urlscan.io logo urlscan.io
SecurityTrails logo

psebay.kinoafisha.info Open in urlscan Pro
2606:4700:10::ac43:686  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://psebay.kinoafisha.info/
Effective URL: https://psebay.kinoafisha.info/
Submission: On December 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 9 countries across 67 domains to perform 324 HTTP transactions. The main IP is 2606:4700:10::ac43:686, located in United States and belongs to CLOUDFLARENET, US. The main domain is psebay.kinoafisha.info.
TLS certificate: Issued by GlobalSign GCC R3 DV TLS CA 2020 on October 26th 2022. Valid for: a year.
This is the only time psebay.kinoafisha.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2a02:6b8:a::a 208722 (GLOBAL_DC)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a02:6ea0:c45... 60068 (CDN77 ^_^)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
5 18 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 87.240.132.78 47541 (VKONTAKTE...)
7 2607:f8b0:400... 15169 (GOOGLE)
1 213.189.208.20 6903 (ZENON-AS ...)
3 143.204.144.76 16509 (AMAZON-02)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
1 2a04:4e42::485 54113 (FASTLY)
7 2a02:6b8:20::215 208722 (GLOBAL_DC)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2a02:6b8::16b 208722 (GLOBAL_DC)
1 96.46.186.57 7979 (SERVERS-COM)
19 2620:100:a001::4 19750 (AS-CRITEO)
3 195.209.111.22 52007 (ADRIVER-AS)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 2001:4860:480... 15169 (GOOGLE)
5 2a02:6b8::1be 208722 (GLOBAL_DC)
2 37.157.6.245 198622 (ADFORM)
5 13 68.67.179.155 29990 (ASN-APPNEX)
4 2620:100:a001... 19750 (AS-CRITEO)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 178.170.196.247 208677 (SBERCLOUD-AS)
2 12 104.18.33.19 13335 (CLOUDFLAR...)
2 34.205.183.92 14618 (AMAZON-AES)
2 209.205.197.154 55081 (24SHELLS)
2 3.92.156.8 14618 (AMAZON-AES)
3 108.138.124.226 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 17 52.46.130.91 16509 (AMAZON-02)
1 2620:100:a001::3 19750 (AS-CRITEO)
1 2620:100:a001... 19750 (AS-CRITEO)
6 2607:f8b0:400... 15169 (GOOGLE)
6 104.18.36.94 13335 (CLOUDFLAR...)
3 151.101.193.108 54113 (FASTLY)
6 188.72.107.205 208677 (SBERCLOUD-AS)
9 30 35.71.139.29 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2600:9000:220... 16509 (AMAZON-02)
10 10 35.211.178.172 19527 (GOOGLE-2)
4 9 52.72.250.173 14618 (AMAZON-AES)
2 23.3.115.102 16625 (AKAMAI-AS)
1 1 199.187.193.177 47043 (SMARTADSE...)
4 4 2606:ae80:145... 25751 (VALUECLICK)
4 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 74.119.119.147 19750 (AS-CRITEO)
1 2 142.250.176.198 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
10 10 15.197.193.217 16509 (AMAZON-02)
9 14 142.250.80.98 15169 (GOOGLE)
3 7 2620:1ec:21::14 8068 (MICROSOFT...)
4 4 185.167.164.37 198622 (ADFORM)
4 7 2600:1f18:4e9... 14618 (AMAZON-AES)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2 35.211.141.197 19527 (GOOGLE-2)
1 1 204.62.13.72 46636 (NATCOWEB)
1 2 172.64.154.237 13335 (CLOUDFLAR...)
2 2 35.244.159.8 15169 (GOOGLE)
1 21 192.40.39.223 27381 (CASALE-MEDIA)
2 2 68.67.160.184 29990 (ASN-APPNEX)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
2 2 15.235.43.120 16276 (OVH)
3 4 151.101.66.49 54113 (FASTLY)
4 4 54.86.146.255 14618 (AMAZON-AES)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
2 2 35.173.168.2 14618 (AMAZON-AES)
3 3 54.152.246.118 14618 (AMAZON-AES)
2 2 74.121.140.14 30419 (MEDIAMATH...)
1 1 54.87.58.125 14618 (AMAZON-AES)
2 2 52.45.33.138 14618 (AMAZON-AES)
2 2 207.198.113.86 13768 (COGECO-PEER1)
2 2 52.207.194.90 14618 (AMAZON-AES)
2 2 107.178.246.49 15169 (GOOGLE)
1 1 35.194.66.159 396982 (GOOGLE-CL...)
1 1 2620:116:800b... 14618 (AMAZON-AES)
2 2 2606:4700::68... 13335 (CLOUDFLAR...)
5 9 69.173.151.100 26667 (RUBICONPR...)
4 34.117.228.201 396982 (GOOGLE-CL...)
6 2a00:1148:db0... 47764 (VK-AS)
3 6 176.9.81.69 24940 (HETZNER-AS)
3 2a02:6b8::90 208722 (GLOBAL_DC)
3 213.87.44.187 13174 (MTSNET Mo...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 67.220.224.150 16509 (AMAZON-02)
13 2620:100:a001::a 19750 (AS-CRITEO)
3 2620:100:a001... 19750 (AS-CRITEO)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
324 73
13    2606:4700:10::ac43:686 (United States)

ASN13335 (CLOUDFLARENET, US)
psebay.kinoafisha.info
static.kinoafisha.info
8    2606:4700:10::6816:178e (United States)

ASN13335 (CLOUDFLARENET, US)
static.kinoafisha.info
5    2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yandex.ru
2    2607:f8b0:4006:824::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn-b.notsy.io
1    2606:4700:10::6816:284a (United States)

ASN13335 (CLOUDFLARENET, US)
jsn.24smi.net
2    2607:f8b0:4006:809::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
18    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com
vk.com
7    2607:f8b0:4006:823::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    213.189.208.20 (Russian Federation)

ASN6903 (ZENON-AS Moscow, Russia, RU)
PTR: unused.rusonyx.ru
widget.premieralight.ru
3    143.204.144.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-144-76.ewr52.r.cloudfront.net
c.amazon-adsystem.com
1    2400:52e0:1a00::871:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)
ym-tack.b-cdn.net
1    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
7    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
yastatic.net
7    2607:f8b0:4006:822::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
partner.googleadservices.com
2    2a02:6b8::16b (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
matchid.adfox.yandex.ru
1    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
19    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    195.209.111.22 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)
pb.adriver.ru
2    2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
ads.adfox.ru
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
13    68.67.179.155 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    178.170.196.247 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr12.segmento.ru
prebid-bidder.rutarget.ru
12    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum.casalemedia.com
2    34.205.183.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-183-92.compute-1.amazonaws.com
tlx.3lift.com
2    209.205.197.154 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
ghb2.adtelligent.com
2    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
3    108.138.124.226 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-124-226.jfk50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
2    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2607:f8b0:4006:816::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:809::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
17    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)
rtb.va.us.criteo.com
1    2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
6    2607:f8b0:4006:81d::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
6    188.72.107.205 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr05.segmento.ru
tag.rutarget.ru
30    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    2607:f8b0:4006:80d::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2600:9000:2209:d200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
10    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
9    52.72.250.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-250-173.compute-1.amazonaws.com
match.sharethrough.com
2    23.3.115.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-115-102.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    199.187.193.177 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
4    2606:ae80:1451:14::1080 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
casale-match.dotomi.com
4    2600:141b:13::17d7:82a2 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
2    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
ad.doubleclick.net
1    2600:9000:21da:7800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
10    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
14    142.250.80.98 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
cm.g.doubleclick.net
7    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
7    2600:1f18:4e9:5a07:f838:172b:9f85:e97b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
r.casalemedia.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
21    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
2    68.67.160.184 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
1    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
2    15.235.43.120 (Canada)

ASN16276 (OVH, FR)
PTR: ns5012071.ip-15-235-43.net
gu.dyntrk.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    54.86.146.255 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-146-255.compute-1.amazonaws.com
match.prod.bidr.io
1    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    35.173.168.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-168-2.compute-1.amazonaws.com
ads.creative-serving.com
3    54.152.246.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-246-118.compute-1.amazonaws.com
nep.advangelists.com
2    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    54.87.58.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-58-125.compute-1.amazonaws.com
sync.extend.tv
2    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
2    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    52.207.194.90 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-194-90.compute-1.amazonaws.com
sync.crwdcntrl.net
2    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
1    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
9    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
6    2a00:1148:db00::17 (Russian Federation)

ASN47764 (VK-AS, RU)
ad.mail.ru
6    176.9.81.69 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.69.81.9.176.clients.your-server.de
exchange.buzzoola.com
3    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
3    213.87.44.187 (Russian Federation)

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru
tech.rtb.mts.ru
2    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    67.220.224.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
13    2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)
pix.us.criteo.net
3    2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
Apex Domain
Subdomains		 Transfer
35 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.us.criteo.net — Cisco Umbrella Rank: 2257
csm.us.criteo.net — Cisco Umbrella Rank: 2215
344 KB
35 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482 Failed
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419
ssum.casalemedia.com — Cisco Umbrella Rank: 1318
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
dsum.casalemedia.com — Cisco Umbrella Rank: 1324
r.casalemedia.com — Cisco Umbrella Rank: 1283
28 KB
32 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 510 Failed
eb2.3lift.com — Cisco Umbrella Rank: 335
15 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 161
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
151 KB
24 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 296
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503
s.amazon-adsystem.com — Cisco Umbrella Rank: 273
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912
61 KB
21 kinoafisha.info
psebay.kinoafisha.info
static.kinoafisha.info — Cisco Umbrella Rank: 256292
516 KB
18 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210 Failed
acdn.adnxs.com — Cisco Umbrella Rank: 576
secure.adnxs.com — Cisco Umbrella Rank: 414
65 KB
15 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9305
4 KB
15 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
274 KB
13 yandex.ru
yandex.ru — Cisco Umbrella Rank: 1635
mc.yandex.ru — Cisco Umbrella Rank: 3663
matchid.adfox.yandex.ru — Cisco Umbrella Rank: 29362
an.yandex.ru — Cisco Umbrella Rank: 3362
209 KB
12 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 529
token.rubiconproject.com — Cisco Umbrella Rank: 563
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 957
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
17 KB
11 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139 Failed
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 408
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
5 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
6 KB
10 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
5 KB
10 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 713 Failed
rtb.va.us.criteo.com — Cisco Umbrella Rank: 4853
ads.us.criteo.com — Cisco Umbrella Rank: 2058
cat.va.us.criteo.com — Cisco Umbrella Rank: 2560
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
66 KB
9 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 487
3 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 446
rtb0.doubleverify.com — Cisco Umbrella Rank: 669
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 1716
tps.doubleverify.com — Cisco Umbrella Rank: 474
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1259
137 KB
8 rutarget.ru
prebid-bidder.rutarget.ru — Cisco Umbrella Rank: 393139 Failed
adfox-hb-bidder.rutarget.ru Failed
tag.rutarget.ru — Cisco Umbrella Rank: 84389
8 KB
7 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 367
2 KB
7 yastatic.net
yastatic.net — Cisco Umbrella Rank: 6715
175 KB
6 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 21408
2 KB
6 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
cdn.indexww.com — Cisco Umbrella Rank: 1485
5 KB
6 mail.ru
ad.mail.ru — Cisco Umbrella Rank: 9129 Failed
3 KB
6 adform.net
adx.adform.net — Cisco Umbrella Rank: 4215 Failed
c1.adform.net — Cisco Umbrella Rank: 566
3 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 353
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 adfox.ru
ads.adfox.ru — Cisco Umbrella Rank: 10576
846 B
4 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 480
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 534
1 KB
4 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4819
casale-match.dotomi.com — Cisco Umbrella Rank: 2693
1 KB
3 mts.ru
tech.rtb.mts.ru — Cisco Umbrella Rank: 40504
2 KB
3 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2390
696 B
3 bing.com
c.bing.com — Cisco Umbrella Rank: 255
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
3 adriver.ru
pb.adriver.ru — Cisco Umbrella Rank: 39341 Failed
930 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
203 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 726
s.tribalfusion.com — Cisco Umbrella Rank: 1844
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 409
796 B
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 719
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 578
1 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 434
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3857
1 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 972
1 KB
2 openx.net
u.openx.net — Cisco Umbrella Rank: 653
460 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 4042
775 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
111 KB
2 adtelligent.com
ghb.adtelligent.com Failed
ghb1.adtelligent.com — Cisco Umbrella Rank: 7405
ghb2.adtelligent.com — Cisco Umbrella Rank: 9739
586 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6196 Failed
369 B
2 vk.com
vk.com — Cisco Umbrella Rank: 5715
24 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
119 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
74 KB
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 639
511 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 759
623 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1515
546 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 710
425 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 2127
419 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2368
586 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 634
583 B
1 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 4962
329 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 655
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
473 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1736
927 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 381
1 KB
1 b-cdn.net
ym-tack.b-cdn.net — Cisco Umbrella Rank: 61349
1 premieralight.ru
widget.premieralight.ru — Cisco Umbrella Rank: 299983
18 KB
1 24smi.net
jsn.24smi.net — Cisco Umbrella Rank: 66704
29 KB
1 notsy.io
cdn-b.notsy.io — Cisco Umbrella Rank: 112970
122 KB
0 adhigh.net Failed
px.adhigh.net Failed
324 67
Domain Requested by
30 eb2.3lift.com 9 redirects cdn-b.notsy.io
eb2.3lift.com
21 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
19 static.criteo.net yandex.ru
cdn-b.notsy.io
static.criteo.net
psebay.kinoafisha.info
ads.us.criteo.com
18 static.kinoafisha.info psebay.kinoafisha.info
static.kinoafisha.info
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
eb2.3lift.com
match.sharethrough.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
15 mc.yandex.com 3 redirects psebay.kinoafisha.info
mc.yandex.ru
14 cm.g.doubleclick.net 9 redirects eb2.3lift.com
eus.rubiconproject.com
13 pix.us.criteo.net ads.us.criteo.com
13 ib.adnxs.com cdn-b.notsy.io
acdn.adnxs.com
10 match.adsrvr.org 10 redirects
10 x.bidswitch.net 10 redirects
9 match.sharethrough.com 4 redirects s.amazon-adsystem.com
match.sharethrough.com
7 pr-bh.ybp.yahoo.com 4 redirects ssum-sec.casalemedia.com
7 px.ads.linkedin.com 3 redirects eb2.3lift.com
eus.rubiconproject.com
7 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
js-sec.indexww.com
ssum-sec.casalemedia.com
7 yastatic.net yandex.ru
7 pagead2.googlesyndication.com psebay.kinoafisha.info
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 exchange.buzzoola.com 3 redirects tag.rutarget.ru
6 tag.rutarget.ru cdn-b.notsy.io
tag.rutarget.ru
6 tpc.googlesyndication.com 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 ad.mail.ru yandex.ru
tag.rutarget.ru
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
psebay.kinoafisha.info
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 ads.adfox.ru yandex.ru
psebay.kinoafisha.info
5 yandex.ru psebay.kinoafisha.info
yandex.ru
4 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
4 match.prod.bidr.io 4 redirects
4 sync-tm.everesttech.net 3 redirects ssum-sec.casalemedia.com
4 c1.adform.net 4 redirects
4 cdn.doubleverify.com ads.us.criteo.com
cdn.doubleverify.com
psebay.kinoafisha.info
4 bidder.criteo.com cdn-b.notsy.io
static.criteo.net
3 csm.us.criteo.net ads.us.criteo.com
3 tech.rtb.mts.ru tag.rutarget.ru
3 an.yandex.ru tag.rutarget.ru
3 nep.advangelists.com 3 redirects
3 cdn.indexww.com ssum-sec.casalemedia.com
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 c.bing.com eb2.3lift.com
3 acdn.adnxs.com cdn-b.notsy.io
3 js-sec.indexww.com cdn-b.notsy.io
3 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 pb.adriver.ru cdn-b.notsy.io
yandex.ru
3 c.amazon-adsystem.com cdn-b.notsy.io
c.amazon-adsystem.com
3 mc.yandex.ru 2 redirects psebay.kinoafisha.info
3 psebay.kinoafisha.info 1 redirects psebay.kinoafisha.info
2 gum.criteo.com 1 redirects static.criteo.net
2 www.facebook.com psebay.kinoafisha.info
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 sync.mathtag.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 secure.adnxs.com 2 redirects
2 u.openx.net 2 redirects
2 m.fg8dgt.com 2 redirects
2 ad.doubleclick.net 1 redirects ads.us.criteo.com
2 amazon-tam-match.dotomi.com 2 redirects
2 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
2 www.google.com psebay.kinoafisha.info
tpc.googlesyndication.com
2 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net psebay.kinoafisha.info
connect.facebook.net
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 matchid.adfox.yandex.ru yandex.ru
2 c2shb.ssp.yahoo.com cdn-b.notsy.io
2 tlx.3lift.com cdn-b.notsy.io
2 htlb.casalemedia.com cdn-b.notsy.io
2 prebid-bidder.rutarget.ru cdn-b.notsy.io
2 prebid-eu.creativecdn.com cdn-b.notsy.io
2 adx.adform.net cdn-b.notsy.io
2 vk.com psebay.kinoafisha.info
2 www.googletagmanager.com psebay.kinoafisha.info
www.googletagmanager.com
2 www.googletagservices.com psebay.kinoafisha.info
60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
1 tpsc-ue1.doubleverify.com cdn.doubleverify.com
1 mug.criteo.com
1 tps.doubleverify.com cdn.doubleverify.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb0.doubleverify.com cdn.doubleverify.com
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 cms.quantserve.com 1 redirects
1 um.simpli.fi 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 ad.turn.com 1 redirects
1 s.company-target.com 1 redirects
1 ssum.casalemedia.com 1 redirects
1 inv-nets.admixer.net 1 redirects
1 d.agkn.com ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 ssbsync-us.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 ads.us.criteo.com 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
1 rtb.va.us.criteo.com psebay.kinoafisha.info
1 partner.googleadservices.com pagead2.googlesyndication.com
1 adservice.google.com securepubads.g.doubleclick.net
1 ghb2.adtelligent.com cdn-b.notsy.io
1 ghb1.adtelligent.com cdn-b.notsy.io
1 ads.betweendigital.com yandex.ru
1 cdn.jsdelivr.net cdn-b.notsy.io
1 ym-tack.b-cdn.net cdn-b.notsy.io
1 widget.premieralight.ru psebay.kinoafisha.info
1 jsn.24smi.net psebay.kinoafisha.info
1 cdn-b.notsy.io psebay.kinoafisha.info
0 px.adhigh.net Failed yandex.ru
0 adfox-hb-bidder.rutarget.ru Failed yandex.ru
0 ghb.adtelligent.com Failed cdn-b.notsy.io
324 114
Subject Issuer Validity Valid
*.kinoafisha.info
GlobalSign GCC R3 DV TLS CA 2020		 2022-10-26 -
2023-11-27		 a year crt.sh
*.xn--d1acpjx3f.xn--p1ai
GlobalSign ECC OV SSL CA 2018		 2022-08-19 -
2023-02-16		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn-b.notsy.io
R3		 2022-12-16 -
2023-03-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-12 -
2023-09-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2022-03-18 -
2023-04-03		 a year crt.sh
widget.premieralight.ru
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2022-08-31 -
2023-02-28		 6 months crt.sh
matchid.adfox.yandex.ru
GlobalSign RSA OV SSL CA 2018		 2022-07-18 -
2023-01-10		 6 months crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2021-12-15 -
2023-01-15		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.adriver.ru
GlobalSign GCC R3 DV TLS CA 2020		 2022-04-05 -
2023-04-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.adfox.ru
GlobalSign RSA OV SSL CA 2018		 2022-10-26 -
2023-04-07		 5 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.rutarget.ru
RU-CENTER High Assurance Services CA 2		 2022-02-28 -
2023-02-28		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-06 -
2023-03-06		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2022-12-06 -
2023-03-06		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.va.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-18 -
2023-03-15		 3 months crt.sh
*.us.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-12 -
2023-03-10		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-11-08 -
2023-05-03		 6 months crt.sh
*.mail.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-11-19		 a year crt.sh
bs.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-21 -
2023-04-21		 6 months crt.sh
*.rtb.mts.ru
Thawte RSA CA 2018		 2021-12-21 -
2023-01-19		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.us.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-07 -
2023-02-07		 3 months crt.sh

This page contains 36 frames:

