tns-counter.ru
code.moviead55.ru
content.adriver.ru
counter.yadro.ru
cr.frontend.weborama.fr
cs.agency2.ru
data.ufcplayer.ru
deaf.cdnlbox.club
dm-eu.hybrid.ai
dm.hybrid.ai
dmg.digitaltarget.ru
dmp.sbermarketing.ru
dpm.demdex.net
dsp.mpartner.digital
euw-ice.360yield.com
ev.adriver.ru
exchange.buzzoola.com
eye.targetads.io
favicon.yandex.net
im.bluevoox.com
kimberlite.io
logger.moviead55.ru
match.new-programmatic.com
match.ohmy.bid
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
msk-reality.ru
nr.bidderstack.com
otclick-adv.ru
pimg.vb17123filippaaniketos.pw
pix.bumlam.com
pixel.konnektu.ru
poster.newdeaf.co
profile.ssp.rambler.ru
px.adhigh.net
px.arcspire.io
redirect.frontend.weborama.fr
rtb-eu-warsaw.intent.ai
s.ccsyncuuid.net
s.uuidksinc.net
sape-sync.rutarget.ru
shopnetic.com
sm.rtb.mts.ru
solta-sync.rutarget.ru
sonar.semantiqo.com
ssp-rtb.sape.ru
ssp.adriver.ru
ssp.afp.ai
ssp.bestssp.com
ssp.bidvol.com
static.cdnlbox.club
static.filmskino.site
static.moviead55.ru
sync.adkernel.com
sync.adspend.space
sync.bumlam.com
sync.dmp.otm-r.com
sync.dsp.solta.io
sync.gonet-ads.com
sync.opendsp.ru
sync.programmatica.com
sync.rambler.ru
sync.richaudience.com
sync.upravel.com
tag.digitaltarget.ru
tech.rtb.mts.ru
top-fwz1.mail.ru
user91471.clients-cdnnow.ru
vak345.com
videotoday.site
vma.mts.ru
www.acint.net
x.bidswitch.net
x01.aidata.io
yandex-dmp-sync.rutarget.ru
yandex-sync.rutarget.ru
yandex.digital-services.solutions
yandex.ru
yastatic.net
ysa-static.passport.yandex.ru
an.yandex.ru
borzjournal.ru
mc.yandex.com
mc.yandex.ru
mitdmp.whiteboxdigital.ru
yandex.ru
ysa-static.passport.yandex.ru
104.21.53.214
130.193.58.13
138.201.65.75
138.201.8.249
142.250.184.226
144.126.246.116
167.235.117.41
167.235.186.113
167.235.9.235
178.154.131.216
178.170.195.115
18.195.61.190
185.15.175.130
185.15.175.145
185.151.241.151
185.40.155.13
185.40.31.214
188.114.96.3
188.42.105.236
193.169.200.3
193.200.65.146
193.200.65.149
193.232.150.150
193.3.184.137
193.3.184.211
195.191.235.32
195.209.108.58
2001:6d0:4001::226
213.239.194.43
213.87.44.187
217.199.220.44
217.65.2.150
217.66.147.33
217.66.147.39
23.111.107.44
23.111.96.52
2606:4700:20::681a:6bd
2606:4700:20::ac43:48bf
2606:4700:3034::6815:393c
2606:4700:3034::6815:4526
2606:4700:3035::6815:36ca
2606:4700:3037::ac43:9f81
2606:4700:3038::6815:e9f8
2a00:1148:db00::17
2a02:2d8:0:c00c::4
2a02:6b8:20::215
2a02:6b8::184
2a02:6b8::1:119
2a02:6b8::36
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:c700::21
2a06:98c1:3120::3
2a06:98c1:3120::9
2a06:98c1:3121::3
31.172.81.172
31.220.27.134
34.111.129.221
34.247.112.223
35.177.4.157
35.190.24.218
37.18.110.198
37.230.131.22
45.139.25.124
45.9.26.83
46.243.142.48
46.243.172.93
5.189.234.229
5.200.50.170
50.7.231.242
51.250.81.61
52.19.219.1
52.45.175.185
65.109.23.99
65.21.196.16
77.244.216.90
77.245.57.72
80.87.198.24
81.222.128.214
82.148.20.186
83.222.117.90
83.222.96.170
87.250.251.119
88.212.201.204
89.108.120.68
91.192.148.52
91.192.150.14
94.130.13.220
94.228.127.171
95.163.52.67
95.217.109.66
96.46.186.61
001d1cce503c2f072d35e13f148520c407541e6bc0ac8c8f66e5f64537684663
011bbb6a47f69fc68578cc2e2533f0170be4a82139b27206bbcc9c4f9a696d0a
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
053d184910cfc0faa536fd5fa16049187b4d86b4fe960cbace8f20a9c4d9824d