Primary Page: https://psebay.kinoafisha.info/
Frame ID: AAF79DB5F1FE83D9A1115CBEC15B88A1
Requests: 139 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: FC02F61317EA91046078CF697518D1F6
Requests: 1 HTTP requests in this frame

Frame: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 20257CF5C8EF7F92933C94CD2550EDC3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1644183505536739&output=html&adk=1812271804&adf=3025194257&lmt=1671883077&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671883075138&bpp=21&bdt=3070&idt=2295&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5177604747862&frm=20&pv=2&ga_vid=948821434.1671883077&ga_sid=1671883077&ga_hid=1553457476&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794&oid=2&pvsid=4114410815217459&tmod=193605833&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2369
Frame ID: 3C9E41F32E102D7E6A34F551044E9043
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Frame ID: 9041CE2F3DBD536C789DC92FCA9687ED
Requests: 1 HTTP requests in this frame

Frame: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 28508AE5C2AFCFFD92395A6A1EE4F1BA
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Frame ID: 0FC732B106FBEB8A5DF6BAAA505395FB
Requests: 39 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: A5D96E067A129A4671D56F2D8EEFDC5A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B84E3F18CA985BCF6C853C04B587D00E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 39FBF454A35CB075A72524FBBC78EB37
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 77535AFE8659581C714683B916D95F09
Requests: 3 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Frame ID: 8FDF7BF10DB0606C8446E8D44773134D
Requests: 1 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Frame ID: 10133914F79B8E104E7A936072C0AFB6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 75A1B18E6873361C1B32097973794E34
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 87BC247D997F0562DAC6C5A2267613D2
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 3C975CD287936EFF6FF2FF7F18976B9A
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 740E40C174FBAD1BFA70E1094C4C531D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 433AA083E04BABA587238D545934B8BB
Requests: 3 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Frame ID: C2E0593DFFFEF82F800E0C854C32DC4B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 265B7C001702340D5C5EDCF4D9A9D26F
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 7ED23C123001F7DD1432F4921BC367F3
Requests: 10 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Frame ID: DF3A81CD48A6603319D35F50CEF3E5DB
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 4321C7FC08DA609657782F73025DC2EB
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7164937848874519873&gdpr=0&gdpr_consent=
Frame ID: 6FE56A6833B8E4DBE95AE4DAAB43504A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFsmnL1pa9XgNEFvpnAAAAAAA&expiration=1671969479&is_secure=true
Frame ID: 603D67E1E7AEF52B4BDCBDA80F2FB333
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 06A72B3159A693C40CA9AD61F7FEBC3E
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 207CFEEC0E368F226EC51CD9D374BFE1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 61DFFD7AC93E45A06304FEE1FA4D8777
Requests: 10 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Frame ID: D7DF7B49BCB468F602393F884380FF1D
Requests: 6 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Frame ID: AC128468A35745DBCE063BC7B70C5276
Requests: 6 HTTP requests in this frame

Frame: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Frame ID: 90A7ED5DD1F2002FD892AB1CAA99F6A0
Requests: 6 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3326.js
Frame ID: 6ECC6CCD3A1C736063D76E62DC85956E
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 33B6D024479ADF45589C3363F1B1ED3C
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=psebay.kinoafisha.info
Frame ID: 7EEB28626B09DF2ADB6804DE60E19AFF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E16052A995B6EFEAD84FD9C9F0BB3F29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F785223D983BE121095BA84DF66E6513
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Киноафиша — все о кино и кинотеатрах . Фильмы и афиша кинотеатров

Page URL History Show full URLs

  1. http://psebay.kinoafisha.info/ HTTP 301
    https://psebay.kinoafisha.info/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swiper(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

324
Requests

73 %
HTTPS

45 %
IPv6

67
Domains

114
Subdomains

73
IPs

9
Countries

2588 kB
Transfer

7527 kB
Size

104
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://psebay.kinoafisha.info/ HTTP 301
    https://psebay.kinoafisha.info/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9862.si7BdqXgP154EBLehjzYhyFllaw7RdY3zRPo7E3Qj274y9p4KcjQzj6SgDr01v6y.2ov4nuiiow6SRDCzN1sRXcewAYU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9862.4B-QKImPC9Avu9RbdWRpJBvty94-Gyra_Ybdgm1z4cFWCb26Kg1dGRxYdGR0ccGIZRwyc3LKW_8w1hnhcRImQIZhplYm1e4wdq68SSu_PVrpkAopRI45dgefaTo5f2daT0Zc9yeXsDAxK_MqROQGUn-LdR50oHbKiyFtZzM0sjgdGm8PjDsbVL2z_gKB-_cfK_MAaYIbRCSGK7MfJdQF4Q%2C%2C.ebFnuqDudqvD7tUlAbFZDWyLYi8%2C
Request Chain 105
  • https://mc.yandex.com/watch/28763351?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115755%3Aet%3A1671883075%3Ac%3A1%3Arn%3A643837917%3Arqn%3A1%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C225%2C587%2C304%2C1122%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883078%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115755%3Aet%3A1671883075%3Ac%3A1%3Arn%3A643837917%3Arqn%3A1%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C225%2C587%2C304%2C1122%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883078%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 108
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Request Chain 135
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 137
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 141
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 142
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9862.sS7y1dtcugzLOyeL6VeBR1W6xY8edumpUifsbXFkMHEROyJdTKnDZRQcGCkSOKnj.eL1-PKPDHkIv-ri9F4jo2HMGyOM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9862.movmfq4hH9I57dlFwzhcgGf8zXonzkw6VKSfic43KZsy-CbFA_EKOBTun6FRO9o_eyL7JxpDaTG0ePNMBFTX-e_aZQESl6jxgXYiR_xuRoxbbve7dLkjQBFkHzZSrFMuV1Kr72wAmmc9ig20r8ifqtdhPM1B0r61u_CFgb76uD3ORip_iA0bowsyjVRVhKNqGdbYkIaKTBaysMwl0K4XahGJDNaaaasxn5ivoPzTOS0%2C.ATlucDDJhEVH8aGUWVfHHdAPcBg%2C
Request Chain 148
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=9537df75
Request Chain 149
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=57d864d6-23b8-4d41-b351-7c97eba1ca9f
Request Chain 151
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 154
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7164937848874519873&gdpr=0&gdpr_consent=
Request Chain 155
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7f24344b6bb51009&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFsmnL1pa9XgNEFvpnAAAAAAA&expiration=1671969479&is_secure=true
Request Chain 163
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CNHQ4eiZkvwCFZPcyAodLa0B8w;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=
Request Chain 165
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 169
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Request Chain 170
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 172
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Request Chain 173
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 174
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8796180841940499808&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 175
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Qur5XcBE2oQ0Gh1BMNg_gYA.z8hotlDg0zIc5IYeWg--~A&dongle=0883
Request Chain 178
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 179
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Request Chain 180
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 181
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 182
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Request Chain 183
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 184
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent= HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=27338996-65d8-492b-b578-ce7416c7e5ab HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 185
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ee5I88tE2oSGdL6fRICrJ3iPlWsTSkKacOarsxgDqg--~A&dongle=0883
Request Chain 188
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Request Chain 190
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 192
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Request Chain 193
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Request Chain 194
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtriplelift%26bsw_param%3D57d864d6-23b8-4d41-b351-7c97eba1ca9f%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=df3ad13ec7fa48a7a0fd64f3b2e82e03&ssp=triplelift&bsw_param=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 195
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-M4BQT5hE2oQcWV4cS1ARwQa4tSXeeGXCLn7CG1Pc2w--~A&dongle=0883
Request Chain 198
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 201
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
Request Chain 202
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
Request Chain 203
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__ HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
Request Chain 204
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=17c4857a-f7c3-079b-20fe-bd2e27564532
Request Chain 205
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 210
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bpR4Rjv-Yj0TMnThmtTgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHmLV8knku-H7zZWY3tORc&google_cver=1
Request Chain 211
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELarWZ-W7oWwohrK1bP3EBs&google_cver=1
Request Chain 212
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
Request Chain 213
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Request Chain 214
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687607882&external_user_id=0e0515f4-4437-4258-9710-dc8a281661f1
Request Chain 215
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2433049645475493699
Request Chain 216
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_63a6e9497771c&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_63a6e9497771c
Request Chain 219
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGXjZCSQAo
Request Chain 220
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJ2E7HTdMAACMzZ9S4ng&expiration=1673092684
Request Chain 221
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3099051828667121746
Request Chain 222
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=57d864d6-23b8-4d41-b351-7c97eba1ca9f HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=57d864d6-23b8-4d41-b351-7c97eba1ca9f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=92b78522-1846-4c5f-8de9-56939e87f7b2&ssp=index&expires=30&user_group=5&bsw_param=57d864d6-23b8-4d41-b351-7c97eba1ca9f HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=&gdpr_consent=&us_privacy=
Request Chain 224
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b47d53c-74df-4832-90f9-3f59f68aa2fd
Request Chain 225
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c31763a6-e94b-4300-a771-df7566e946df
Request Chain 228
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGYF1CVAAo HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bpSQAGYF1CVAAo&_test=Y6bpSQAGYF1CVAAo
Request Chain 229
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=65b363a6-e94b-4600-b0df-a712b8ec0f57
Request Chain 230
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACV5E7HTdMAACRffGFHqQ&expiration=1673092683
Request Chain 231
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8078496350235601523&expiration=1673092683
Request Chain 232
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2d64a9bc-2de5-4e6e-a61e-2d1bc5f9ca77
Request Chain 233
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0f3a2e0d-2f5b-4e79-92e4-2ae98dff1a02
Request Chain 234
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Request Chain 236
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
Request Chain 237
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=705130ca929e140f&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFsmnL1pa9gwN5dA2PAAAAAAA&expiration=1671969481&is_secure=true
Request Chain 238
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=
Request Chain 239
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71C96DD3B63944F78E395A3509F86493
Request Chain 240
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8baef51-a0ad-4821-8e0b-6f64a9421778
Request Chain 241
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JZnGN3aTk2A-ycU4cZqKZCvIxTY-nsQzJp0qk252
Request Chain 242
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662275961411351
Request Chain 243
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
Request Chain 258
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl HTTP 307
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Request Chain 263
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl HTTP 307
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Request Chain 268
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl HTTP 307
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Request Chain 274
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LC1W0R9O-9-J315 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LC1W0R9O-9-J315&ex=d-rubiconproject.com&status=ok
Request Chain 277
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWJiNmI0NWQwNzBmZGQzM2ZiZjE3YjY5MzM4ZDgwNzkxZmFiMDEyZQ
Request Chain 278
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DnzAr6yyJLikhc-bkSDymQ?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LaAer2FE2oL.Cm9ARvi5lkZm6wYMweQtU1KMvg--~A
Request Chain 279
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9MWU6AuITlOB2gcbvA13Uw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9MWU6AuITlOB2gcbvA13Uw
Request Chain 280
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=&expires=30
Request Chain 281
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1W0R9O-9-J315
Request Chain 283
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY2XeR9rPsDf9qDlublB64&google_cver=1
Request Chain 284
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxVzBSOU8tOS1KMzE1
Request Chain 316
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kinoafisha.info&sn=ChromeSyncframe&so=0&topUrl=psebay.kinoafisha.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9rTCNXx4eUVOWGtyd08vQi8wV0tGc3Q4SjA3TmRlaWlxK1d3aytjQXQ4eXdUcjJjVGMvakhDUWNIMXdTbTVMYnhlWTV6ZHp5TitvMVdhNTdoY1JGZTdMK28zMkdwRS93TlNNZS9paDQ2MDUweGFQNk45VGlSRTRaVGVmTVBaaENpRUd3Uk1mcWVqSnNyZHR6RWp4R0dDMTZJd2ZTbnZFZmhYYTNRU25NSW5xUFlBcXFUVEZFVmxRMVBvSWZram0zRlVHNW00NGxlNllzVk9YSjNESU01SldrejcxUzgreE9oenpjeVJHVTM5MUdhTHplVkdZVjZPTk5nZjJ0cVJTQWt0R25mT0ZKUU9WdS8wanArOUNvM3pnSE43Zz09fA&cppv=2

324 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
psebay.kinoafisha.info/
Redirect Chain
  • http://psebay.kinoafisha.info/
  • https://psebay.kinoafisha.info/
369 KB
79 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b79a82e752999143ce1719ed45d3d951446203697e1bdc142147bb4cccee9b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77e9296a7d7a13eb-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 11:57:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding User-Agent

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
77e92966cf708114-ORD
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 24 Dec 2022 11:57:50 GMT
Location
https://psebay.kinoafisha.info/
Server
cloudflare
Transfer-Encoding
chunked
base.js
static.kinoafisha.info/static/assets/js/ 		109 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/base.js?20221223033256164c02344652dcf590567d0f357ae390
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a4d4402cb6d86ad4d367ba47775afd5f46f8e99fd6adc7a896bf668c383d460

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 23 Dec 2022 00:32:56 GMT
server
cloudflare
etag
W/"63a4f738-1b372"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e929738c33e26e-ORD
expires
Sun, 24 Dec 2023 11:57:52 GMT
context.js
yandex.ru/ads/system/ 		423 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/context.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
6b1e8742e5f73c7a04901f74f9379ff87573e9958948ecc940c154fd59ee0c0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1671883072819327-10361530360240960415-sas2-0782-sas-l7-balancer-8080-BAL-8713
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 24 Dec 2022 12:57:52 GMT
header-bidding.js
yandex.ru/ads/system/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/system/header-bidding.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
99f821edf87404750ccdce8cd0f4306ab91cf4db0d4bdb39dfdbab62c9f4c179
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-encoding
br
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1671883072828304-755095207642343856-sas2-0782-sas-l7-balancer-8080-BAL-815
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Sat, 24 Dec 2022 12:57:52 GMT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a1423b6437b397c09fba356e10ab602f6dba728f70520c56df82fd7b5fe23e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27531
x-xss-protection
0
server
sffe
etag
"1430 / 40 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 24 Dec 2022 11:57:53 GMT
ym.js
cdn-b.notsy.io/kaf/ 		386 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-b.notsy.io/kaf/ym.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
9448caca6957402ef4d18611667741a95658405db08781fb52758f47ed697a8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
DE-169
cdn-cachedat
12/15/2022 07:38:46
cdn-pullzone
139012
last-modified
Thu, 15 Dec 2022 07:37:31 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
332
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"639acebb-60865"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control
public, max-age=86400
cdn-requestid
f95f4e1c39d95eae8258c806eaa7ac71
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
smi.js
jsn.24smi.net/ 		92 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsn.24smi.net/smi.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:284a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c006c7645e06982dc31e1890ff87a6e665f9a87c54bebf7e76422b63ff625476
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
strict-transport-security
max-age=0
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 14 Sep 2022 11:47:07 GMT
server
cloudflare
age
330
etag
W/"6321bf3b-16f76"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cf-ray
77e92976ebcb2246-ORD
expires
Sat, 24 Dec 2022 11:58:42 GMT
base.css
static.kinoafisha.info/static/assets/css/ 		482 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/css/base.css?20221223150850a5c7f63845e3907a728fee1501951e9e
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1a1ef71bcc5311a7d18cb4b715282cd81a37efd5b4b16f3ed3414a40d01e75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:52 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 12:08:50 GMT
server
cloudflare
age
85582
etag
W/"63a59a52-7864a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e92974cdf013eb-ORD
expires
Sat, 23 Dec 2023 12:11:30 GMT
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21667993-5
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b48d8c4437d282b4fc5b5edefca1649fd1133799fac4a175462291a7c4c53e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 11:57:53 GMT
watch.js
mc.yandex.ru/metrika/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
5daddcea0d13b6e6de5f3e22cfbd338a69c94a93d437bdbc88422b276ec9e98d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Dec 2022 11:05:15 GMT
etag
"63a5613b-e324"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58148
expires
Sat, 24 Dec 2022 12:57:53 GMT
openapi.js
vk.com/js/api/ 		104 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?169
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx /
Resource Hash
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
x-frontend
front225207
last-modified
Fri, 02 Dec 2022 07:14:40 GMT
server
kittenx
etag
"6389a5e0-5b16"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
23318
expires
Wed, 28 Dec 2022 11:57:53 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b8a319aa3a60c148a2ee35d8904b4b5c4bca11c2bc7fbfbfff2a5a2b017d12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49436
x-xss-protection
0
server
cafe
etag
6601206285676769040
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:53 GMT
email-decode.min.js
psebay.kinoafisha.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://psebay.kinoafisha.info/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
77e929758ec813eb-ORD
expires
Mon, 26 Dec 2022 11:57:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3368346192474608
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88c953cdc6c26bf2e8b4dbd2c40c31dc267e4abc0abd080b59ee5064e7331771
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49459
x-xss-protection
0
server
cafe
etag
16964598055103565114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:53 GMT
module.js
widget.premieralight.ru/static/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.premieralight.ru/static/js/module.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.189.208.20 , Russian Federation, ASN6903 (ZENON-AS Moscow, Russia, RU),
Reverse DNS
unused.rusonyx.ru
Software
nginx/1.22.0 /
Resource Hash
d18a2dc53eefab7c166340605fb398a07220d2954c89a882e420e2ccf6efde88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:57:54 GMT
Last-Modified
Wed, 08 Mar 2017 14:46:08 GMT
Server
nginx/1.22.0
ETag
"58c01930-461f"
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17951
Expires
Sun, 25 Dec 2022 11:57:54 GMT
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73d8c98b86143e9d271f10f79e337994a1a9d967b422168697e7423cba3806aa

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		326 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9798cea005aac4333203616f34c5eb42c280d1964703c9bac73e84013cdd9125

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
okko.woff2
static.kinoafisha.info/static/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/fonts/okko.woff2
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7444f8b2cca0e59929913024a2cbdb33d7301b06407f94d62f5f2e5a835ac637

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:53 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Oct 2020 13:27:29 GMT
server
cloudflare
etag
"5f75d941-7dec"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e929758dbde26e-ORD
content-length
32236
expires
Sun, 24 Dec 2023 11:57:53 GMT
truncated
/ 		176 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb7d191eeade124bcf4fe9ebeff0da9575e6410937eb4eda086dee632dca1cf8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Notice.js
static.kinoafisha.info/static/assets/js/plugins/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/plugins/Notice.js?6
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11a476d160d9ea7afb0055f2dda17cc9619a5e8ff11329f7ebb3e01c94431ca7

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:54 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 23 Dec 2022 00:32:56 GMT
server
cloudflare
etag
W/"63a4f738-adb"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e9297fccc7e26e-ORD
expires
Sun, 24 Dec 2023 11:57:54 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:19:07 GMT
content-encoding
gzip
via
1.1 478e42d78af3de35728ba409bf63e348.cloudfront.net (CloudFront), 1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:57 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, EWR52-C2
age
2329
x-amz-server-side-encryption
AES256
etag
W/"b2496fcafcf1daf6223aefe99a0cf048"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IDtDlXuUJbkdNJoNWRTFak5YaKZ_t1Tmaf8mwLTO2jYP7dYX87zcQg==
page_view
ym-tack.b-cdn.net/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://ym-tack.b-cdn.net/page_view?KAF;desktop;;main_page_desktop;bcd654|ecea88
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::871:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221224
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 24 Dec 2022 11:57:55 GMT
x-content-type-options
nosniff
content-encoding
gzip
age
28624
x-jsd-version
1.0.1565
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
915
x-served-by
cache-fra-eddf8230021-FRA, cache-chi-klot8100106-CHI
x-jsd-version-type
version
etag
W/"66b-ZZBiAq4leosWkAmBbT+TGz5SwcE"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
/
adx.adform.net/adx/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
cdb
bidder.criteo.com/ 		0
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
0
bid
prebid-bidder.rutarget.ru/ 		0
0
cygnus
htlb.casalemedia.com/ 		0
0
auction
tlx.3lift.com/header/ 		0
0
/
ghb.adtelligent.com/v2/auction/ 		0
0
bidRequest
c2shb.ssp.yahoo.com/ 		0
0
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
0
1c0942547d39e10f5f56.js
yastatic.net/partner-code-bundles/699404/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/699404/1c0942547d39e10f5f56.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a357b148cc11734eef438631edf3192edce69cfccd492b949cb3a29098f1af38
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4802
last-modified
Thu, 22 Dec 2022 16:09:34 GMT
server
nginx/1.17.9
etag
"795555e6f6695c5ec9ce2103cfa81100"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:33:24 GMT
c7aa42eafed386fe8b21.js
yastatic.net/partner-code-bundles/699404/ 		108 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/699404/c7aa42eafed386fe8b21.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
8aa6099de746bac671c1ae7b20cc24d3c1078599243e1a68d8d8370fdf7f7eac
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
23633
last-modified
Thu, 22 Dec 2022 16:09:35 GMT
server
nginx/1.17.9
etag
"ad06dce7ea2a1d834aa09b553c2e130e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:33:24 GMT
host.js
yastatic.net/safeframe-bundles/0.83/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.83/host.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8878
last-modified
Wed, 03 Nov 2021 13:42:58 GMT
server
nginx/1.17.9
etag
"f80882bf67cf261aa08d636da095149a"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:29:12 GMT
text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 		25 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
26004
x-amz-meta-owner
{"role":"admin","login":"4eb0da"}
last-modified
Mon, 25 Apr 2022 14:02:39 GMT
server
nginx/1.17.9
etag
"7f0cdaf91230f9789ca4162aedff612e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
f84157966debb945
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 17:43:16 GMT
844c65d3a306f3a59839.js
yastatic.net/partner-code-bundles/699404/ 		482 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/699404/844c65d3a306f3a59839.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0edce35472c84713f71d2cbb070f6a937aebc724a3832de1f7b5b2f4649e23c4
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
99761
last-modified
Thu, 22 Dec 2022 16:09:34 GMT
server
nginx/1.17.9
etag
"b5163f374bc79cbfce0c6938d819acc1"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:33:27 GMT
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 21:41:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 21:41:21 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		358 B
792 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=psebay.kinoafisha.info
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9669df55c5eeff2125e63d5e718cb9774b9f24e6e75e62ea5f6b30471c666aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
156
x-xss-protection
0
expires
Sat, 24 Dec 2022 11:57:55 GMT
getcookie
matchid.adfox.yandex.ru/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://psebay.kinoafisha.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, accept-language, cache-control, content-type, dnt, origin, x-requested-with
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://psebay.kinoafisha.info
content-length
0
date
Sat, 24 Dec 2022 11:57:56 GMT
timing-allow-origin
*
x-content-type-options
nosniff
getcookie
matchid.adfox.yandex.ru/ 		240 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://matchid.adfox.yandex.ru/getcookie
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::16b Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
46d9ea68acb20f401c1706f687a264178ec656fdd7a02d0cd2c0b06c30b66908
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://psebay.kinoafisha.info
date
Sat, 24 Dec 2022 11:57:57 GMT
access-control-allow-credentials
true
x-content-type-options
nosniff
timing-allow-origin
*
content-length
240
content-type
application/json
b887192c4a62fd372984.js
yastatic.net/partner-code-bundles/699404/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/699404/b887192c4a62fd372984.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
49ff3d3ca4ef2a15c80d4b4fbc53afb7cf4415ce7d980ba3dbda71d2a449da7e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
3550
last-modified
Thu, 22 Dec 2022 16:09:34 GMT
server
nginx/1.17.9
etag
"83fbd9cee65d16bda8b0ab946695f64e"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:33:45 GMT
efa2fa09942f7156cbe9.js
yastatic.net/partner-code-bundles/699404/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/699404/efa2fa09942f7156cbe9.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4aaf8de75d9426bfc8ae67cda554cab8399c74a619daaf024e9c8f11006deeb7
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8356
last-modified
Thu, 22 Dec 2022 16:09:35 GMT
server
nginx/1.17.9
etag
"42f5bc2606f452160436e3db22784633"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 23 Dec 2052 18:30:25 GMT
/
ad.mail.ru/hbid_yandex/ 		0
0
bid
adfox-hb-bidder.rutarget.ru/ 		0
0
adjson
ads.betweendigital.com/ 		11 B
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=adfox
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
publishertag.js
static.criteo.net/js/ld/ 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-1e444"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:57:56 GMT
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Pragma
no-cache
Date
Sat, 24 Dec 2022 11:57:56 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
yandex_hb
px.adhigh.net/rtb/ 		0
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0317ace639ebb7dc528e63e0841d1fb9721a6aed47510690d303664d527a5939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119958
x-xss-protection
0
server
cafe
etag
7605452894679885014
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:56 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame FC02 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1644183505536739
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
51308
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 21:42:48 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 21:42:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 11:57:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ONkvLGXMbyfE8WdTlzXIcrt5Aemyqx+tyqmxD/Kpik43tNsG3gN7KblXtfGc/1JnKSi/Juoon7RUu6wGexEXOw==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21667993-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
180c12f21709e9ea1f2433c1f1f74e240d1d66864b914db6bc8fa9e42aea8080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76929
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 24 Dec 2022 11:57:55 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21667993-5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Dec 2022 10:30:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5239
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sat, 24 Dec 2022 12:30:37 GMT
rtrg
vk.com/ 		49 B
575 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-1133887-eLWww&metatag_url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&metatag_title=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-132-240-87.vk.com
Software
kittenx / KPHP/7.4.112956
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
x-frontend
front225207
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.112956
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9862.si7BdqXgP154EBLehjzYhyFllaw7RdY3zRPo7E3Qj274y9p4KcjQzj6SgDr01v6y.2ov4nuiiow6SRDCzN1sRXcewAYU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9862.4B-QKImPC9Avu9RbdWRpJBvty94-Gyra_Ybdgm1z4cFWCb26Kg1dGRxYdGR0ccGIZRwyc3LKW_8w1hnhcRImQIZhplYm1e4wdq68SSu_PVrpkAopRI45dgefaTo5f2daT0Zc9yeXsDA...
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9862.4B-QKImPC9Avu9RbdWRpJBvty94-Gyra_Ybdgm1z4cFWCb26Kg1dGRxYdGR0ccGIZRwyc3LKW_8w1hnhcRImQIZhplYm1e4wdq68SSu_PVrpkAopRI45dgefaTo5f2daT0Zc9yeXsDAxK_MqROQGUn-LdR50oHbKiyFtZzM0sjgdGm8PjDsbVL2z_gKB-_cfK_MAaYIbRCSGK7MfJdQF4Q%2C%2C.ebFnuqDudqvD7tUlAbFZDWyLYi8%2C
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9862.4B-QKImPC9Avu9RbdWRpJBvty94-Gyra_Ybdgm1z4cFWCb26Kg1dGRxYdGR0ccGIZRwyc3LKW_8w1hnhcRImQIZhplYm1e4wdq68SSu_PVrpkAopRI45dgefaTo5f2daT0Zc9yeXsDAxK_MqROQGUn-LdR50oHbKiyFtZzM0sjgdGm8PjDsbVL2z_gKB-_cfK_MAaYIbRCSGK7MfJdQF4Q%2C%2C.ebFnuqDudqvD7tUlAbFZDWyLYi8%2C
date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
hb
ads.adfox.ru/ 		311 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adfox.ru/hb
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/header-bidding.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
c7a1a339857bd66246666858a4f29747a8eb1b0cb8e0c21e458826ff19020e2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref=/w3c/w3c.p3p, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
access-control-allow-origin
https://psebay.kinoafisha.info
content-type
application/json
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 23 Dec 2022 11:05:15 GMT
etag
"63a5613b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 24 Dec 2022 12:57:56 GMT
newMSearch.js
static.kinoafisha.info/static/assets/js/plugins/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/plugins/newMSearch.js?5
Requested by
Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20221223033256164c02344652dcf590567d0f357ae390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e52ed875f727b75380e284e0fd4a241e2b760f87b2489fbda68ce5d578512e6d

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 01 Jun 2022 14:36:35 GMT
server
cloudflare
etag
W/"62977973-b04"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e92988aaa6e26e-ORD
expires
Sun, 24 Dec 2023 11:57:56 GMT
FilmSlider.js
static.kinoafisha.info/static/assets/js/plugins/ 		1 KB
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/plugins/FilmSlider.js?4
Requested by
Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20221223033256164c02344652dcf590567d0f357ae390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75303046884e18e0f63d9a587ccd73cbbd3f1eb37a90c1c799e48906ed614585

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 06 Oct 2022 14:50:03 GMT
server
cloudflare
etag
W/"633eeb1b-539"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e92988aaa7e26e-ORD
expires
Sun, 24 Dec 2023 11:57:56 GMT
/
adx.adform.net/adx/ 		5 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTg2NTUwNyZ0cmFuc2FjdGlvbklkPTQwYTY5ZjFhLWJkOTYtNDdhYi04MDYxLTBmYzg0ZjEwYzk4YiZyY3VyPVVTRA%3D%3D&pt=gross&stid=3dca948e-4b39-4bb9-9e0d-8cf58d7fbe4d&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:57:56 GMT
AN-X-Request-Uuid
27d36d8c-3e7b-40a4-8c7f-94143d91b000
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=35971261177
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 11:57:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://psebay.kinoafisha.info
date
Sat, 24 Dec 2022 11:57:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
prebid-bidder.rutarget.ru/ 		11 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-bidder.rutarget.ru/bid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.170.196.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr12.segmento.ru
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 11:57:56 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Rutarget-SameSite-Cookie
true
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name,Authorization
Content-Length
11
cygnus
htlb.casalemedia.com/ 		36 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=641471&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22319c427e32d308%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpsebay.kinoafisha.info%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22168e6a64-04fb-4d8d-aee3-25b606b47778%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2232ef710b9ca4653%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641471%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232ef710b9ca4653%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641471%22%2C%22sid%22%3A%22240x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232ef710b9ca4653%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641471%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2232ef710b9ca4653%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641471%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9502b4e6736461a6d237d3c71e512a98a8c217c11c5dbb0574c7a40f6e2f532a

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4t5eqzl5psNN64m9ZdZNo7l6exAaUQxCOD6hsX58mOmX2vUl1vcZQ88ecFqnTiZ2rMVKiTqL%2FPIUdz7iBEQJhMF2NfcjGPj71Oaivqk%2FipgEKQDRsAp2flnxH27Thrg2uXvKJKk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e92988ca3f22c9-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
auction
tlx.3lift.com/header/ 		19 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fpsebay.kinoafisha.info%2F&tmax=1000
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.183.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-183-92.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
accept-ch
sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 11:57:56 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
2
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699050176763cf9053f44170f00ad&pos=8a9690a6017676422dd843f974270019&cmd=bid&secure=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e7f9b142fccc95c741cc88f005d366a180e22bf7500e484c089fffeb1615087e

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
content-length
62
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Pragma
no-cache
Date
Sat, 24 Dec 2022 11:57:56 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
adx.adform.net/adx/ 		5 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?rp=4&bWlkPTkxMDA0NCZ0cmFuc2FjdGlvbklkPWNmYWIyNWZiLTMyNDEtNDRjZS04YmI2LWU1M2I0Y2I0MGY2NyZyY3VyPVVTRA%3D%3D&pt=gross&stid=32e2c775-8ba6-4eb5-8c60-522569e0aace&fd=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		19 B
834 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:57:56 GMT
AN-X-Request-Uuid
3188ccbe-7835-4b8a-b462-77ad41695b85
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=87572729486
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 11:57:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
184 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://psebay.kinoafisha.info
date
Sat, 24 Dec 2022 11:57:56 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
prebid-bidder.rutarget.ru/ 		11 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-bidder.rutarget.ru/bid
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.170.196.247 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr12.segmento.ru
Software
nginx /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 11:57:56 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS, PUT, DELETE
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Rutarget-SameSite-Cookie
true
Content-Type
application/json
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Ssp-Name,Authorization
Content-Length
11
cygnus
htlb.casalemedia.com/ 		37 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=641472&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225182bd21e92c634%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpsebay.kinoafisha.info%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A3%2C%22msi%22%3A3%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22168e6a64-04fb-4d8d-aee3-25b606b47778%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22529906ce63b5811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641472%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22529906ce63b5811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641472%22%2C%22sid%22%3A%22240x400%22%7D%2C%22banner%22%3A%7B%22w%22%3A240%2C%22h%22%3A400%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22529906ce63b5811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641472%22%2C%22sid%22%3A%22160x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A160%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22529906ce63b5811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641472%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad1fbf2418eb4fd8d812d04bbf4c0d1b46306ecf13b93e1c5fd86186d238e13

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sdLSTSHpXJ35wyG4DaIrk%2BTzrMQ9%2BBWhSkMSjWj32dqJ4YCxkPZiqyvu3qCM4MIceK2Re58O7kje%2F0pef0rCK5IxWZcIoUuvPSqPZ2RCA2RmvtuHTBHgvJ%2Bhig9kmZ2YpPcmR3uC"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77e92988ca4022c9-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
auction
tlx.3lift.com/header/ 		19 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fpsebay.kinoafisha.info%2F&tmax=1000
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.183.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-183-92.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
accept-ch
sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform
x-auction-status
12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
ghb2.adtelligent.com/v2/auction/ 		2 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
209.205.197.154 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Dec 2022 11:57:56 GMT
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
2
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699050176763cf9053f44170f00ad&pos=8a969cb001767642293443fe21390018&cmd=bid&secure=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
cc7107321f11546be5033936b4f2dd0f7e62a648ad4786b6646044165903257f