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093
104b059786c22fb186f5339b548a0ab49818ea3eebfbac6b7e6e6ffc09306038
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
12160671828c9ef8056597504b515260e96d0a4672fe9d995cecd3e655f46255
1501689b87399ceb5cd2994a18139ecb636a3d190031ea440dd70bf7e7b1f0a1
16e603d5b67129cedc8a549afff057fabc3064fe3c5ec3004b097bb87a6c76de
1790f0f5e9dd1e0eb35cd8695283fabbcbf978c327b296945f475f6fd53ecaad
1b21be50822c8f1e162a563f05543e3d8b2f97a91e6ebcb8064ebbe13c6037e4
1b65cf3205f0cd8eb93b3a45083f98be47f0a1f11cdf8921655f359b207362d1
1b6777f37eb1da4f7fa3abfc943a9b6608ee94141227b3941dfe32318b940e16
1b967296d80ecf7aef45e65c091e3e4a30dbd425bcbb61fa11a8f499b96e8ed5
1c9c332ec701b5293c54867d3c992bccfe9bea9c0816f4c6b28bbb639e536dca
1d0335c024f5b93b1beab662cc231496960efeb6921f2f8eda61c4eccb9e9611
1dcbf404e84d061249df6c089462866088e2f3a0c016fc6e465311df8d6f860c
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
2308a9a905b6018131ac88b621d095e9c4d2548a28a4980dc752c163a5429b03
240893a5220a7f0a0e421bb6ab69f1f2946d264a1832a056c672c3abaa5b0981
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
26367fc69ef19a5596da8a7b8e1c14058755d0064ca1a922554152b80a38d0e9
269de31f460024d676a203b8b6f232ca209a16d4fffc3cd052883cf30bb05615
2a26c58ef7bfea59cad0e884256707170804ec26e6324f8eb7453a96a36f7227
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae4fe0e9ec53c27a426f57d9f628c4b9176177c2ec20f10bef65d52a5fe4724
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
327f27e8dadc7186a5425643fa096960251b33ad2cc3570a9aa564802c327217
32cc3fabd6804a39df409f47fd352d9ee844779f704d99563bb1dd72fd0261d5
33c7a7de5284db19e9613efd7a96e0fb08e473b2253bc3cca50c41002bcbe395
33eb38c10cd3a4b4b247ec6665f5b2c1ea8c8e000acbf71ce8e3dbf0973207cd
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
37425a0f9754b20da6ac4756f5e71121f2c0a9f5f8dc31f5fbc39f83e6a1bece
3830d50c10dbb840b9479931d9d9929dadf6257ae21b378ad10c546c888d5ae7
38973dea26a9b3a67e0d42d7f0179ea27df496b1fea44c96a3acb0979adc12f6
3b30220310881368606ee53e60273038b111f9550c6ca4fdd482bc91e751540b
3c48fde388a2b8280c381b89f6c4f2cbee1d07dd2e50238b5a1ea4d08850ace9
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41eb6fb84ab83ed2c2a4a5f30c58dd683473013041d3a2dccf549a87c4a7f35f
429b1e48a6bcad25b6b03278dec4d32de1412bbe031d3343d91fa8fdfddfe6f9
431ced6916a2a21a156e38701afe55bbd7f88969fbbfc56d7fe099d47f265460
43bcd191ef5ce0975c302d1d44bdc1e56063ca375a8e79628350379ebe40a333
44acec338aa1fa90ef06b8fbab0944a5ca9132943182a467783016cff42bab87
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4c69d98ff240ef8b882bc6a68845dbc918842e4b30368b0b0a6b5c322dd6d7d9
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f88641d32d5857194b723a19276ecdccb170f3d47fb9e9427f0e043924e26cd
5037b7fe838be7914073a410dbd958962ccfa505b7babd3254ef578cc7c0d147
5083a88394811cb781b46b48c49bb0318820a9476ad17d05dbf08e7a0f4bcde4
53c76e04bc99afe49b88077e2ab7960f02cccacefc8a80898881ef683c72e381
5460f776f1ca266be63f7b0ac3a19682db0a3ec42be65a8e4d68751e101ce874
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a82cb12e6e213c3b94fb1674617997e730f8fb5a44237800881dc439814c1c
5c3986ed472d91df0d30bb323c8d3c5cd3319c30ee5421da54c6e2ba4a7c1c4d
5c43a81c639cea66bc1c0aaa5a7b2c334ad522c910b085d83c25e216d9c536a7
5c8599e31969b8db49f3cb68e7e6d3678203d1274ac8d805217bd05d9978c89e