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
content-length
62
bid.cgi
pb.adriver.ru/cgi-bin/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.209.111.22 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://psebay.kinoafisha.info
Pragma
no-cache
Date
Sat, 24 Dec 2022 11:57:56 GMT
Cache-control
no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
yandex.ru/ads/adfox/275464/getBulk/ 		211 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/275464/getBulk/v2?dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&date=2022-12-24T11%3A57%3A55.560%2B00%3A00&pd=24&pdh=1200&pdw=1600&pr1=3241730037&pr=3841013284&prr=&pv=11&pw=6&extid_loader=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&extid_tag_loader=psebay.kinoafisha.info&ylv=0.699404&ybv=0.699404&ytt=6598680641541&is-turbo=0&skip-token=&ad-session-id=3822821671883075572&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1030%2C%22h%22%3A0%2C%22width%22%3A1030%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A118%2C%22top%22%3A5094%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=699404&available-width=1030&yaru=true&p1=ctewa&p2=ghpj&puid5=1920&slotNumber=1&bids=W10%3D&utf8=%E2%9C%93&duid=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&pcode-test-ids=657519%2C0%2C13%3B204184%2C0%2C8%3B685674%2C0%2C13%3B693968%2C0%2C16%3B695861%2C0%2C32%3B695360%2C0%2C25%3B696080%2C0%2C1%3B697100%2C0%2C37&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxed3l%2FyjZIom7BEaiTlxCkKwk3dxFiSDolTZCv633eUZEeSHbrpBgSBbeieO%2FLunntO3ydkShnHqiRC4ExlSCJVIY5KoXLG1YJkmClCVcrKhE3OPnyffFvdPq0nZ5P181%2BTd5Pt%2BnFLPsNXP7Y835%2F8%2BPhuskBCcfxHjYVUixJVKuesVCgTA3vJa9wHCOzQiawGAFOUFHjkHD7khBKJIb50LmZMqnMiZ6yWCkHsUpiiC3w%2FiNw3g%2F8fyKgoVMVZVqdSHLp5GzQGyDfmpQei8wI%2BzyEVqkAJLhooAEkQpZibsxO4rhf2Y6H4XIk5WMOfBmQow1xVBVqOoMYBRb4Tx%2FuACK3QFCshSTpfqowIDZ41t5bo1GY5u4CfOU6lErgoBtD4ohpCh7bTQndlLZZUzjBgt4UolxVuyxvLUweOoKCdfZi1GJ6YIlrVZoDYDi1vDyBnHG4ec66vPFei5gu8hPRBQUwVEYpCyS1QQbIToE7gR%2B0JF9o6xai5LkpKJAmjTR4InaqKFSRdDsAoXkCG9AMjyKjrO31IAXejcrQgAN7UB6IQJseAvsAnOjgO3ejlxEK27YC5gMAGlvBkZAVD2zgI2zKtKemKqXFfVn3T7cPTumfmOZEb94IXTT2PbMYV2DOCwhUYU8USgSEho8K9X326XQ8s3cCJ2y7IyQWQJlUzTKYzqag0u%2FR8N7YbwyWiGb5QvFYZKxGhRlK1QscN9v4SzuYQLPhSUz6qlLGlHfpRcNShbjLJSWI0d2wraFN5iamj8hr68ZxkQIlQaFNstPVsryuoxrbraZUwrpPKoT5r8dtPIiyRjrsNGEjhHC2NbOx7btjdc5ZXMIVExSgUhiQlhkkxMHUsyxraepbbnrlKWYZ1ewlMjRTtez7AdKWkmYpjXbs7f0oTlNHcC0Pn0BwIAv6f6yaC6vwVhF0AQCn1IFuuddy6wIhTVWrSXCBO0OjczsCpb1ndLVecME7kUiVLGEr4vGLcfGFBGHS9t6uLjtxTYRwbPtBp1KtIoMwUAZvCiEhTyJIwsIQfu75tD2ybKhZ7BVGhTLOmGcTzvTbylNUU5kc7Tlxz1F4U%2Br30lBxGEREkIQXcmtldHAavWipg5xQYfn7C%2Bw6jrAtJ2jmvgGBzAkOD6EPkKDV3cxw5YdiLowNpFYhkulD10E9A0OiOkZwVxQkFYDme21bdlKPEMT8LJWq9PKsEuRzE69uOZXr%2BSOfb%2FisWu%2BKY4Wb8cJxhAULCGJ%2FtO0FrreUBxzlwzgyG7JSkZrvI7Qi20QC81B3EMd3NvYrjxEzxAXC0Yw9aCWYgh7qm0E0zDPnQtC1geMPQEMLIRIEd214bT88IVZU%2ByhRaw2zs2LE%2FiGRGZHOMHhhc5lwycxRu6DgDxZtWpSpxRtBeg%2Bghb8aI3eEekVbpf8YYifoM5wg66o163vOtIBhckygRlwpWpRpr8FNJ8oMgaO%2B5QJfLRsqpZlb1rb5Pvqy3Vzfl6uF6c99V%2B93XT5vbtbha3W7urydnzo%2BBtPetTtT0w4HRpZJCd3UB47fv4MPkbrW5ff%2FwBLH9vbr%2FvH6Gz79v7lbX68fBT9eru%2BaXz%2F%2Bs79vHV98226%2Ftx7v3%2By8fj0fzIptHt9%2BqaKaFeCOZlShO3Hxohx3jpHqzYLTrNJRrHie53gjaFcbccmEUB%2FFebuacAEyxVK09aRrmDfbJ%2FIDODiyC2O36smfx1uU8CGPPCvcoMOszjVCaPUdeYI89t41k9uU4ljNmEq1Xf4oBosCz3R0vguyDtRmOCo2hXMdqdWgz91pJebi4HuCFkXt4Cjk1nwHSFL1YvYw1oSoYmaAeYKNf4HKsOyZfHtX269PVzWgRtCJnvDq3o%2BVIHrsXDyeSA3tgR1ACyz0dNas0rcvkxKWAKhh0PGy1sBzzZoSfEhWwqXlu63oUeF4wvbBlqj3mCZCoa8jXQJo6H17u5lndrZ7VzXpzfbN9DQ5Io7vmRt8I0JZ6L95teN0xe0qKYy1ah65SWYzeWQSh94v4oCYWOy8%2F6WSXzxlo60soPlTA7nNKicQuFO1eiezqq7vOgeXV9nZoCauifbRjtcp8aUOze9%2FthFCjrdUU6YZZAjdDgl9eUAwwHm8eNvd%2FDmECqytsOWVa4jPowOK4Fjs4R2g3y9iPfwGPqR7T&use-server-side-rendering=1&pcode-icookie=sEf2%2BadDpht0dAFrJFBhWXyAfU2vKZSPRneHRK9xxIuzlKhXM%2B6QjkzuE5DpVP6qFhU1dmLRdBgRoaZ%2BG0yJMqLEFG8%3D&top-ancestor=https%3A%2F%2Fpsebay.kinoafisha.info&top-ancestor-undetermined=0&grab-orig-len=4800&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2N30KEuMkkSM5CsKgzieYrmmb-Erypr_iXJJ_2_edSFD0lWhtp4w2-jZqHciig9Rbt06c337toORLF7x0KqXUUghZoN-AXqAtjDHzRuMhS0VSU6vwHW3MPGYeRiC5UUgSSkNhKAgVAbxQGsAKFRNANNBnKA-oQ9kMBTOUDP4zlHoIAVUoe-ipAppHwZ0cMwTqxcUBeSgKKJYfn0lriAWhHGwW-kidM7PQl5WGmSUqorxkxlhSs6AeNLCoy6iaWaUukeoRl7E2KVRRkWb6qU2zqMwipHpr8s16BiA-gwIrksknpydhpySg4JxLFOoQ_5mkDhUvIA1I-byoj1cofKAnmR41Mwvq8VGmVAN_avMqjpHqJ0OlVle1pmSslHmkZ2bRFHS-YFxE5Ty0iYhOm-ZKdRZbC-cl40F_tJWJL5yVtIBd-QZ6T0bHmPz_OlnVVZGZchwUzQFc0xaaiJ5nSMs8nw1czaRMGEwIzLMQkujoi1VVZsod1AdXPXMI9N9bGJCxoD5Of_FnrEHxQpY8ZUifssrG5YRnF3GR9mR1UQnSH9u2eB5xK9wQW1UmcZpVuQWRtbmSST8YYlJGUZpZkkdb3VxPH9lOjiGjy_Z3nBNkwHgkGozhhjBxWSVa-qeYMU3UdqgR-UKWDA4xXaoqs1JjwLnQLki3pzn6cEOiShnZSAyElwO1ojOV0FV0VVQl0y5dZ2lUaEs9djcwW3oe5fO4WQStzJQzpi1UZUNWX3AMiWuxPeFv6OpfNKi_auLvpuBD4W6zGT8Q-HtkyJPE1swMoIfy_Ur2bYA8lOHBB_LzAv-MHOUQQqkBH2jXfK7ZHPTuwUT9v7O8OurRyCz70ZZs23cQldqb7Hi64Ou8YKCPzNqci5eONqlUqusq7mZlzIOxyNWI8uJ6hBspVUZlUqtTpiJ3bj6fr253OxlL7WxSQ7LuhDZj_l41nTD171bc2arjkzCBImN0NDi30BaMPybAts58BRPd8t6WP4p8_kUUV2koArh_K6JvF4-IbIbQ-4UUPldBSPj5O-sXD6Jb1Ye5-gL7Wab-4qK4qkL8cpeTnzicY-nzcYA8r8--D0k-QyjPj-ZhCEOZ3wnNSdL70wCuVUmhrhL4B-bPiE_UpgqrCm2kTEprRn3hDnQtvSNZ7ZSjhbd7zfTtA8GuGigVQ4nkYG2b6onq6P0EvzIUAL3IEDjP1_D0b9dmjP8w_E0l7wNU_HfdwDlbJp_ZE7dL13GUlJGWfjIlhRZB3IG_RyXqKm9g66Sk-9rWtsHBH69G2PC07MeuBm72rd7MpzqlK0rQi9iNWDMkhcYNtxM8V24gueZlFllmPiIe82PKFg6MFnFQe-gt3qju4-MNDpaPiz9dlU2YP2GUoWTHGfj_s-SzCJhjZL_OCy6bwd85lrws2Y3izeZdw5Q6zScQRR47VtUTYCizpHyRTVREd_SbghA8pxW1AanlRPGZhP-5vZ6ZlZ31Gjzk7eLULkht1_Kgqsac6s1FfhJuIh_t1YYmCeXzYqzoPoeaLXB9LNDtNDQZqulQcOEMQP9faXoNwObV4G18ey1u68w1etOLXec4qv4Kz9mx-2g3wdSbAPR_Iw4lPxPCv7m0T4N8pwLWCxJfwfmi9UcT9_6G9Wt-1eTLGfXGLGgnwrypUQwn9R_rIhyiP9OjLn-Ve25zZJONdd5I_ptIP7GVnSsaO-dZh_aNzDO3A4I2LFw9BbT_Df66V8UB5R9AuIPCivW3knyjF-3iopUfTEtCrw_9FWl2giRYXXRsmSrazbjcfL5IXSZD5WpGn7HA-Mvj_22-9k02sNhfGuLFrmOO_GBH-g-5eOkCqgD2hTNY0GWANFfAO4pkTNPIMOQZAkdZEwj4cHmVMNxxYKzp_jyZhiFPhe7DBbtvEVwPHkh-l8Qb1BOdO_nyZ3wXuQzjBHcAUDeQducbbkMDVVKqizIZcQFuYwcXZJ2Q7cFbAU0VPRSsyIeL9Lf36z0NfxRNWVKl8e1TCpLeMbMtT6ZfF4d8rS2yUl3dynid1dj434CyzR3YCvg7CuwnYN-CZwjwdUR-WnbexM2wII17h-C_zV0I_q0OLMs227y2jLWWSZlpcGaafJlPGs7PiT7ue2X5WamfCQjj9Of25PH0bcKO9hS8ngLcL9KtF-k5cULZ5_8kuzgQ1uYxLCC8vOBzc8J1TFNgwWPYZkD6xJRvG0IX3dc6SeHxP7zlL2gb0v8Cc9204qsqo0OExMPv90nPbyyy6ZsS12ezia2gFwephcnZshdjvy-AA0mn01JmrLpvkVSfNRERfZpEm1O3sHWaIaRXqpmcUrRFRI_4V9BlXHely01S7FS15zM8QlQvdkVpN1y4eNkWtuHvv5zkrtLdNmvbg_ryxNu7FOtnk3WLumA4Q0l-NODstktOI3ikgfKdA0A-INn53860J5_blIjXaiK4ROKl1972Kyy-TPuYASYgW4OdPCCvN8Kk2X16uInSuaIVtz4Nc4m1ec6lqUB1chAcOcacEu3YXZR9IPRTvrN4aal0PQwHevjD_jSy1yF2YCh8uFs-yQVgXoS8LzpD2MQo0ID0pyd78BL54QmfeAdqwiWGYrhMCJYgMv8YBCeBP4508F7YMTRGPReLYPxdvG2Uetuy1AYyPLft0Y62ayPxevUi1g7Rusq-afDhPsIG7aOejMHWhQ07Me_duOnI1vri0zgA5AeBTXh4KvpmYeMMIX8LILoyNg1jSZLNyakcytfYtSb1fxcaTfkfSpNy0XXFGDmU3h1cwDTV9G4bkpnIHui2CPD3Pg_WjVR3H7JLlvH5mOiD8_mdi9tMMCpU9gy_EQEzT2OX63q10rdRyS_H8tuUtXrbOselP8HEa0YU7jjKOLtf9aWGx3THjWDM3JaAbb2Uu_vEW2FE1lppV0AmHmXF8R68P8Trw4YGtLVT1jhGcEExGqiF2NBM_O-QzBDADwbSYan0U2sH2LkhqzSaZB3M1CNrHVaO0T2v_136Ore23dv85IqIA4XpB12MWLoV3QJJFX0Hnh0YUHFd5XlKC-g0cr5-8NfFUZXETuVHs-1r_pKkykyzSoC4chUauguH4E6DsU-5ew4tt8LeGcCBHG4oqDodNqucivO0TZuqVUW-al2Aw40KtRMaXZLSukDNIWId4lryRmipfbvuqJ5FPzjBGSnx5snDTvKTTvjQy_3ePBxLvpJmD7wVm9HiX5n29DWvnp4W5_3O9T_MA_NNujc_4i5955DvKwBh6CAY7zUXTiXq2ipkXP345XqX4cBaIwfVutRIN2GbG7eP6EzYBJmY8_7LizH5_RuS_YDLNoTZQOXn_qk4G_DcdSe6yRW4FBaxgOTA_C9g_zekDnN1QL321x932WZ5O25Qtr1s9rcTfdm3yLZI4EBHgeiKxxpDNG_NJUo-Oy6TbTANOdzCOlVewXdkRDYBMGzBp40v_5ymUQ6y9RlcFLstqrcj0Xoh_5yHwbiNSyxdwTaKEA8vME5owtur6KIvv8Sty2-yxrMSmQv6Oi7_wJpV6rGm2zrIQeXaVhfP3La1LhF_b6H2XK_bvA83quAG-rRDQ8V_GdgrmBcR9WY5cvub1K9yRF1rpj6FQ8qXE281FPRytpkaD7dccsZKJqwipNGUY-KjII2E9cCGao4OHFBezfc990S7MRvvnhcaJ7_Fg16MfT_wu_ciZKdWT7Pxo3C4kLrKYD-nY1ZODZcXcOCRcoz9P7SvgFuaxevnlB0Gvo2czjVyRu6FP9Xw02E52_wDEXwVxeI9xxENphXPvBkmJV1R0s4BPJyqzie7Rb0nQ76MZFNegjElwjVzrxvO2mzuYr3n98ZCfAe0KcmPKygeXnO-VoXsnILy9Q0ScXrYvX3xS1kV-0qJQ0y-iYBs5Uk5wLa8rIMCv-CZ4qr-XYG0sdqaAtehvTirxXfRYRI8nNU809qrH4xPMtmQ9yTze_vTNI6v8J0aFwrvRhIuDPVw9UDeDHIdOtBfWODnsHMQ44bvCSvqGJu-Gci3CwvPMd86vLwIV3p-rR2uA8FdCfliGt5NEG4N_23j7O7egX1pXb5kg4CK7vOWbijql2P5lZPnR-7HTeI7MhQfaTu8NIB7tBAunOKcAxwzBMSpzDwDFOuKXZxEgzTu5Ih4azAFJ542XoNMbjjDB0Zw3yuPOX4luyOMd-dSC_updj4IgHsVY95jAUvH0ixzT6v0LHI2XVdzF5ERjr6GF8RnDn-ysbOz8-j88bOZK_OmR2VIUqWqsaZbnHr5IfSM7YqLqRdTxrrlx7YNWVfEbN3sPB073OAB7n5Gvry1SVFvoD5noQLoryMIw4d0jZpvEeUeHu8AXgDiMKpehe5NRTYc6thQu2s8ZAO4PjU7Rz0eHrJM-cuICiWKhh6M0aTi1vajwrztN7wKnng-ubT9rEBECQC6_SOkPPsy4fckrF5-54kkeyLRMA-EYgw-FBsKVJhzqIGqzIs2aGdY7-o5TGly-ECquNaUMYIoVV3tWo8b-UhkvcTfxKtrUTBbxniukmZ-RjN8QOi8SHoY4rhRKnnGDcelLUDOwWYZU_JkKQSSlMKLH6GctX8xMG40SoHFvc90wdseZ7mkaKsNrq82xNXX2ngEK0odBl8HBQcKjLkOeitu_LhrPcWjoAVwXUqMbkMVOgwC0bofWvezWG3g1isk851lC7CJrfD04xhA-vuZLYYehR3tKA4MNuKh2BRK6hD_r0EZSlZd4IypXZFdOodi2OkueXdcgNMGwA%3D%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
081303965b82fcd18dde7ba29b139667fd58122fcf700f7bd878a4467854f0e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1671883076989503-16649036196163131608-sas2-0782-sas-l7-balancer-8080-BAL-5197
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 24 Dec 2022 11:57:57 GMT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:57 GMT
561779892714.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/5/4/6/8367645/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/5/4/6/8367645/561779892714.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
057ad680bb47a98ecb645d23cee6e2090dd2e2cb4a1247bb565db47a037b9fe7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Dec 2022 19:41:05 GMT
server
cloudflare
age
360323
etag
"63923dd1-54ac"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e9298ab98313eb-ORD
content-length
21676
expires
Wed, 20 Dec 2023 07:52:33 GMT
596953912508.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/9/2/4/8364429/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/9/2/4/8364429/596953912508.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
421870e65ee4bc30200e85bbde85d3467591d7f7080e4d2cfd3e80d6b4a6bf3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
HIT
last-modified
Mon, 05 Dec 2022 14:46:11 GMT
server
cloudflare
age
678731
etag
"638e0433-6090"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e9298ab98413eb-ORD
content-length
24720
expires
Sat, 16 Dec 2023 15:25:45 GMT
259178658441.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/8/3/8365384/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/4/8/3/8365384/259178658441.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bd8e0e4ef2a5789a91419ca7777f38f369a87fd68b9b76b066fb90d5a53c3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 11:07:47 GMT
server
cloudflare
age
209885
etag
"6389dc83-35d0"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e9298ab98513eb-ORD
content-length
13776
expires
Fri, 22 Dec 2023 01:39:51 GMT
556163182911.jpg.webp
static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/2/4/8/8367842/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/movie_posters/220/upload/movie_posters/2/4/8/8367842/556163182911.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38302719b438937e4796e5d6d5d59a406f16cea319b1fdaf7478c56a8b87f640