5df92917936bbaf0afba96eccf802a6a1b6341e2a53b7aaed5ed3191144edd64
5e740b4c722831d9a6451a42a01ca2541e1a0c2af5718703a89bc9823c16099a
5ef8779e7af72336ec9486127cffb452632fdf597829326e426877e12a0d44da
5f1f2a7ef8041da711fb594d4ecc1b7ae3f82a6d09759d89a587fc9a487cd0de
6012e89e4c49967e8d4b8421fd0c592caa1f843cd1f39fa6a8b903376885c542
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
631e94572953a590be7d7079e785a45b7e4db745722d2f44ba1e135ba4f626d6
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65361756fbeeb484699e581dce37c9174737dc4f6cc3e9f976dbd44693ee40d7
66ecafe2221854714d3e795feb9751ec6b89b8b96990f99987bf40a7aa2b49b2
6757a12fd52365f8129db749bb2825757553fb22fbdfc4994616b6114ce79f17
67e0fa12e370d1598e43df242be5fb127cd51abeb6d69c3e8177759113a5d2d2
68eb827a2fa6f035eab41392f863522ae5dc0d4c0c31d5245362a7f1a5aed46a
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583
6e5e6fe525a6d40850c185e82c64bf8da82f39de7789c0e187ef6e27decb5067
6efff376ba34469458185579174ddd3595ccb09f50854878efaddd9fd1647acd
6faf9b3930c127b8bf7d97f22a50832b6cf0ac678e16ba6fa412e0a5ec06dc2b
7130e32e6ada0df807e9016a918a0a812efa084fd33d52dd5a0d5b891240d33f
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
79d8154317240293f367d5e0f4c141e2841d6db1b5302999bb5f1fbf5029abf4
79fe66f078bae968ef7252bf3e67190379facc5af796ddcbdca789eff5ce5476
7a65e9f8b745e7b730d37a8b45d8300a6a51880a55299caf537c5260d82fa114
7cb4132ce8217c5e3a7a9ccb99cd5374bb419ee805672f35356b935c7fab8ac8
7d3d1205750ec72f4160b8ca45412205adf94390cba984f32d235e711494baf9
7e928161cd626935d39ff08188caa3f3a918811ca87194082dedf28b697ce6fd
80488322784b81ad0527317ba5fc32b8977fb60d216430b24cb69136890bbcd3
819dd8a4df2302998904325eb89cd6b7aad1cd33d9c123733eae659374f99170
823e7b445aa5bd58ba35c95a805a29648bb3e9859670488277fec5e553294bee
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c78d4b990c2bfb88335b25a4a5bf6125c2e67d19da8caf892c0bfde1992141
8598a3a0b8a404260978093ead619554062ec66c0d934676c4faf6ad82c4ad37
87b0019f3a9fe1cca1677a7aaaa425471bc9b54aa40f87db03ce3911867704a4
880178eae5e653be3d48020632b0df258c9c5f8d1bc7d48601b0f648eb4f3e33
8b1b572ada056b0eb154aca2e96e89cdd0458e1d1900b5766cbece436c1fb373
8c77cd0cb3cc4a3f294c6b86ba5302fe3139f89758ac460e5f5fb6a6a01b5dec
8c8aa615ee5e3de8f87add35e682392f09e99b4e114c33f6efb24a5bf3177d2b
8d6de74d55908b8d6c212407a13171f2e173af54e5b4c7fbc21347a528d31da2
8d8469000ebe37310a8f2d75683b100a8e1b4ee3d2e67c7465e79722d3011f90
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
919af4fe8233b6e5b1cf873bb6308ebf900adce56ce64179d066c6837e249665
930118cf0cbea4fd3f9d87ea40c49272e91cee257433df70c8f9426a218fa750
9305f23a37ed24b85c3dbca47a88c4fad77773946047a2f34134fb0fd490da98
947d9992578adf16ba646fec7951a1c6fd42cc5f67dd928b0eb92267b801f70d
9555d4fbd401c8314068df48298ca66518c12a4c09e7711dbeb8d5f4ffd8a2da
95c338053aa80eaac1276125464d6ef78c56bc15bb17ab9e93059f7f941e7afe
9c911ab93cf6099aeeddb19cb1903d0ef838329443c3a0549c754da47f90a70a
9cb558577101c0a1082ee20c04f3b17e03dc92be5ed9f64a580d275e79aa6401
9d2e2f01e2341265d6aa3e811ab3157f01293b5192203fc2fee486001746fad9
9e3f6b77284d271aae9217087e623fef671f987bdf669960cde7696c466abd64
a0935a5cceb67e31427704dbca2ab5b032e012c9e6a15ef7e2b601eeb885a4d7
a3f5154b576adafeedbd506daab1ab3089c39ad1a08f0e5da93aeec087b339a8
a414a85699781367b328ae6a1b874f2c9fca80149dbc628d52ebb2cd39ea1706