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
HIT
last-modified
Sat, 10 Dec 2022 07:43:41 GMT
server
cloudflare
age
865546
etag
"639438ad-53b2"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e9298ab98613eb-ORD
content-length
21426
expires
Thu, 14 Dec 2023 11:32:10 GMT
invitation1.webp
static.kinoafisha.info/static/assets/img/specialProjects/newYear2023/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/static/assets/img/specialProjects/newYear2023/invitation1.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dab4b964958354225cdc215ae7f8e86dbaad63b621bb7ba7e805b5110d2b36d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Dec 2022 04:30:14 GMT
server
cloudflare
age
157559
etag
"63a3dd56-9e2"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e9298ab98713eb-ORD
content-length
2530
expires
Fri, 22 Dec 2023 16:11:57 GMT
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bbcb1c0d84bfa25ba03a536643b0aa355079325af9581212c91c1215cdd4a39d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:57:56 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fpsebay.kinoafisha.info&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:55 GMT
via
1.1 360031d112e5d98f967632ba717f6cfe.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
fLrD1WT0rez0Qd0de579s3W8SSWlFhhG0xku0X8ajLz5O3UbiHkSrw==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		151 B
598 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pid=ZZgVBwwJRG4BX&cb=0&ws=1600x1200&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_750487666%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_INC_970%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
19ddd52c4ea2b2b38987deb13a0e40150b03212b3f922efb9d94710ba00e40e2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
HGZRPM5KDF7YV354ET14
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
151
x-amz-cf-id
GY8OmCDjIGGs_RXTwj0qSJIIH3SaRR92A5qA9DFwl_EvCQpzVw7l2A==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		151 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pid=ZZgVBwwJRG4BX&cb=1&ws=1600x1200&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_581915297%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x400%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_MIDR_300c%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e7938034962bdaffe07fe3c09231ed2633794c2464bcb77c70aa8f86db0fa18e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
9GZZK796FXCTENB7JDCM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
151
x-amz-cf-id
TwXc_ae2OOFpDtA1QeKH1k203CxqIZ8VoexUcOTPxU2OsXBsMRehJQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		151 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pid=ZZgVBwwJRG4BX&cb=2&ws=1600x1200&v=22.1213.2134&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_69007909%22%2C%22s%22%3A%5B%22300x600%22%2C%22240x400%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F22193489449%2FKAF_ATFR_300c%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.124.226 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-124-226.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
fe8983772bdd1986d87874dcb8867a01a31bdb6134f709856be048a8ba39787f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 e5f49cd65618fc548cd417b060a75e76.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P4
x-amz-rid
CK0PGC923DQS4G60HY0A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
151
x-amz-cf-id
9Nravn4cUat13YZjWhn0eATWOBrFanS6uL2HZ8j2Jfka7EvrxUDYdw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.144.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-144-76.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 edf41293681a3c1555cb4f36266904cc.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-cache
Miss from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Xqdp40Go62lifdFPIZEDs_6TDSzUqctNDDVQ1g_lgcL2F5EY3bbPkg==
collect
analytics.google.com/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3GNTWFZ027&gtm=2oebu0&_p=1553457476&_gaz=1&cid=948821434.1671883077&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671883076&sct=1&seg=0&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
352 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3GNTWFZ027&cid=948821434.1671883077&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:56 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v2
yandex.ru/ads/adfox/275464/getBulk/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/275464/getBulk/v2?dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&date=2022-12-24T11%3A57%3A56.815%2B00%3A00&pd=24&pdh=1200&pdw=1600&pr1=2295094926&pr=3841013284&prr=&pv=11&pw=6&extid_loader=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&extid_tag_loader=psebay.kinoafisha.info&ylv=0.699404&ybv=0.699404&ytt=6598680641541&is-turbo=0&skip-token=&ad-session-id=3822821671883075572&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A200%2C%22width%22%3A1600%2C%22height%22%3A200%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A1%2C%22ad_no%22%3A0%7D&enable-flat-highlight=1&pcode-version=699404&available-width=1600&available-height=200&yaru=true&p1=cegtp&p2=girs&puid5=1920&slotNumber=3&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Jlc3RzZWxsZXItYWdlbmN5IiwiY2FtcGFpZ25faWQiOjEwNTEwNDksInJlc3BvbnNlX3RpbWUiOjE4MDcsImVycm9yIjp7ImNvZGUiOjN9fV0%3D&utf8=%E2%9C%93&duid=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&pcode-test-ids=657519%2C0%2C13%3B204184%2C0%2C8%3B685674%2C0%2C13%3B693968%2C0%2C16%3B695861%2C0%2C32%3B695360%2C0%2C25%3B696080%2C0%2C1%3B697100%2C0%2C37&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxed3l%2FyjZIom7BEaiTlxCkKwk3dxFiSDolTZCv633eUZEeSHbrpBgSBbeieO%2FLunntO3ydkShnHqiRC4ExlSCJVIY5KoXLG1YJkmClCVcrKhE3OPnyffFvdPq0nZ5P181%2BTd5Pt%2BnFLPsNXP7Y835%2F8%2BPhuskBCcfxHjYVUixJVKuesVCgTA3vJa9wHCOzQiawGAFOUFHjkHD7khBKJIb50LmZMqnMiZ6yWCkHsUpiiC3w%2FiNw3g%2F8fyKgoVMVZVqdSHLp5GzQGyDfmpQei8wI%2BzyEVqkAJLhooAEkQpZibsxO4rhf2Y6H4XIk5WMOfBmQow1xVBVqOoMYBRb4Tx%2FuACK3QFCshSTpfqowIDZ41t5bo1GY5u4CfOU6lErgoBtD4ohpCh7bTQndlLZZUzjBgt4UolxVuyxvLUweOoKCdfZi1GJ6YIlrVZoDYDi1vDyBnHG4ec66vPFei5gu8hPRBQUwVEYpCyS1QQbIToE7gR%2B0JF9o6xai5LkpKJAmjTR4InaqKFSRdDsAoXkCG9AMjyKjrO31IAXejcrQgAN7UB6IQJseAvsAnOjgO3ejlxEK27YC5gMAGlvBkZAVD2zgI2zKtKemKqXFfVn3T7cPTumfmOZEb94IXTT2PbMYV2DOCwhUYU8USgSEho8K9X326XQ8s3cCJ2y7IyQWQJlUzTKYzqag0u%2FR8N7YbwyWiGb5QvFYZKxGhRlK1QscN9v4SzuYQLPhSUz6qlLGlHfpRcNShbjLJSWI0d2wraFN5iamj8hr68ZxkQIlQaFNstPVsryuoxrbraZUwrpPKoT5r8dtPIiyRjrsNGEjhHC2NbOx7btjdc5ZXMIVExSgUhiQlhkkxMHUsyxraepbbnrlKWYZ1ewlMjRTtez7AdKWkmYpjXbs7f0oTlNHcC0Pn0BwIAv6f6yaC6vwVhF0AQCn1IFuuddy6wIhTVWrSXCBO0OjczsCpb1ndLVecME7kUiVLGEr4vGLcfGFBGHS9t6uLjtxTYRwbPtBp1KtIoMwUAZvCiEhTyJIwsIQfu75tD2ybKhZ7BVGhTLOmGcTzvTbylNUU5kc7Tlxz1F4U%2Br30lBxGEREkIQXcmtldHAavWipg5xQYfn7C%2Bw6jrAtJ2jmvgGBzAkOD6EPkKDV3cxw5YdiLowNpFYhkulD10E9A0OiOkZwVxQkFYDme21bdlKPEMT8LJWq9PKsEuRzE69uOZXr%2BSOfb%2FisWu%2BKY4Wb8cJxhAULCGJ%2FtO0FrreUBxzlwzgyG7JSkZrvI7Qi20QC81B3EMd3NvYrjxEzxAXC0Yw9aCWYgh7qm0E0zDPnQtC1geMPQEMLIRIEd214bT88IVZU%2ByhRaw2zs2LE%2FiGRGZHOMHhhc5lwycxRu6DgDxZtWpSpxRtBeg%2Bghb8aI3eEekVbpf8YYifoM5wg66o163vOtIBhckygRlwpWpRpr8FNJ8oMgaO%2B5QJfLRsqpZlb1rb5Pvqy3Vzfl6uF6c99V%2B93XT5vbtbha3W7urydnzo%2BBtPetTtT0w4HRpZJCd3UB47fv4MPkbrW5ff%2FwBLH9vbr%2FvH6Gz79v7lbX68fBT9eru%2BaXz%2F%2Bs79vHV98226%2Ftx7v3%2By8fj0fzIptHt9%2BqaKaFeCOZlShO3Hxohx3jpHqzYLTrNJRrHie53gjaFcbccmEUB%2FFebuacAEyxVK09aRrmDfbJ%2FIDODiyC2O36smfx1uU8CGPPCvcoMOszjVCaPUdeYI89t41k9uU4ljNmEq1Xf4oBosCz3R0vguyDtRmOCo2hXMdqdWgz91pJebi4HuCFkXt4Cjk1nwHSFL1YvYw1oSoYmaAeYKNf4HKsOyZfHtX269PVzWgRtCJnvDq3o%2BVIHrsXDyeSA3tgR1ACyz0dNas0rcvkxKWAKhh0PGy1sBzzZoSfEhWwqXlu63oUeF4wvbBlqj3mCZCoa8jXQJo6H17u5lndrZ7VzXpzfbN9DQ5Io7vmRt8I0JZ6L95teN0xe0qKYy1ah65SWYzeWQSh94v4oCYWOy8%2F6WSXzxlo60soPlTA7nNKicQuFO1eiezqq7vOgeXV9nZoCauifbRjtcp8aUOze9%2FthFCjrdUU6YZZAjdDgl9eUAwwHm8eNvd%2FDmECqytsOWVa4jPowOK4Fjs4R2g3y9iPfwGPqR7T&use-server-side-rendering=1&pcode-icookie=sEf2%2BadDpht0dAFrJFBhWXyAfU2vKZSPRneHRK9xxIuzlKhXM%2B6QjkzuE5DpVP6qFhU1dmLRdBgRoaZ%2BG0yJMqLEFG8%3D&top-ancestor=https%3A%2F%2Fpsebay.kinoafisha.info&top-ancestor-undetermined=0&grab-orig-len=4800&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2N30KEuMkkSM5CsKgzieYrmmb-Erypr_iXJJ_2_edSFD0lWhtp4w2-jZqHciig9Rbt06c337toORLF7x0KqXUUghZoN-AXqAtjDHzRuMhS0VSU6vwHW3MPGYeRiC5UUgSSkNhKAgVAbxQGsAKFRNANNBnKA-oQ9kMBTOUDP4zlHoIAVUoe-ipAppHwZ0cMwTqxcUBeSgKKJYfn0lriAWhHGwW-kidM7PQl5WGmSUqorxkxlhSs6AeNLCoy6iaWaUukeoRl7E2KVRRkWb6qU2zqMwipHpr8s16BiA-gwIrksknpydhpySg4JxLFOoQ_5mkDhUvIA1I-byoj1cofKAnmR41Mwvq8VGmVAN_avMqjpHqJ0OlVle1pmSslHmkZ2bRFHS-YFxE5Ty0iYhOm-ZKdRZbC-cl40F_tJWJL5yVtIBd-QZ6T0bHmPz_OlnVVZGZchwUzQFc0xaaiJ5nSMs8nw1czaRMGEwIzLMQkujoi1VVZsod1AdXPXMI9N9bGJCxoD5Of_FnrEHxQpY8ZUifssrG5YRnF3GR9mR1UQnSH9u2eB5xK9wQW1UmcZpVuQWRtbmSST8YYlJGUZpZkkdb3VxPH9lOjiGjy_Z3nBNkwHgkGozhhjBxWSVa-qeYMU3UdqgR-UKWDA4xXaoqs1JjwLnQLki3pzn6cEOiShnZSAyElwO1ojOV0FV0VVQl0y5dZ2lUaEs9djcwW3oe5fO4WQStzJQzpi1UZUNWX3AMiWuxPeFv6OpfNKi_auLvpuBD4W6zGT8Q-HtkyJPE1swMoIfy_Ur2bYA8lOHBB_LzAv-MHOUQQqkBH2jXfK7ZHPTuwUT9v7O8OurRyCz70ZZs23cQldqb7Hi64Ou8YKCPzNqci5eONqlUqusq7mZlzIOxyNWI8uJ6hBspVUZlUqtTpiJ3bj6fr253OxlL7WxSQ7LuhDZj_l41nTD171bc2arjkzCBImN0NDi30BaMPybAts58BRPd8t6WP4p8_kUUV2koArh_K6JvF4-IbIbQ-4UUPldBSPj5O-sXD6Jb1Ye5-gL7Wab-4qK4qkL8cpeTnzicY-nzcYA8r8--D0k-QyjPj-ZhCEOZ3wnNSdL70wCuVUmhrhL4B-bPiE_UpgqrCm2kTEprRn3hDnQtvSNZ7ZSjhbd7zfTtA8GuGigVQ4nkYG2b6onq6P0EvzIUAL3IEDjP1_D0b9dmjP8w_E0l7wNU_HfdwDlbJp_ZE7dL13GUlJGWfjIlhRZB3IG_RyXqKm9g66Sk-9rWtsHBH69G2PC07MeuBm72rd7MpzqlK0rQi9iNWDMkhcYNtxM8V24gueZlFllmPiIe82PKFg6MFnFQe-gt3qju4-MNDpaPiz9dlU2YP2GUoWTHGfj_s-SzCJhjZL_OCy6bwd85lrws2Y3izeZdw5Q6zScQRR47VtUTYCizpHyRTVREd_SbghA8pxW1AanlRPGZhP-5vZ6ZlZ31Gjzk7eLULkht1_Kgqsac6s1FfhJuIh_t1YYmCeXzYqzoPoeaLXB9LNDtNDQZqulQcOEMQP9faXoNwObV4G18ey1u68w1etOLXec4qv4Kz9mx-2g3wdSbAPR_Iw4lPxPCv7m0T4N8pwLWCxJfwfmi9UcT9_6G9Wt-1eTLGfXGLGgnwrypUQwn9R_rIhyiP9OjLn-Ve25zZJONdd5I_ptIP7GVnSsaO-dZh_aNzDO3A4I2LFw9BbT_Df66V8UB5R9AuIPCivW3knyjF-3iopUfTEtCrw_9FWl2giRYXXRsmSrazbjcfL5IXSZD5WpGn7HA-Mvj_22-9k02sNhfGuLFrmOO_GBH-g-5eOkCqgD2hTNY0GWANFfAO4pkTNPIMOQZAkdZEwj4cHmVMNxxYKzp_jyZhiFPhe7DBbtvEVwPHkh-l8Qb1BOdO_nyZ3wXuQzjBHcAUDeQducbbkMDVVKqizIZcQFuYwcXZJ2Q7cFbAU0VPRSsyIeL9Lf36z0NfxRNWVKl8e1TCpLeMbMtT6ZfF4d8rS2yUl3dynid1dj434CyzR3YCvg7CuwnYN-CZwjwdUR-WnbexM2wII17h-C_zV0I_q0OLMs227y2jLWWSZlpcGaafJlPGs7PiT7ue2X5WamfCQjj9Of25PH0bcKO9hS8ngLcL9KtF-k5cULZ5_8kuzgQ1uYxLCC8vOBzc8J1TFNgwWPYZkD6xJRvG0IX3dc6SeHxP7zlL2gb0v8Cc9204qsqo0OExMPv90nPbyyy6ZsS12ezia2gFwephcnZshdjvy-AA0mn01JmrLpvkVSfNRERfZpEm1O3sHWaIaRXqpmcUrRFRI_4V9BlXHely01S7FS15zM8QlQvdkVpN1y4eNkWtuHvv5zkrtLdNmvbg_ryxNu7FOtnk3WLumA4Q0l-NODstktOI3ikgfKdA0A-INn53860J5_blIjXaiK4ROKl1972Kyy-TPuYASYgW4OdPCCvN8Kk2X16uInSuaIVtz4Nc4m1ec6lqUB1chAcOcacEu3YXZR9IPRTvrN4aal0PQwHevjD_jSy1yF2YCh8uFs-yQVgXoS8LzpD2MQo0ID0pyd78BL54QmfeAdqwiWGYrhMCJYgMv8YBCeBP4508F7YMTRGPReLYPxdvG2Uetuy1AYyPLft0Y62ayPxevUi1g7Rusq-afDhPsIG7aOejMHWhQ07Me_duOnI1vri0zgA5AeBTXh4KvpmYeMMIX8LILoyNg1jSZLNyakcytfYtSb1fxcaTfkfSpNy0XXFGDmU3h1cwDTV9G4bkpnIHui2CPD3Pg_WjVR3H7JLlvH5mOiD8_mdi9tMMCpU9gy_EQEzT2OX63q10rdRyS_H8tuUtXrbOselP8HEa0YU7jjKOLtf9aWGx3THjWDM3JaAbb2Uu_vEW2FE1lppV0AmHmXF8R68P8Trw4YGtLVT1jhGcEExGqiF2NBM_O-QzBDADwbSYan0U2sH2LkhqzSaZB3M1CNrHVaO0T2v_136Ore23dv85IqIA4XpB12MWLoV3QJJFX0Hnh0YUHFd5XlKC-g0cr5-8NfFUZXETuVHs-1r_pKkykyzSoC4chUauguH4E6DsU-5ew4tt8LeGcCBHG4oqDodNqucivO0TZuqVUW-al2Aw40KtRMaXZLSukDNIWId4lryRmipfbvuqJ5FPzjBGSnx5snDTvKTTvjQy_3ePBxLvpJmD7wVm9HiX5n29DWvnp4W5_3O9T_MA_NNujc_4i5955DvKwBh6CAY7zUXTiXq2ipkXP345XqX4cBaIwfVutRIN2GbG7eP6EzYBJmY8_7LizH5_RuS_YDLNoTZQOXn_qk4G_DcdSe6yRW4FBaxgOTA_C9g_zekDnN1QL321x932WZ5O25Qtr1s9rcTfdm3yLZI4EBHgeiKxxpDNG_NJUo-Oy6TbTANOdzCOlVewXdkRDYBMGzBp40v_5ymUQ6y9RlcFLstqrcj0Xoh_5yHwbiNSyxdwTaKEA8vME5owtur6KIvv8Sty2-yxrMSmQv6Oi7_wJpV6rGm2zrIQeXaVhfP3La1LhF_b6H2XK_bvA83quAG-rRDQ8V_GdgrmBcR9WY5cvub1K9yRF1rpj6FQ8qXE281FPRytpkaD7dccsZKJqwipNGUY-KjII2E9cCGao4OHFBezfc990S7MRvvnhcaJ7_Fg16MfT_wu_ciZKdWT7Pxo3C4kLrKYD-nY1ZODZcXcOCRcoz9P7SvgFuaxevnlB0Gvo2czjVyRu6FP9Xw02E52_wDEXwVxeI9xxENphXPvBkmJV1R0s4BPJyqzie7Rb0nQ76MZFNegjElwjVzrxvO2mzuYr3n98ZCfAe0KcmPKygeXnO-VoXsnILy9Q0ScXrYvX3xS1kV-0qJQ0y-iYBs5Uk5wLa8rIMCv-CZ4qr-XYG0sdqaAtehvTirxXfRYRI8nNU809qrH4xPMtmQ9yTze_vTNI6v8J0aFwrvRhIuDPVw9UDeDHIdOtBfWODnsHMQ44bvCSvqGJu-Gci3CwvPMd86vLwIV3p-rR2uA8FdCfliGt5NEG4N_23j7O7egX1pXb5kg4CK7vOWbijql2P5lZPnR-7HTeI7MhQfaTu8NIB7tBAunOKcAxwzBMSpzDwDFOuKXZxEgzTu5Ih4azAFJ542XoNMbjjDB0Zw3yuPOX4luyOMd-dSC_updj4IgHsVY95jAUvH0ixzT6v0LHI2XVdzF5ERjr6GF8RnDn-ysbOz8-j88bOZK_OmR2VIUqWqsaZbnHr5IfSM7YqLqRdTxrrlx7YNWVfEbN3sPB073OAB7n5Gvry1SVFvoD5noQLoryMIw4d0jZpvEeUeHu8AXgDiMKpehe5NRTYc6thQu2s8ZAO4PjU7Rz0eHrJM-cuICiWKhh6M0aTi1vajwrztN7wKnng-ubT9rEBECQC6_SOkPPsy4fckrF5-54kkeyLRMA-EYgw-FBsKVJhzqIGqzIs2aGdY7-o5TGly-ECquNaUMYIoVV3tWo8b-UhkvcTfxKtrUTBbxniukmZ-RjN8QOi8SHoY4rhRKnnGDcelLUDOwWYZU_JkKQSSlMKLH6GctX8xMG40SoHFvc90wdseZ7mkaKsNrq82xNXX2ngEK0odBl8HBQcKjLkOeitu_LhrPcWjoAVwXUqMbkMVOgwC0bofWvezWG3g1isk851lC7CJrfD04xhA-vuZLYYehR3tKA4MNuKh2BRK6hD_r0EZSlZd4IypXZFdOodi2OkueXdcgNMGwA%3D%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8bd1bdb518479143fc511bbcd748491184f5f0d4ea1ccf0207c9d6119192474d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1671883077161295-5191712037368574140-sas2-0782-sas-l7-balancer-8080-BAL-410
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 24 Dec 2022 11:57:57 GMT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:57 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=psebay.kinoafisha.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		23 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4114410815217459&correlator=757945417071567&eid=31071150%2C31069125&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22193489449%2CKAF_INC_970&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=2&adks=4034514402&didk=327965985&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1671883077221&lmt=1671883077&dlt=1671883072068&idt=4778&adxs=148&adys=5244&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&frm=20&vis=1&psz=970x300&msz=970x0&fws=4&ohw=970&ga_vid=948821434.1671883077&ga_sid=1671883077&ga_hid=1553457476&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
90d33a10b8e8f7c0013b439759011c4dbd4e5e07c45e8d5dcc73f78ad8460ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10461
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		540 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4114410815217459&correlator=757945417071567&eid=31071150%2C31069125&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22193489449%2CKAF_MIDR_300c&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C240x400%7C160x600%7C300x250&ifi=3&adks=2414954101&didk=4038968507&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1671883077259&lmt=1671883077&dlt=1671883072068&idt=4778&adxs=1165&adys=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&frm=20&vis=1&psz=300x600&msz=300x0&fws=516&ohw=300&ga_vid=948821434.1671883077&ga_sid=1671883077&ga_hid=1553457476&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
857a00ff5084c04869fa6685522bec293830c909893d3162a20480333b9eaaa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
276
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		540 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4114410815217459&correlator=757945417071567&eid=31071150%2C31069125&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=22193489449%2CKAF_ATFR_300c&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C240x400%7C160x600%7C300x250&ifi=4&adks=2015631763&didk=1003198285&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1%26source%3DKinoafisha%26page_id%3Dmain_page_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1671883077272&lmt=1671883077&dlt=1671883072068&idt=4778&adxs=1165&adys=560&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&frm=20&vis=1&psz=300x600&msz=300x0&fws=516&ohw=300&ga_vid=948821434.1671883077&ga_sid=1671883077&ga_hid=1553457476&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1feb31207034b38c01d216e39af745c13ba1036249d3c1d74f9db08436b700f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2025 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:57:57 GMT
expires
Sun, 24 Dec 2023 11:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		397 B
473 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=psebay.kinoafisha.info&callback=_gfp_s_&client=ca-pub-1644183505536739&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9bbbc45cf323952c8d63189451ef42bddc36562447f98fc0254939fb87633bd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
257
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3C9E 		603 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1644183505536739&output=html&adk=1812271804&adf=3025194257&lmt=1671883077&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671883075138&bpp=21&bdt=3070&idt=2295&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5177604747862&frm=20&pv=2&ga_vid=948821434.1671883077&ga_sid=1671883077&ga_hid=1553457476&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31071168%2C44779794&oid=2&pvsid=4114410815217459&tmod=193605833&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=2369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:57:57 GMT
expires
Sat, 24 Dec 2022 11:57:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
1
mc.yandex.com/watch/28763351/
Redirect Chain
  • https://mc.yandex.com/watch/28763351?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
  • https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala...
482 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115755%3Aet%3A1671883075%3Ac%3A1%3Arn%3A643837917%3Arqn%3A1%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C225%2C587%2C304%2C1122%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883078%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
cd95d45c6b661c9c45e8a7ee5611744b7d196fbd0bdbac5647aec53aa2875121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 24-Dec-2022 11:57:58 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
482
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:57 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:57:57 GMT
location
/watch/28763351/1?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A0%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115755%3Aet%3A1671883075%3Ac%3A1%3Arn%3A643837917%3Arqn%3A1%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C225%2C587%2C304%2C1122%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883078%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:57 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1553457476&t=pageview&_s=1&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=973870395&gjid=973290637&cid=948821434.1671883077&tid=UA-21667993-5&_gid=1174609996.1671883078&_r=1&gtm=2oubu0&z=810095441
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=132&profileId=184&cb=60855382490
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 24 Dec 2022 11:57:56 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
iu3
s.amazon-adsystem.com/ Frame 9041
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
321 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c2548faf0622c3e4314ddaf29d3fbda50496d35c8316ac2030b36d36f5064a98
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
321
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 24 Dec 2022 11:57:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
3TTP5ZKQW1F2GRD2EZQ7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Sat, 24 Dec 2022 11:57:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
AN0QBH0AP49MRGNV5C3V
XHR.js
static.kinoafisha.info/static/assets/js/helpers/ 		2 KB
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/helpers/XHR.js?2
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
425a93feae79c0808f131cdd0d448df52229d6c385a287e368772984bf328787

Request headers

Referer
https://static.kinoafisha.info/static/assets/js/plugins/newMSearch.js?5
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 14 Jan 2022 05:57:27 GMT
server
cloudflare
etag
W/"61e110c7-717"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e929961bb2e26e-ORD
expires
Sun, 24 Dec 2023 11:57:58 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Mon, 24 Oct 2022 11:21:19 GMT
server
nginx
etag
W/"6356752f-16294"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 25 Dec 2022 11:57:58 GMT
container.html
60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2850 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:57:57 GMT
expires
Sun, 24 Dec 2023 11:57:57 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
event
ads.adfox.ru/275464/ 		0
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/275464/event?pm=cyz&hash=d6f45100c7073741&duid=1671883075238850984&p5=kvuqg&rand=eywwjut&sj=x9oiHkLoCqbCJOgyZjBeFuoOFa7JTctolsG4R62Tfk5xMpGjZq4uuNm2Vgcu1Q%3D%3D&ad-session-id=3822821671883075572&utg=oxum&lts=fkspbvh&ytt=6598680641541&ybv=0.699404&ylv=0.699404&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pr=mlhhkie&p1=cegtp&rqs=RVn-i_oYB0FF6aZjjUUYnzh_iXxeniLR&puid5=1920&p2=girs
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:58 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Dec 2022 11:57:58 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
629563974763.jpg.webp
static.kinoafisha.info/k/branding/1920/upload/branding/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/branding/1920/upload/branding/629563974763.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cab69df790c9656ed775fc84eea46861bfdef15c07886a1f40c80aa269873b53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
cf-cache-status
HIT
last-modified
Fri, 02 Dec 2022 11:51:04 GMT
server
cloudflare
age
1895342
etag
"6389e6a8-1331c"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e929984d9b13eb-ORD
content-length
78620
expires
Sat, 02 Dec 2023 13:28:56 GMT
42093449
mc.yandex.com/watch/ 		447 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/42093449?wmode=7&page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&nohit=1&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A1%3Als%3A1126139113359%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115758%3Aet%3A1671883079%3Ac%3A1%3Arn%3A289794164%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883079%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)mc(p-1)clc(0-0-0)lt(430500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
90e8b07b7c1f24ea0879aeea46ead06a3dba99127e5707244b8bedc9935fb873
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Sat, 24-Dec-2022 11:57:58 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
447
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:58 GMT
MySwiper.js
static.kinoafisha.info/static/assets/js/plugins/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/plugins/MySwiper.js?31
Requested by
Host: static.kinoafisha.info
URL: https://static.kinoafisha.info/static/assets/js/base.js?20221223033256164c02344652dcf590567d0f357ae390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a3bcf159522bd9e5af409d0165bafe5e33473591b3d8c9c74d5ffbdbb4b34a2

Request headers

Referer
https://psebay.kinoafisha.info/
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 24 Nov 2022 08:59:34 GMT
server
cloudflare
etag
W/"637f3276-258a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e929997de1e26e-ORD
expires
Sun, 24 Dec 2023 11:57:58 GMT
470130830935906
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/470130830935906?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8ef04083240bb5a83fa94d14084c25b796de7743e4fbe7f8e24df83b249103e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 24 Dec 2022 11:57:58 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
85853
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
91ps40Qgi8M51un1CIX7uC/EPH95p2GMwCWxyDqxWUuEk8A9W43lA22TAgRpPjHQ5nWg4TG1ZGydieYez1+AVA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-21667993-5&cid=948821434.1671883077&jid=973870395&gjid=973290637&_gid=1174609996.1671883078&_u=YADAAUAAAAAAACAAI~&z=858208870
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 24 Dec 2022 11:57:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ 		0
223 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://psebay.kinoafisha.info
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 19 Dec 2023 11:57:58 GMT
pixel.gif
static.criteo.net/images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 19 Dec 2023 11:57:58 GMT
v2
yandex.ru/ads/adfox/275464/getBulk/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://yandex.ru/ads/adfox/275464/getBulk/v2?dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&date=2022-12-24T11%3A57%3A58.736%2B00%3A00&pd=24&pdh=1200&pdw=1600&pr1=3438637557&pr=3841013284&prr=&pv=11&pw=6&extid_loader=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&extid_tag_loader=psebay.kinoafisha.info&ylv=0.699404&ybv=0.699404&ytt=6598680641541&is-turbo=0&skip-token=&ad-session-id=3822821671883075572&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A10%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A6537%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A2%2C%22ad_no%22%3A1%7D&enable-flat-highlight=1&pcode-version=699404&available-width=1600&yaru=true&p1=cecno&p2=ghvs&slotNumber=2&bids=W3siYmlkZGVyTmFtZSI6ImFkZm94X2Jlc3RzZWxsZXItYWdlbmN5IiwiY2FtcGFpZ25faWQiOjEwNTEwNDksInJlc3BvbnNlX3RpbWUiOjE4MDcsImVycm9yIjp7ImNvZGUiOjN9fSx7ImJpZGRlck5hbWUiOiJteXRhcmdldCIsImNhbXBhaWduX2lkIjo5ODgyMTMsInJlc3BvbnNlX3RpbWUiOjE1NjYsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIzOTQxNDMifSx7ImJpZGRlck5hbWUiOiJzZWdtZW50byIsImNhbXBhaWduX2lkIjoxODM2NTg5LCJyZXNwb25zZV90aW1lIjoxNTY3LCJlcnJvciI6eyJjb2RlIjozfSwicGxhY2VtZW50X2lkIjoiMTcxMyJ9LHsiYmlkZGVyTmFtZSI6ImJldHdlZW5kaWdpdGFsIiwiY2FtcGFpZ25faWQiOjk4OTc2MywicmVzcG9uc2VfdGltZSI6MTQxNCwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjM0MjM1NTAifSx7ImJpZGRlck5hbWUiOiJjcml0ZW8iLCJjYW1wYWlnbl9pZCI6MTAyNTg3NiwicmVzcG9uc2VfdGltZSI6MzcyNiwiZXJyb3IiOnsiY29kZSI6MX0sInBsYWNlbWVudF9pZCI6IjE0NzQzNDUifSx7ImJpZGRlck5hbWUiOiJhZHJpdmVyIiwiY2FtcGFpZ25faWQiOjk5MzQ0NSwicmVzcG9uc2VfdGltZSI6MTU2NywiZXJyb3IiOnsiY29kZSI6M30sInBsYWNlbWVudF9pZCI6IjQyOmtpbm9hZmlzaGFfMzAwWDYwMG1vYl9mdWxsc2NyZWVuIn0seyJiaWRkZXJOYW1lIjoiZ2V0aW50ZW50IiwiY2FtcGFpZ25faWQiOjEwNTI1NTgsInJlc3BvbnNlX3RpbWUiOjE1NjcsImVycm9yIjp7ImNvZGUiOjN9LCJwbGFjZW1lbnRfaWQiOiIxNjRfa2lub2FmaXNoYS5pbmZvX2thX2RtX21vYmlsZV9mdWxsc2NyZWVuXzMwMHg2MDAifV0%3D&utf8=%E2%9C%93&duid=MTY3MTg4MzA3NTIzODg1MDk4NA%3D%3D&pcode-test-ids=657519%2C0%2C13%3B204184%2C0%2C8%3B685674%2C0%2C13%3B693968%2C0%2C16%3B695861%2C0%2C32%3B695360%2C0%2C25%3B696080%2C0%2C1%3B697100%2C0%2C37&pcode-flags-map=eJytWG1v2zYQ%2FiuDPxed3l%2FyjZIom7BEaiTlxCkKwk3dxFiSDolTZCv633eUZEeSHbrpBgSBbeieO%2FLunntO3ydkShnHqiRC4ExlSCJVIY5KoXLG1YJkmClCVcrKhE3OPnyffFvdPq0nZ5P181%2BTd5Pt%2BnFLPsNXP7Y835%2F8%2BPhuskBCcfxHjYVUixJVKuesVCgTA3vJa9wHCOzQiawGAFOUFHjkHD7khBKJIb50LmZMqnMiZ6yWCkHsUpiiC3w%2FiNw3g%2F8fyKgoVMVZVqdSHLp5GzQGyDfmpQei8wI%2BzyEVqkAJLhooAEkQpZibsxO4rhf2Y6H4XIk5WMOfBmQow1xVBVqOoMYBRb4Tx%2FuACK3QFCshSTpfqowIDZ41t5bo1GY5u4CfOU6lErgoBtD4ohpCh7bTQndlLZZUzjBgt4UolxVuyxvLUweOoKCdfZi1GJ6YIlrVZoDYDi1vDyBnHG4ec66vPFei5gu8hPRBQUwVEYpCyS1QQbIToE7gR%2B0JF9o6xai5LkpKJAmjTR4InaqKFSRdDsAoXkCG9AMjyKjrO31IAXejcrQgAN7UB6IQJseAvsAnOjgO3ejlxEK27YC5gMAGlvBkZAVD2zgI2zKtKemKqXFfVn3T7cPTumfmOZEb94IXTT2PbMYV2DOCwhUYU8USgSEho8K9X326XQ8s3cCJ2y7IyQWQJlUzTKYzqag0u%2FR8N7YbwyWiGb5QvFYZKxGhRlK1QscN9v4SzuYQLPhSUz6qlLGlHfpRcNShbjLJSWI0d2wraFN5iamj8hr68ZxkQIlQaFNstPVsryuoxrbraZUwrpPKoT5r8dtPIiyRjrsNGEjhHC2NbOx7btjdc5ZXMIVExSgUhiQlhkkxMHUsyxraepbbnrlKWYZ1ewlMjRTtez7AdKWkmYpjXbs7f0oTlNHcC0Pn0BwIAv6f6yaC6vwVhF0AQCn1IFuuddy6wIhTVWrSXCBO0OjczsCpb1ndLVecME7kUiVLGEr4vGLcfGFBGHS9t6uLjtxTYRwbPtBp1KtIoMwUAZvCiEhTyJIwsIQfu75tD2ybKhZ7BVGhTLOmGcTzvTbylNUU5kc7Tlxz1F4U%2Br30lBxGEREkIQXcmtldHAavWipg5xQYfn7C%2Bw6jrAtJ2jmvgGBzAkOD6EPkKDV3cxw5YdiLowNpFYhkulD10E9A0OiOkZwVxQkFYDme21bdlKPEMT8LJWq9PKsEuRzE69uOZXr%2BSOfb%2FisWu%2BKY4Wb8cJxhAULCGJ%2FtO0FrreUBxzlwzgyG7JSkZrvI7Qi20QC81B3EMd3NvYrjxEzxAXC0Yw9aCWYgh7qm0E0zDPnQtC1geMPQEMLIRIEd214bT88IVZU%2ByhRaw2zs2LE%2FiGRGZHOMHhhc5lwycxRu6DgDxZtWpSpxRtBeg%2Bghb8aI3eEekVbpf8YYifoM5wg66o163vOtIBhckygRlwpWpRpr8FNJ8oMgaO%2B5QJfLRsqpZlb1rb5Pvqy3Vzfl6uF6c99V%2B93XT5vbtbha3W7urydnzo%2BBtPetTtT0w4HRpZJCd3UB47fv4MPkbrW5ff%2FwBLH9vbr%2FvH6Gz79v7lbX68fBT9eru%2BaXz%2F%2Bs79vHV98226%2Ftx7v3%2By8fj0fzIptHt9%2BqaKaFeCOZlShO3Hxohx3jpHqzYLTrNJRrHie53gjaFcbccmEUB%2FFebuacAEyxVK09aRrmDfbJ%2FIDODiyC2O36smfx1uU8CGPPCvcoMOszjVCaPUdeYI89t41k9uU4ljNmEq1Xf4oBosCz3R0vguyDtRmOCo2hXMdqdWgz91pJebi4HuCFkXt4Cjk1nwHSFL1YvYw1oSoYmaAeYKNf4HKsOyZfHtX269PVzWgRtCJnvDq3o%2BVIHrsXDyeSA3tgR1ACyz0dNas0rcvkxKWAKhh0PGy1sBzzZoSfEhWwqXlu63oUeF4wvbBlqj3mCZCoa8jXQJo6H17u5lndrZ7VzXpzfbN9DQ5Io7vmRt8I0JZ6L95teN0xe0qKYy1ah65SWYzeWQSh94v4oCYWOy8%2F6WSXzxlo60soPlTA7nNKicQuFO1eiezqq7vOgeXV9nZoCauifbRjtcp8aUOze9%2FthFCjrdUU6YZZAjdDgl9eUAwwHm8eNvd%2FDmECqytsOWVa4jPowOK4Fjs4R2g3y9iPfwGPqR7T&use-server-side-rendering=1&pcode-icookie=sEf2%2BadDpht0dAFrJFBhWXyAfU2vKZSPRneHRK9xxIuzlKhXM%2B6QjkzuE5DpVP6qFhU1dmLRdBgRoaZ%2BG0yJMqLEFG8%3D&top-ancestor=https%3A%2F%2Fpsebay.kinoafisha.info&top-ancestor-undetermined=0&grab-orig-len=4800&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjo2N30KEuMkkSM5CsKgzieYrmmb-Erypr_iXJJ_2_edSFD0lWhtp4w2-jZqHciig9Rbt06c337toORLF7x0KqXUUghZoN-AXqAtjDHzRuMhS0VSU6vwHW3MPGYeRiC5UUgSSkNhKAgVAbxQGsAKFRNANNBnKA-oQ9kMBTOUDP4zlHoIAVUoe-ipAppHwZ0cMwTqxcUBeSgKKJYfn0lriAWhHGwW-kidM7PQl5WGmSUqorxkxlhSs6AeNLCoy6iaWaUukeoRl7E2KVRRkWb6qU2zqMwipHpr8s16BiA-gwIrksknpydhpySg4JxLFOoQ_5mkDhUvIA1I-byoj1cofKAnmR41Mwvq8VGmVAN_avMqjpHqJ0OlVle1pmSslHmkZ2bRFHS-YFxE5Ty0iYhOm-ZKdRZbC-cl40F_tJWJL5yVtIBd-QZ6T0bHmPz_OlnVVZGZchwUzQFc0xaaiJ5nSMs8nw1czaRMGEwIzLMQkujoi1VVZsod1AdXPXMI9N9bGJCxoD5Of_FnrEHxQpY8ZUifssrG5YRnF3GR9mR1UQnSH9u2eB5xK9wQW1UmcZpVuQWRtbmSST8YYlJGUZpZkkdb3VxPH9lOjiGjy_Z3nBNkwHgkGozhhjBxWSVa-qeYMU3UdqgR-UKWDA4xXaoqs1JjwLnQLki3pzn6cEOiShnZSAyElwO1ojOV0FV0VVQl0y5dZ2lUaEs9djcwW3oe5fO4WQStzJQzpi1UZUNWX3AMiWuxPeFv6OpfNKi_auLvpuBD4W6zGT8Q-HtkyJPE1swMoIfy_Ur2bYA8lOHBB_LzAv-MHOUQQqkBH2jXfK7ZHPTuwUT9v7O8OurRyCz70ZZs23cQldqb7Hi64Ou8YKCPzNqci5eONqlUqusq7mZlzIOxyNWI8uJ6hBspVUZlUqtTpiJ3bj6fr253OxlL7WxSQ7LuhDZj_l41nTD171bc2arjkzCBImN0NDi30BaMPybAts58BRPd8t6WP4p8_kUUV2koArh_K6JvF4-IbIbQ-4UUPldBSPj5O-sXD6Jb1Ye5-gL7Wab-4qK4qkL8cpeTnzicY-nzcYA8r8--D0k-QyjPj-ZhCEOZ3wnNSdL70wCuVUmhrhL4B-bPiE_UpgqrCm2kTEprRn3hDnQtvSNZ7ZSjhbd7zfTtA8GuGigVQ4nkYG2b6onq6P0EvzIUAL3IEDjP1_D0b9dmjP8w_E0l7wNU_HfdwDlbJp_ZE7dL13GUlJGWfjIlhRZB3IG_RyXqKm9g66Sk-9rWtsHBH69G2PC07MeuBm72rd7MpzqlK0rQi9iNWDMkhcYNtxM8V24gueZlFllmPiIe82PKFg6MFnFQe-gt3qju4-MNDpaPiz9dlU2YP2GUoWTHGfj_s-SzCJhjZL_OCy6bwd85lrws2Y3izeZdw5Q6zScQRR47VtUTYCizpHyRTVREd_SbghA8pxW1AanlRPGZhP-5vZ6ZlZ31Gjzk7eLULkht1_Kgqsac6s1FfhJuIh_t1YYmCeXzYqzoPoeaLXB9LNDtNDQZqulQcOEMQP9faXoNwObV4G18ey1u68w1etOLXec4qv4Kz9mx-2g3wdSbAPR_Iw4lPxPCv7m0T4N8pwLWCxJfwfmi9UcT9_6G9Wt-1eTLGfXGLGgnwrypUQwn9R_rIhyiP9OjLn-Ve25zZJONdd5I_ptIP7GVnSsaO-dZh_aNzDO3A4I2LFw9BbT_Df66V8UB5R9AuIPCivW3knyjF-3iopUfTEtCrw_9FWl2giRYXXRsmSrazbjcfL5IXSZD5WpGn7HA-Mvj_22-9k02sNhfGuLFrmOO_GBH-g-5eOkCqgD2hTNY0GWANFfAO4pkTNPIMOQZAkdZEwj4cHmVMNxxYKzp_jyZhiFPhe7DBbtvEVwPHkh-l8Qb1BOdO_nyZ3wXuQzjBHcAUDeQducbbkMDVVKqizIZcQFuYwcXZJ2Q7cFbAU0VPRSsyIeL9Lf36z0NfxRNWVKl8e1TCpLeMbMtT6ZfF4d8rS2yUl3dynid1dj434CyzR3YCvg7CuwnYN-CZwjwdUR-WnbexM2wII17h-C_zV0I_q0OLMs227y2jLWWSZlpcGaafJlPGs7PiT7ue2X5WamfCQjj9Of25PH0bcKO9hS8ngLcL9KtF-k5cULZ5_8kuzgQ1uYxLCC8vOBzc8J1TFNgwWPYZkD6xJRvG0IX3dc6SeHxP7zlL2gb0v8Cc9204qsqo0OExMPv90nPbyyy6ZsS12ezia2gFwephcnZshdjvy-AA0mn01JmrLpvkVSfNRERfZpEm1O3sHWaIaRXqpmcUrRFRI_4V9BlXHely01S7FS15zM8QlQvdkVpN1y4eNkWtuHvv5zkrtLdNmvbg_ryxNu7FOtnk3WLumA4Q0l-NODstktOI3ikgfKdA0A-INn53860J5_blIjXaiK4ROKl1972Kyy-TPuYASYgW4OdPCCvN8Kk2X16uInSuaIVtz4Nc4m1ec6lqUB1chAcOcacEu3YXZR9IPRTvrN4aal0PQwHevjD_jSy1yF2YCh8uFs-yQVgXoS8LzpD2MQo0ID0pyd78BL54QmfeAdqwiWGYrhMCJYgMv8YBCeBP4508F7YMTRGPReLYPxdvG2Uetuy1AYyPLft0Y62ayPxevUi1g7Rusq-afDhPsIG7aOejMHWhQ07Me_duOnI1vri0zgA5AeBTXh4KvpmYeMMIX8LILoyNg1jSZLNyakcytfYtSb1fxcaTfkfSpNy0XXFGDmU3h1cwDTV9G4bkpnIHui2CPD3Pg_WjVR3H7JLlvH5mOiD8_mdi9tMMCpU9gy_EQEzT2OX63q10rdRyS_H8tuUtXrbOselP8HEa0YU7jjKOLtf9aWGx3THjWDM3JaAbb2Uu_vEW2FE1lppV0AmHmXF8R68P8Trw4YGtLVT1jhGcEExGqiF2NBM_O-QzBDADwbSYan0U2sH2LkhqzSaZB3M1CNrHVaO0T2v_136Ore23dv85IqIA4XpB12MWLoV3QJJFX0Hnh0YUHFd5XlKC-g0cr5-8NfFUZXETuVHs-1r_pKkykyzSoC4chUauguH4E6DsU-5ew4tt8LeGcCBHG4oqDodNqucivO0TZuqVUW-al2Aw40KtRMaXZLSukDNIWId4lryRmipfbvuqJ5FPzjBGSnx5snDTvKTTvjQy_3ePBxLvpJmD7wVm9HiX5n29DWvnp4W5_3O9T_MA_NNujc_4i5955DvKwBh6CAY7zUXTiXq2ipkXP345XqX4cBaIwfVutRIN2GbG7eP6EzYBJmY8_7LizH5_RuS_YDLNoTZQOXn_qk4G_DcdSe6yRW4FBaxgOTA_C9g_zekDnN1QL321x932WZ5O25Qtr1s9rcTfdm3yLZI4EBHgeiKxxpDNG_NJUo-Oy6TbTANOdzCOlVewXdkRDYBMGzBp40v_5ymUQ6y9RlcFLstqrcj0Xoh_5yHwbiNSyxdwTaKEA8vME5owtur6KIvv8Sty2-yxrMSmQv6Oi7_wJpV6rGm2zrIQeXaVhfP3La1LhF_b6H2XK_bvA83quAG-rRDQ8V_GdgrmBcR9WY5cvub1K9yRF1rpj6FQ8qXE281FPRytpkaD7dccsZKJqwipNGUY-KjII2E9cCGao4OHFBezfc990S7MRvvnhcaJ7_Fg16MfT_wu_ciZKdWT7Pxo3C4kLrKYD-nY1ZODZcXcOCRcoz9P7SvgFuaxevnlB0Gvo2czjVyRu6FP9Xw02E52_wDEXwVxeI9xxENphXPvBkmJV1R0s4BPJyqzie7Rb0nQ76MZFNegjElwjVzrxvO2mzuYr3n98ZCfAe0KcmPKygeXnO-VoXsnILy9Q0ScXrYvX3xS1kV-0qJQ0y-iYBs5Uk5wLa8rIMCv-CZ4qr-XYG0sdqaAtehvTirxXfRYRI8nNU809qrH4xPMtmQ9yTze_vTNI6v8J0aFwrvRhIuDPVw9UDeDHIdOtBfWODnsHMQ44bvCSvqGJu-Gci3CwvPMd86vLwIV3p-rR2uA8FdCfliGt5NEG4N_23j7O7egX1pXb5kg4CK7vOWbijql2P5lZPnR-7HTeI7MhQfaTu8NIB7tBAunOKcAxwzBMSpzDwDFOuKXZxEgzTu5Ih4azAFJ542XoNMbjjDB0Zw3yuPOX4luyOMd-dSC_updj4IgHsVY95jAUvH0ixzT6v0LHI2XVdzF5ERjr6GF8RnDn-ysbOz8-j88bOZK_OmR2VIUqWqsaZbnHr5IfSM7YqLqRdTxrrlx7YNWVfEbN3sPB073OAB7n5Gvry1SVFvoD5noQLoryMIw4d0jZpvEeUeHu8AXgDiMKpehe5NRTYc6thQu2s8ZAO4PjU7Rz0eHrJM-cuICiWKhh6M0aTi1vajwrztN7wKnng-ubT9rEBECQC6_SOkPPsy4fckrF5-54kkeyLRMA-EYgw-FBsKVJhzqIGqzIs2aGdY7-o5TGly-ECquNaUMYIoVV3tWo8b-UhkvcTfxKtrUTBbxniukmZ-RjN8QOi8SHoY4rhRKnnGDcelLUDOwWYZU_JkKQSSlMKLH6GctX8xMG40SoHFvc90wdseZ7mkaKsNrq82xNXX2ngEK0odBl8HBQcKjLkOeitu_LhrPcWjoAVwXUqMbkMVOgwC0bofWvezWG3g1isk851lC7CJrfD04xhA-vuZLYYehR3tKA4MNuKh2BRK6hD_r0EZSlZd4IypXZFdOodi2OkueXdcgNMGwA%3D%3D&tga-with-creatives=1
Requested by
Host: yandex.ru
URL: https://yandex.ru/ads/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
ef7fa744a28ed3903030d78af3c64597224908800df9ecba58c39d8f5c47b630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id
1671883078951151-16072117002211945186-sas2-0782-sas-l7-balancer-8080-BAL-3186
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Sat, 24 Dec 2022 11:57:59 GMT
report-to
{ "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type
application/json
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Sat, 24 Dec 2022 11:57:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 2850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CKDeaRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgTlAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkYP6EgFVS3xAZzhDReLmAkybOn6m4NRrTUXC99bcOOuWZbGs2tngBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTIyNzYxMzQxNDA5OTIyMDAYi7R5&sigh=QLkTVie7ZkU&uach_m=[UACH]&cid=CAQSSwDq26N9YZtK7W-58EDmTt5S_4ZJ1HK91uGumKoG8TlNSB9Ccv8D3kAb62fZa4gR3ejudqzxQSb4ahCfRpNtlRTDO_DJC8QGIlnGpRgBIBM
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
notify
rtb.va.us.criteo.com/google/auction/ Frame 2850 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=k6_oEuL6CsoH-gHiIp0XAgAAADV6BGT0ghEQtDbLN1wRW64QROmmY__pNh1a50kx03gDABIAAA&wp=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
196389
content-length
0
afr.php
ads.us.criteo.com/delivery/r/ Frame 0FC7 		193 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Requested by
Host: 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
66d688e41e6a25018935e9c91812570eb7d71d161c3b14f54bbbb0c74911b91d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:57:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=MgbzItC8UjoLZwOejXz4CwuZMhZuc0hXRa9O08KZFsfvdzqJY2UUQDxUGRbVMZiXkuLDhwLAWmshrr7lKRkqrT84fz4zQq-gCw-gRAo-RgJWt-IsnA-b6WGS9z0sbEPGTiijjB11tFBnV-vLA7xVi7mL9Gtv3uU7qvJw_XQWQABgRw_IEGzaaMo0XL7M_QnWJoScJ2rrCsdXPt0VEaz9tcnGfjuhz3DtIIbNoW0N7GgaKS2ZOy2J9MTSZdxe_MI4XxnSEw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
89916061
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2850 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 21:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
51313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 21:42:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 2850 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 21:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
51313
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 21:42:46 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 2850 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 12:59:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
169131
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Dec 2023 12:59:08 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2850 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 11:57:59 GMT
pr
s.amazon-adsystem.com/v3/ Frame A5D9 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
da7fcf6f0601d45c60cadf479b3ffe4d6a0ac9d308bbfaceb5d7d7fe0597e2ef
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1722
Content-Type
text/html;charset=ISO-8859-1
Date
Sat, 24 Dec 2022 11:57:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0EXB5C07XAY3FC90HSDD
ixmatch.html
js-sec.indexww.com/um/ Frame B84E 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
900
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e9299ccf7f632a-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
Sat, 24 Dec 2022 15:57:59 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 39FB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59667
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 11:57:59 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
22, 78231
X-Served-By
cache-lga13626-LGA, cache-chi-klot8100058-CHI
X-Timer
S1671883079.347712,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7753 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59667
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 11:57:59 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
22, 122512
X-Served-By
cache-lga13626-LGA, cache-chi-kigq8000030-CHI
X-Timer
S1671883079.348465,VS0,VE0
tag
tag.rutarget.ru/ Frame 8FDF 		324 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
e8b565eae06e2addb7968fb578b2f8f2853502d63f2fc883a9acaa5441bae132