a52d2730bc37a7efe5edf8de86777275a015e3dac7359578128aa76074dd870d
a826acf5aa782be999fff54ef2b9fed70aa8c4700156a2c504639d21d7e1dc28
a86a71557826524b5488bd7112ad640a548a420a7bf3eb57d266e336b206d1d7
a9ceafb2868aa42fab0bbd596cacbe181921ea981fcb0e90e03f4621162d2ab6
ae98b5aeeaa3f1d82c86b770cc1fd441ae770814633e986ae6eff0526e299d1e
af350de2513e7d494cd6b0bde4e7f1e8df9040376fe70c8f6741906f8aba78a8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b43d5dbba83d7fc5d50b91f3937a7da0cce2e8d21ea9a696544be5aa1a5f2561
b6a4a833d05e0e9d4a00c8e630e5a9493393d3a7323adb697761728ccab15c69
b92c8c3bd38f2fc8bdc385cdd3081a492a51037defd307929db4be340684cff2
b96aba049c7bf3c05364405b705811df4578a1c05d8fb30e410886b165b14d92
bb1e399c0710c0fac2b531ba875504a4d5c0f7fd221d54992d94275beb5b0479
bb43e7c827b28c803e3a21168bf425c51efad8ae220098b54bc1b617ab3146ba
bc6f3784815c8703fb6a2ff4640f3cbc7fbd60327f417f4aa43edf0d8f380320
bde96068f7ed9d130369053ac3513dbd5196e335013fd7c3468f7305ca8db730
bef4d26fe31527ff3c8658b7750a9cad3915d2e6c7470bac26d4da483652471d
bfdbe19653e58f1543076ce2ae3ce14f7158df605f9d7b712fe09e541d2abb4b
c6c569d61b340a87c3352602f80d90e499792b306dfa74b14e1cf72c95d09a9b
cb6d9ba8a39ac95f4709ca6df568cb4ceaa260fda65282a52bd5a695530a69c6
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
ce07d82c24047dc74aedd97815099c855af720a7ca89ebeeae2b78d3a16b7f06
ce99fff1e35c58269404843b1937099f9c9d8fb1d62b097f2f109b9778b9abee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33f6b0b120f0200bcf7ff69c32280ab47debcb1d6b331558c6311b87638521b
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d70bd35d32ee13871851e7be93a0437adbab072f4c509495adc01fe899c25f6b
d8668c2b8d78eb0abe47704e406ceef4ab86f119a1f52e133db321812333d20b
db57724615a158c45e99f9f1cd400fb3a123f7f760e158128c50c6823ca65490
dc63a2c4f6c110e42b2e9c1ba1da8a45111020bc9c434c4be77967f0205995d3
ddbd165e7808b02c2fa8b0d2587823e78fe9cf52fd4965ef8b4fa2e1c39b6112
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2101f9377e5ab12fe5f1799736149646df1a464e0578c75b29d8cde570d80
e8827f6011a4b94623db59a5b2616c70acc9309a13d5a2011a2949ae98786b90
e8de55465da05f45b3044f7c06a40d4bee9859dcad3f8c0b286db96ba58cb8ec
e91eba8da11fd3b791d86637e7573a4fca76d2a0d8ce65030a8dd6aad46f25dd
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04a2ae73a025ca7ebe2f6edcd49ae8f86b68bd54d44757106e6c2022bb6d397
f0f9f6f3c44fc3c93ef6826dab9cbb05ffbb1dec8436b7eacb87b8cd2c7ae503
f2835312483462d9c07208579dea1260f6662156c4b4640172778daa7e6c4a3c
f4d52b2f18ee8dd9761051674cb84dd5202b61ba4e8d7056b41a205791c7a61c
f6c4e4e5909bbb979100dc590af60e398f7662212bfaf19d9913a9cd4e71a484
fc0b834cbf1da15b1db4164eb42b2378ad6e5539a20f9e946f63b3e2cd0c024d

11jan.newdeaf.co Open in urlscan Pro 2a06:98c1:3120::9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

356 Requests

67 %HTTPS

22 %IPv6

72 Domains

98 Subdomains

59 IPs

10 Countries

6149 kBTransfer

15355 kBSize

139 Cookies

3 Outgoing links

Redirected requests

356 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

11jan.newdeaf.co Open in urlscan Pro
2a06:98c1:3120::9 Public Scan

Screenshot
Live screenshot

Full Image

356
Requests

67 %
HTTPS

22 %
IPv6

72
Domains

98
Subdomains

59
IPs

10
Countries

6149 kB
Transfer

15355 kB
Size

139
Cookies

356 HTTP transactions
9 data transactions