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:57:59 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
tag
tag.rutarget.ru/ Frame 1013 		324 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
e8b565eae06e2addb7968fb578b2f8f2853502d63f2fc883a9acaa5441bae132

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:57:59 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
sync
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0c2db33131d697cbf5f7609e8321538bab0ff890843eb4b3e048c14f7664cf98

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 11:57:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 87BC 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
900
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e9299ccf81632a-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
Sat, 24 Dec 2022 15:57:59 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0c2db33131d697cbf5f7609e8321538bab0ff890843eb4b3e048c14f7664cf98

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 11:57:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame 740E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
900
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
77e9299ccf80632a-ORD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
Sat, 24 Dec 2022 15:57:59 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 433A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
59667
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 24 Dec 2022 11:57:59 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 15 Dec 2022 19:23:16 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
22, 79048
X-Served-By
cache-lga13626-LGA, cache-chi-klot8100056-CHI
X-Timer
S1671883079.349061,VS0,VE0
tag
tag.rutarget.ru/ Frame C2E0 		324 B
680 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
e8b565eae06e2addb7968fb578b2f8f2853502d63f2fc883a9acaa5441bae132

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:57:59 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
sync
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn-b.notsy.io
URL: https://cdn-b.notsy.io/kaf/ym.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
0c2db33131d697cbf5f7609e8321538bab0ff890843eb4b3e048c14f7664cf98

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1148
content-type
text/html; charset=utf-8
date
Sat, 24 Dec 2022 11:57:59 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9862.sS7y1dtcugzLOyeL6VeBR1W6xY8edumpUifsbXFkMHEROyJdTKnDZRQcGCkSOKnj.eL1-PKPDHkIv-ri9F4jo2HMGyOM%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9862.movmfq4hH9I57dlFwzhcgGf8zXonzkw6VKSfic43KZsy-CbFA_EKOBTun6FRO9o_eyL7JxpDaTG0ePNMBFTX-e_aZQESl6jxgXYiR_xuRoxbbve7dLkjQBFkHzZSrFMuV...
43 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9862.movmfq4hH9I57dlFwzhcgGf8zXonzkw6VKSfic43KZsy-CbFA_EKOBTun6FRO9o_eyL7JxpDaTG0ePNMBFTX-e_aZQESl6jxgXYiR_xuRoxbbve7dLkjQBFkHzZSrFMuV1Kr72wAmmc9ig20r8ifqtdhPM1B0r61u_CFgb76uD3ORip_iA0bowsyjVRVhKNqGdbYkIaKTBaysMwl0K4XahGJDNaaaasxn5ivoPzTOS0%2C.ATlucDDJhEVH8aGUWVfHHdAPcBg%2C
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:00 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9862.movmfq4hH9I57dlFwzhcgGf8zXonzkw6VKSfic43KZsy-CbFA_EKOBTun6FRO9o_eyL7JxpDaTG0ePNMBFTX-e_aZQESl6jxgXYiR_xuRoxbbve7dLkjQBFkHzZSrFMuV1Kr72wAmmc9ig20r8ifqtdhPM1B0r61u_CFgb76uD3ORip_iA0bowsyjVRVhKNqGdbYkIaKTBaysMwl0K4XahGJDNaaaasxn5ivoPzTOS0%2C.ATlucDDJhEVH8aGUWVfHHdAPcBg%2C
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-21667993-5&cid=948821434.1671883077&jid=973870395&_u=YADAAUAAAAAAACAAI~&z=1434108088
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.com/watch/42093449/ 		43 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_afe0035244af67db2ae97891f868a01cc8cd1464383f21548b4b025ee3db8719&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A3942%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A1%3Als%3A1126139113359%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115758%3Aet%3A1671883079%3Ac%3A1%3Arn%3A490017135%3Arqn%3A1%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A7%2C225%2C587%2C304%2C1122%2C0%2C%2C3428%2C26%2C%2C%2C%2C5690%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Ast%3A1671883079&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(1)lt(454500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:57:59 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:59 GMT
1
mc.yandex.com/watch/42093449/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_afe0035244af67db2ae97891f868a01cc8cd1464383f21548b4b025ee3db8719&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A1%3Als%3A1126139113359%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115758%3Aet%3A1671883079%3Ac%3A1%3Arn%3A580246355%3Arqn%3A2%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Ast%3A1671883079&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(2)lt(454500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:57:59 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:59 GMT
1
mc.yandex.com/watch/42093449/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/42093449/1?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_afe0035244af67db2ae97891f868a01cc8cd1464383f21548b4b025ee3db8719&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A1%3Als%3A1126139113359%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115758%3Aet%3A1671883079%3Ac%3A1%3Arn%3A125995071%3Arqn%3A3%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Ast%3A1671883079&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(3)lt(454500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:57:59 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:59 GMT
42093449
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/42093449?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&site-info=%7B%22699404%22%3A%7B%22remoteLogString%22%3A%7B%22Error%22%3A%7B%7D%7D%7D%7D&hittoken=1671883078_afe0035244af67db2ae97891f868a01cc8cd1464383f21548b4b025ee3db8719&browser-info=pv%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A2%3Adp%3A1%3Als%3A1126139113359%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115758%3Aet%3A1671883079%3Ac%3A1%3Arn%3A153799994%3Arqn%3A4%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Aco%3A0%3Acpf%3A1%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883079%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(4)lt(454500)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:57:59 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:57:59 GMT
ecm3
s.amazon-adsystem.com/ Frame A5D9
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=9537df75
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=9537df75
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QT08BHF4YE61HXQXXAZW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Sat, 24 Dec 2022 11:57:59 GMT
via
1.1 0146c8129cacdacca96753291cf27ec4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=9537df75
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
kX1wifVGenXEmJAePlis5eRsUNus3OHKBpOLoRTDteGdOeH0s5cK0A==
ecm3
s.amazon-adsystem.com/ Frame A5D9
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmediagrid.com%26id%3D%24%7BBSW_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=57d864d6-23b8-4d41-b351-7c97eba1ca9f
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=57d864d6-23b8-4d41-b351-7c97eba1ca9f
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGR7VVMFBNJRAK6CTN88
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=mediagrid.com&id=57d864d6-23b8-4d41-b351-7c97eba1ca9f
Date
Sat, 24 Dec 2022 11:58:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
event
ads.adfox.ru/275464/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/275464/event?pm=cyz&hash=d8a2f2eca6136b23&duid=1671883075238850984&p5=ixesw&rand=jbgdlni&sj=lTMQnhRkE1dBAkoDWcWHwH3T-pH7HWNE8DzmxTwVFuL_t1a_Guzq7B53XA3Rzg%3D%3D&ad-session-id=3822821671883075572&utg=bdvoy&lts=fkspbvi&ytt=6598680641541&ybv=0.699404&ylv=0.699404&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pr=mlhhkie&p1=cecno&rqs=RVn-i_oYB0FG6aZjwGwp5p7LoR2pYbmy&p2=ghvs
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Dec 2022 11:57:59 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225eea9246405d3fbfa23fae814ff75bd35facc5357d7df2aee7a03db1878e8e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e929a13d48224c-ORD
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKhDpx%2BPYiIXpg9H06%2BfWTZJGMU9rDYDdCadWVlQP%2F9gGWaWYkiGw7%2BAUjxWDrcwWus1htlqNbGYrYfBbMUdSfZXPr9J1KF0CvcYB4x%2FlJPI6%2BuxZqFs04D1TUuoQCQJcS1%2Bzz4BNQbK6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e9299f9ce02a3c-ORD
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UeODF15HgWYFLsxC%2BXwwT8VEVEkCWGNqd85NEHVPtIe2PPU9c42BvGuW6p2T69SuMM0B5gOfCyMrYfu%2BEjC%2Fa%2BGXArIOScifn9F1fiFU7DnYXTkghQCDRIBimADY6uKxgCv3qZRMvt5yjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
/
match.sharethrough.com/jwumXNuB/v1/ Frame DF3A 		427 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-173.compute-1.amazonaws.com
Software
/
Resource Hash
294c7b0bddb95299e265e78586b9935fb8fad8d782210f8a3de3ba17e9e26e6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Sat, 24 Dec 2022 11:57:59 GMT
usync.html
eus.rubiconproject.com/ Frame 4321 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:57:59 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 6FE5
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7164937848874519873&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7164937848874519873&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 11:57:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
W8N508WSKHFR8T7J4SEQ

Redirect headers

content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7164937848874519873&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 603D
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7f24344b6bb51009&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFsmnL1pa9XgNEFvpnAAAAAAA&expiration=1671969479&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFsmnL1pa9XgNEFvpnAAAAAAA&expiration=1671969479&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-mediagrid_n-index_n-sharethrough_rbd_smrt_cnv&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 24 Dec 2022 11:57:59 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YYJ0B511X0TAXPY7H86N

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAFsmnL1pa9XgNEFvpnAAAAAAA&expiration=1671969479&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
privacy_small.svg
static.criteo.net/flash/icon/ Frame 0FC7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:57:59 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 0FC7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:57:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 0FC7 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 19 Dec 2023 11:57:59 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 0FC7 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 19 Dec 2023 11:57:59 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame 0FC7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=970x250
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 11:37:28 GMT
Server
Microsoft-IIS/10.0
ETag
"f3ae98706714d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame 0FC7 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&adsrv=169&btreg=banner_content&btadsrv=banner_content&tagtype=&dvtagver=6.1.src
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 15:05:32 GMT
Server
Microsoft-IIS/10.0
ETag
W/"064f584fd91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
lg.php
cat.va.us.criteo.com/delivery/ Frame 0FC7 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=G5LrgXvww8OiAxYJKAPiIhTrdYKGU4xPO_diuR_1lVEUGbYH0hjUAKuzVfHtZYO3-Y7TtbxzephZeeaIzdzRVJqKyNntmx6rkib0t8uO3CZDunPrYG1rNa_hsjnMRr0nK03D_F5rIZEeVo2mXdHkJxQtVy9MtjbG4s1m32hDRDdrMvVyXS5BZIcdso6bQeO5E95FQqKL_Ox6FtituIzSNs0_V_DKx37G-WdVJw4uzQwJHO_WqUYbcg7k2OQ7yL7nx63VpRNPI1SNIXmQiNcyzhSVuy_ZCSQw_TLDed5hA23IjVOg6Ba6ad_BL11YQMpuYhiLlWDxIoGlsG1mKCdi4jFlV1ZDwSikv5U-oSndqS4YQPQjjhHTvG3S9lErTfB9eeC2tzkgtaUjKz9uRiMsKGDOrREwRmDYEFAgneAnYhZyBguv
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2961881
expires
Mon, 26 Jul 1997 05:00:00 GMT
B28205461.342025052;dc_pre=CNHQ4eiZkvwCFZPcyAodLa0B8w;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;...
ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/ Frame 0FC7
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directe...
  • https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CNHQ4eiZkvwCFZPcyAodLa0B8w;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_l...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CNHQ4eiZkvwCFZPcyAodLa0B8w;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N8278.154378.CRITEO/B28205461.342025052;dc_pre=CNHQ4eiZkvwCFZPcyAodLa0B8w;dc_trk_aid=534250294;dc_trk_cid=175324964;ord=63a6e946b2c22cfdcdbce5cd9ff656e4;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
d.agkn.com/pixel/8538/ Frame 0FC7 		43 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/8538/?che=63a6e946b2c22cfdcdbce5cd9ff656e4&col=308271,0,0,0,11120203,63a6e946b2c22cfdcdbce5cd9ff656e4
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:7800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:57:59 GMT
via
1.1 64269b4eda1211bca4d40d7ab2177910.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
l1F1XypRmoxqyJdr8-Pg4tMsszvQ4AikOzUFCvEklCu_Q19WiDP-qw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac5752503f7b73a37b40dcc241f741a1a3ac7999560978b6a3b7931ffb3bcb8d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e929a13d4d224c-ORD
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjx7jJKZeffoJ0Fb9ZpJfC%2Fb%2FWa6ykkNANfw2ODrM1%2F0qowwu01V%2B7uTqELa3nKpbNrepuwNORHvg9kulRxPkqRnSN2IKz8K2UNBFnu2OmmiBQ6mdcmRzlhmD6lLUht3G9ga79%2B3n6etqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e9299fbd012a3c-ORD
content-length
0
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXC%2BHnwAEHnfG7Yt2NRB%2BWnarp0bt70jqSyqqchIUSbggJOD0wc6YXVZcopz55VZlGxY1Pu7vnwlY8meRGBGMchZHgpSCyi62SeqTJIdh%2FiS1d1l5NWeAQc719mr56y3lMkacYyHYiJacg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 207C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d122663b14f58c02364cec5bbe991cad4dfffae9c87c8a4742498e5280b0e2

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e929a13d4b224c-ORD
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgwcOoxKzMaw7pN3s7NEa1igK1Y4icnnGcjd4geCrCIU0T%2F9kJLt4zHSw0zn0b1JTpWYdYSjd%2BpezlKXpW2NKNo1xKAJRm8IkP7yqwuXxD6Xdz9boEdC6Un3S%2B7pEMNgKBjQfK5Ecz41Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
swiper.js
static.kinoafisha.info/static/assets/js/plugins/ 		305 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.kinoafisha.info/static/assets/js/plugins/swiper.js?2
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:178e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b238bd57150d1e00add029f25524829bcf5e9823ecfdef62c70adcef9fa6087

Request headers

Referer
https://static.kinoafisha.info/static/assets/js/plugins/MySwiper.js?31
Origin
https://psebay.kinoafisha.info
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:00 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 15 Mar 2022 08:34:40 GMT
server
cloudflare
etag
W/"62304fa0-4c4b6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
77e929a0dabbe26e-ORD
expires
Sun, 24 Dec 2023 11:58:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 61DF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
721ba495ffcf81ac27c0d906ee12dddc187d2ea04a40130b939a79a8cc62f795

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e929a16d70224c-ORD
content-encoding
br
content-type
text/html
date
Sat, 24 Dec 2022 11:57:59 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biv69PeU4bWURHLRTL7CYfwdgXXGBrO6mO2%2F1NHBKK%2Fv6ty9jSND1ZS052pzeYIjHaYi4KyBnfsbo6EkyzjpiortOEAK9PDF3XgxaT6YXsyqoPuG%2BB%2Ft3G7WPGsAwQNrqUEYIu3amAhCSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
xuid
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 265B
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
date
Sat, 24 Dec 2022 11:58:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 265B
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AE8FD0946BBC4A3CBB0AFA3110E0571D Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0tlUMv1CbxlvnWhQ==

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C7B8EBCE465C4C5D8B902BBA93CD1552 Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0qkrfWMPaTsyH+Pg==
xuid
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8796180841940499808&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 24 Dec 2022 11:58:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Qur5XcBE2oQ0Gh1BMNg_gYA.z8hotlDg0zIc5IYeWg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Qur5XcBE2oQ0Gh1BMNg_gYA.z8hotlDg0zIc5IYeWg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Qur5XcBE2oQ0Gh1BMNg_gYA.z8hotlDg0zIc5IYeWg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 265B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2975828447412716551112
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 265B 		42 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2975828447412716551112&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4174CED23861443D9C164A94CCAE1C32 Ref B: CHGEDGE0912 Ref C: 2022-12-24T11:58:01Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 265B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 24 Dec 2022 11:58:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
cb290043-a043-42b7-afb3-bc1b54a61324
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3C97
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
date
Sat, 24 Dec 2022 11:58:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 3C97
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 8328BE194CCE4546AE282016ABD026F6 Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0tj8wRItP7I1roZQ==

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: C0B5370C3C5747FAB5A91E9D924D11D3 Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0qpUBEJ/6RhYQeeA==
xuid
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent=
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift&ssp_uuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=triplelift&user_id=27338996-65d8-492b-b578-ce7416c7e5ab
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Sat, 24 Dec 2022 11:58:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ee5I88tE2oSGdL6fRICrJ3iPlWsTSkKacOarsxgDqg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ee5I88tE2oSGdL6fRICrJ3iPlWsTSkKacOarsxgDqg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Ee5I88tE2oSGdL6fRICrJ3iPlWsTSkKacOarsxgDqg--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 3C97 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2975828447412716551112
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 3C97 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2975828447412716551112&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C47D0C90CC6945B2B249FB005DC37153 Ref B: CHGEDGE0912 Ref C: 2022-12-24T11:58:01Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 3C97
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 24 Dec 2022 11:58:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
98ae863a-d315-4410-9977-cc8aaddc6598
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKj3peRMnZ9gOtO_40cg-EM&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75A1
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=Mjk3NTgyODQ0NzQxMjcxNjU1MTExMg%3D%3D
date
Sat, 24 Dec 2022 11:58:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 75A1
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: A3FDAC45742745609ACA3DA90FDAA316 Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0tkXt7nJKY5L5eww==

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 2C35E81E97E84A8DBF15462B846583D3 Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
/setuid?partner=tripleliftdbredirect&tlUid=2975828447412716551112&dbredirect=true&gdpr=0&consent=&cookiesTest=true
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ0qqr/TKQnNsIUbEw==
xuid
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=2975828447412716551112&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dtrip...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=df3ad13ec7fa48a7a0fd64f3b2e82e03&ssp=triplelift&bsw_param=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=57d864d6-23b8-4d41-b351-7c97eba1ca9f&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Sat, 24 Dec 2022 11:58:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/2975828447412716551112?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-M4BQT5hE2oQcWV4cS1ARwQa4tSXeeGXCLn7CG1Pc2w--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-M4BQT5hE2oQcWV4cS1ARwQa4tSXeeGXCLn7CG1Pc2w--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-M4BQT5hE2oQcWV4cS1ARwQa4tSXeeGXCLn7CG1Pc2w--~A&dongle=0883
content-length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 75A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=2975828447412716551112
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
c.gif
c.bing.com/ Frame 75A1 		42 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=2975828447412716551112&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
last-modified
Tue, 13 Dec 2022 22:44:52 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C73EBFA6D4E04FAA9566AABEEAE08250 Ref B: CHGEDGE0912 Ref C: 2022-12-24T11:58:01Z
etag
"8723e58344fd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 75A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Sat, 24 Dec 2022 11:58:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5337cf68-cb7f-4301-903b-33b655fd1ea1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=2433049645475493699&dongle=4d58&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4321 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.3.115.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-3-115-102.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c3f6a6cfa836cb18a0cb6bcaa031444bdbe6e767c87b7b9dafb48dc807633adc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:00 GMT
Content-Encoding
gzip
Last-Modified
Sat, 24 Dec 2022 04:29:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59406
Connection
keep-alive
Content-Length
10066
Expires
Sun, 25 Dec 2022 04:28:06 GMT
ecm3
s.amazon-adsystem.com/ Frame DF3A 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=1b348dda-2383-46e0-8ff7-c6f95900276b
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MAC6J6BRCPSSPTBWM107
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame DF3A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.72.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame DF3A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.72.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:02 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
v1
match.sharethrough.com/sync/ Frame DF3A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://ssum.casalemedia.com/usermatchredir?s=186046&cb=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DGM7HYz3VFjuymbiqnJLyjuPy%26source_user_id%3D__UID__
  • https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.72.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alAEWg5S8AFNTR%2Bj1Su2uRVkIxwyar2aIuh6nBIkt2aaKvuU%2Fhhft4i3ppe6aVosA0rLXBEdO7RXx6k01a25zLtlpbQ%2FWnp%2FogoOE6MjO7L5r283bFv7pl7UMC4h%2FXwwiIJZg4Ud"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://match.sharethrough.com/sync/v1?source_id=GM7HYz3VFjuymbiqnJLyjuPy&source_user_id=Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
cache-control
no-cache
cf-ray
77e929b66fb922f1-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v1
match.sharethrough.com/sync/ Frame DF3A
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://u.openx.net/w/1.0/cm?cc=1&gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=17c4857a-f7c3-079b-20fe-bd2e27564532
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=17c4857a-f7c3-079b-20fe-bd2e27564532
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D$UID
Protocol
H2
Server
52.72.250.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-250-173.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://match.sharethrough.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Sat, 24 Dec 2022 11:58:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=17c4857a-f7c3-079b-20fe-bd2e27564532
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
bounce
ib.adnxs.com/ Frame 39FB
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
933 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
AN-X-Request-Uuid
9a17b0fe-cb17-4c75-a262-7cf5c4e1ab2c
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
AN-X-Request-Uuid
78277dab-9f6f-4024-8420-5d15e95d1fa8
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 2850 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd6f703dba4a7871b90ed891be9eee465e2d42ca16b40c77fdc533745f7b3fd2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
async_usersync
ib.adnxs.com/ Frame 7753 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
AN-X-Request-Uuid
559af08a-01c6-4ef9-8d20-069394c7944b
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 433A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
AN-X-Request-Uuid
5491f602-d790-462d-ade5-3ba4fa374530
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 61DF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A2CSGN7VQFK3F2PM3YEP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y6bpR4Rjv-Yj0TMnThmtTgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHmLV8knku-H7zZWY3tORc&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHmLV8knku-H7zZWY3tORc&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHHmLV8knku-H7zZWY3tORc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELarWZ-W7oWwohrK1bP3EBs&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELarWZ-W7oWwohrK1bP3EBs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:02 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jgDYWFnRBwIC%2Fm2%2Bw01t3T9Xq%2BRXwtflKcvn8CaMrnIo%2BPLUuyCQWTH4CDCg26lro%2FLhuombrcJgA6Ec8YvqPzixoe0R%2BBhePV419mfTAeiIuKs7gpKhMDwZEhcXMp2A%2BSzcYXPM73sfXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e929b3ae3c224c-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELarWZ-W7oWwohrK1bP3EBs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
0
0
crum
dsum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 11:58:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
db4cc2a7-933a-4d47-affb-41c46aa0aec9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687607882&external_user_id=0e0515f4-4437-4258-9710-dc8a281661f1
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687607882&external_user_id=0e0515f4-4437-4258-9710-dc8a281661f1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 11:58:02 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1687607882&external_user_id=0e0515f4-4437-4258-9710-dc8a281661f1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2433049645475493699
43 B
405 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2433049645475493699
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBQX8q8cwVKAfIOYFLb2erfbKk4yBCChEY7qrP21M4X5j8zlZ1ZzAlFjb5pGrSsLY7EEDVn0vmQYHJbqiThMecCE0rFhva1LHOCLqkZp0YccZSpYtucxZ4vIU78faCwQxHbEZ%2B0p"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e929b66f1d2306-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Sat, 24 Dec 2022 11:58:01 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b0547257-9ecd-4e20-a843-4d9676ab7466
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2433049645475493699
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 61DF
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_63a6e9497771c&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_63a6e9497771c
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_63a6e9497771c
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 11:58:02 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_63a6e9497771c
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
htw-pixel.gif
cdn.indexww.com/ht/ Frame 61DF 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48350
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e929ab3f052cd1-ORD
content-length
43
expires
Sun, 25 Dec 2022 11:58:01 GMT
Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7ED2 		43 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:f838:172b:9f85:e97b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/ Frame 7ED2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGXjZCSQAo
85 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGXjZCSQAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-chi-klot8100155-CHI
pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
536
x-timer
S1671883081.478378,VS0,VE0
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
content-length
85
x-cache-hits
1129

Redirect headers

x-served-by
cache-chi-klot8100155-CHI
pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1671883081.282709,VS0,VE20
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGXjZCSQAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJ2E7HTdMAACMzZ9S4ng&expiration=1673092684
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJ2E7HTdMAACMzZ9S4ng&expiration=1673092684
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADJ2E7HTdMAACMzZ9S4ng&expiration=1673092684
Date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3099051828667121746
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3099051828667121746
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3099051828667121746
pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=57d864d6-23b8-4d41-b351-7c97eba1ca9f
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=index&bsw_custom_parameter=57d864d6-23b8-4d41-b351-7c97eba1ca9f
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=92b78522-1846-4c5f-8de9-56939e87f7b2&ssp=index&expires=30&user_group=5&bsw_param=57d864d6-23b8-4d41-b351-7c97eba1ca9f
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=&gdpr_consent=&us_privacy=
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F9ao2c1tqpHwndg8R6TovyoeWlJo4nc4OlSNujVu0%2F%2FYrlU2P9NoYmAGZJ%2FjZByFoXCCjF89Y8qoswvzIniinXXu8pKw4ycJ5Cfu87J4ybhyOOlVCIMNtpcySy%2BJYP2dOU3%2B7%2Fdf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e929bd1f452bbd-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=57d864d6-23b8-4d41-b351-7c97eba1ca9f&gdpr=&gdpr_consent=&us_privacy=
Date
Sat, 24 Dec 2022 11:58:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dcm
s.amazon-adsystem.com/ Frame 7ED2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1DSVZGG0EJ3Z2ZSGEBA6
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b47d53c-74df-4832-90f9-3f59f68aa2fd
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b47d53c-74df-4832-90f9-3f59f68aa2fd
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-7b47d53c-74df-4832-90f9-3f59f68aa2fd
date
Sat, 24 Dec 2022 11:58:02 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 7ED2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c31763a6-e94b-4300-a771-df7566e946df
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c31763a6-e94b-4300-a771-df7566e946df
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 11:58:02 GMT
Server
MT3 277 3f0ad7a master iad-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c31763a6-e94b-4300-a771-df7566e946df
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 11:58:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 7ED2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MXQK6P9X792WGNN2VDD0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 207C 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:f838:172b:9f85:e97b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
rum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y6bpSQAGYF1CVAAo
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bpSQAGYF1CVAAo&_test=Y6bpSQAGYF1CVAAo
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bpSQAGYF1CVAAo&_test=Y6bpSQAGYF1CVAAo
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-chi-klot8100155-CHI
pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
via
1.1 varnish
server
Varnish
x-timer
S1671883081.478454,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y6bpSQAGYF1CVAAo&_test=Y6bpSQAGYF1CVAAo
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=65b363a6-e94b-4600-b0df-a712b8ec0f57
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=65b363a6-e94b-4600-b0df-a712b8ec0f57
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 11:58:02 GMT
Server
MT3 277 3f0ad7a master iad-pixel-x25 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=65b363a6-e94b-4600-b0df-a712b8ec0f57
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Dec 2022 11:58:01 GMT
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACV5E7HTdMAACRffGFHqQ&expiration=1673092683
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACV5E7HTdMAACRffGFHqQ&expiration=1673092683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACV5E7HTdMAACRffGFHqQ&expiration=1673092683
Date
Sat, 24 Dec 2022 11:58:03 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8078496350235601523&expiration=1673092683
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8078496350235601523&expiration=1673092683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8078496350235601523&expiration=1673092683
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2d64a9bc-2de5-4e6e-a61e-2d1bc5f9ca77
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2d64a9bc-2de5-4e6e-a61e-2d1bc5f9ca77
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-2d64a9bc-2de5-4e6e-a61e-2d1bc5f9ca77
date
Sat, 24 Dec 2022 11:58:02 GMT
server
Apache-Coyote/1.1
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0f3a2e0d-2f5b-4e79-92e4-2ae98dff1a02
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0f3a2e0d-2f5b-4e79-92e4-2ae98dff1a02
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0f3a2e0d-2f5b-4e79-92e4-2ae98dff1a02
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 207C
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sat, 24 Dec 2022 11:58:02 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 669.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b682c3fb-19b1-4042-b5e5-0ee09b67b953
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2433049645475493699
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 207C 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48350
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e929ab3f082cd1-ORD
content-length
43
expires
Sun, 25 Dec 2022 11:58:01 GMT
Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 06A7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB&gdpr_consent=&us_privacy=&gdpr=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
2600:1f18:4e9:5a07:f838:172b:9f85:e97b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y6bpR4Rjv_Yj0TMnThmtTgAAALsAAAAB
date
Sat, 24 Dec 2022 11:58:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=705130ca929e140f&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFsmnL1pa9gwN5dA2PAAAAAAA&expiration=1671969481&is_secure=true
43 B
871 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFsmnL1pa9gwN5dA2PAAAAAAA&expiration=1671969481&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K9R53QTdEwU%2B3WTfWEWMqnay7cLrVSGxJhze5q35b2028z012cfvhU390iHiUtw8E2PWJQ3sMa02HDC4ugAHs%2FbwYJeO1jVh%2Fwk9bvGo1rZF%2BekEfEkSnsEI9lF%2FfpATiyjUO2TD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e929b66f1f2306-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAFsmnL1pa9gwN5dA2PAAAAAAA&expiration=1671969481&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
r.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=
43 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u03718kuusstMlfxZTKsur4KovxHZSxfdRI0Mh87hnx8a834l%2Fx1C9dxWorSAeAMKUe5nixooRW0R0D1ZshLQtsMFhPXQEEm6fFd5lQ2Af%2FxQjLdwVoTaWodIuFijgafqdXD"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77e929c0d98d13f7-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=477b5be1-1022-4a9f-8a5f-f64a7600f1c8-63a6e94a-5553&gdpr=0&gdpr_consent=
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71C96DD3B63944F78E395A3509F86493
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71C96DD3B63944F78E395A3509F86493
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sat, 24 Dec 2022 11:58:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71C96DD3B63944F78E395A3509F86493
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Fri, 23 Dec 2022 11:58:02 GMT
crum
dsum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8baef51-a0ad-4821-8e0b-6f64a9421778
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8baef51-a0ad-4821-8e0b-6f64a9421778
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8baef51-a0ad-4821-8e0b-6f64a9421778
date
Sat, 24 Dec 2022 11:58:02 GMT
server
Apache-Coyote/1.1
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JZnGN3aTk2A-ycU4cZqKZCvIxTY-nsQzJp0qk252
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JZnGN3aTk2A-ycU4cZqKZCvIxTY-nsQzJp0qk252
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=JZnGN3aTk2A-ycU4cZqKZCvIxTY-nsQzJp0qk252
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662275961411351
43 B
765 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662275961411351
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2340
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662275961411351
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
77e929b7acd8e25c-ORD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 06A7
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
htw-pixel.gif
cdn.indexww.com/ht/ Frame 06A7 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y6bpR4Rjv-Yj0TMnThmtTgAA%26187
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fpsebay.kinoafisha.info%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:01 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
48350
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
77e929ab3f0b2cd1-ORD
content-length
43
expires
Sun, 25 Dec 2022 11:58:01 GMT
tag
tag.rutarget.ru/ Frame D7DF 		719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
246fbe4e2666a757523b81faecbbe621d6280e45b7602540601485c04a165955

Request headers

Referer
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:58:01 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
event
ads.adfox.ru/275464/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/275464/event?pm=cza&hash=6ec3db9554b04bae&duid=1671883075238850984&p5=kvuqg&rand=cztzkef&sj=x9oiHkLoCqbCJOgyZjBeFuoOFa7JTctolsG4R62Tfk5xMpGjZq4uuNm2Vgcu1Q%3D%3D&ad-session-id=3822821671883075572&utg=oxum&lts=fkspbvh&ytt=6598680641541&ybv=0.699404&ylv=0.699404&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pr=mlhhkie&p1=cegtp&rqs=RVn-i_oYB0FF6aZjjUUYnzh_iXxeniLR&puid5=1920&p2=girs
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:00 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Dec 2022 11:58:00 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
tag
tag.rutarget.ru/ Frame AC12 		719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
246fbe4e2666a757523b81faecbbe621d6280e45b7602540601485c04a165955

Request headers

Referer
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:58:01 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
tag
tag.rutarget.ru/ Frame 90A7 		719 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
188.72.107.205 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS
fr05.segmento.ru
Software
nginx /
Resource Hash
246fbe4e2666a757523b81faecbbe621d6280e45b7602540601485c04a165955

Request headers

Referer
https://tag.rutarget.ru/tag?event=otherPage&check=true&response=syncframe&synconly=true
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Dec 2022 11:58:01 GMT
P3P
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
Server
nginx
Timing-Allow-Origin
*
Transfer-Encoding
chunked
dvbs_src_internal115.js
cdn.doubleverify.com/ Frame 0FC7 		59 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal115.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&dvregion=0&unit=970x250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:01 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Dec 2022 11:38:02 GMT
Server
Microsoft-IIS/10.0
ETag
"d24981846714d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24248
khaos.jpg
token.rubiconproject.com/ Frame 4321 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame 39FB 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
AN-X-Request-Uuid
6308b568-4d7a-47cb-b2aa-31dcbf344fc3
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7753 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
AN-X-Request-Uuid
1eb8f4c8-d51b-48a4-8f19-1b7738da6ace
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1
mc.yandex.com/watch/28763351/ 		43 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/28763351/1?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_ae6b5d070b60d8d34cd0d2a88e8cbdf0ca1876dc72d87e43b81d0add1d1cb310&browser-info=pa%3A1%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A1%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115759%3Aet%3A1671883079%3Ac%3A1%3Arn%3A735085894%3Arqn%3A2%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C3428%2C26%2C%2C%2C%2C5690%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1671883069735%3Aadb%3A2%3Ast%3A1671883081&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(2)lt(468700)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://psebay.kinoafisha.info/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:58:01 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:58:01 GMT
async_usersync
ib.adnxs.com/ Frame 433A 		0
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.179.155 Secaucus, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:01 GMT
AN-X-Request-Uuid
6d0841e4-7b59-4485-9146-605b15732aac
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
104.237.193.29; 104.237.193.29; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
event
ads.adfox.ru/275464/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.adfox.ru/275464/event?pm=bmn&hash=a72722a3d32f1296&duid=1671883075238850984&p5=kvuqg&rand=defwvux&sj=x9oiHkLoCqbCJOgyZjBeFuoOFa7JTctolsG4R62Tfk5xMpGjZq4uuNm2Vgcu1Q%3D%3D&ad-session-id=3822821671883075572&utg=oxum&lts=fkspbvh&ytt=6598680641541&ybv=0.699404&ylv=0.699404&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&pr=mlhhkie&p1=cegtp&rqs=RVn-i_oYB0FF6aZjjUUYnzh_iXxeniLR&puid5=1920&p2=girs
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:01 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Dec 2022 11:58:01 GMT
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
verify.js
rtb0.doubleverify.com/ Frame 0FC7 		656 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_482167860619&jsTagObjCallback=__tagObject_callback_482167860619&num=6&ctx=13846930&cmp=28205461&plc=342025052&sid=1340728&advid=&adsrv=&unit=970x250&isdvvid=&uid=482167860619&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.40&dvpx_strhd=0.40&brid=3&brver=108&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&tagpb=1&htmlmsging=1&tstype=128&m1=13&noc=4&fcifrms=17&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=163&eparams=DC4FC%3Dl9EEADTbpTauTaue_ggd6f7b_g3ha2ahfh72%60_d334_%60c6a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauAD632J%5D%3C%3A%3F%4027%3AD92%5D%3A%3F7%40Tar9EEADTbpTauTaue_ggd6f7b_g3ha2ahfh72%60_d334_%60c6a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&dvp_exetime=47.40&callbackName=__verify_callback_482167860619
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
fb395b97b3f664eef046a836807532b48b8fbda1a16e62bd0f8d725319222f2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
12/23/2022 11:58:03
cm.gif
ad.mail.ru/ Frame D7DF 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=144&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:02 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:02 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:02 GMT
segmento
exchange.buzzoola.com/cookiesync/dsp/ Frame D7DF
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Server
176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.69.81.9.176.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
etag
W/"7f3ad078dcef9bf3915cb41335aced40c0ab2431a061da5afbae8692f39694b2"
content-length
103
serverid
TODO
content-type
text/html; charset=utf-8
XG_gtXZ4Glxl
an.yandex.ru/mapuid/rutargetis/ Frame D7DF 		43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 24 Dec 2022 11:58:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 24 Dec 2022 11:58:03 GMT
sg
tech.rtb.mts.ru/ Frame D7DF 		0
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tech.rtb.mts.ru/sg?segmento_id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS
infrastructure-187-44.mts.ru
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.20.2
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
cm.gif
ad.mail.ru/ Frame D7DF 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=34&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:03 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:03 GMT
cm.gif
ad.mail.ru/ Frame 90A7 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=144&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:03 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:03 GMT
segmento
exchange.buzzoola.com/cookiesync/dsp/ Frame 90A7
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Server
176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.69.81.9.176.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
etag
W/"7109658089d241b0015f9b255f442a789aaf90ac8ddf056a766179796f52dde7"
content-length
103
serverid
TODO
content-type
text/html; charset=utf-8
XG_gtXZ4Glxl
an.yandex.ru/mapuid/rutargetis/ Frame 90A7 		43 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 24 Dec 2022 11:58:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 24 Dec 2022 11:58:03 GMT
sg
tech.rtb.mts.ru/ Frame 90A7 		0
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tech.rtb.mts.ru/sg?segmento_id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS
infrastructure-187-44.mts.ru
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.20.2
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
cm.gif
ad.mail.ru/ Frame 90A7 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=34&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:03 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:03 GMT
cm.gif
ad.mail.ru/ Frame AC12 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=144&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:03 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:03 GMT
segmento
exchange.buzzoola.com/cookiesync/dsp/ Frame AC12
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?uid=XG_gtXZ4Glxl
  • https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.buzzoola.com/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Server
176.9.81.69 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.69.81.9.176.clients.your-server.de
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
content-length
43
serverid
TODO
content-type
image/gif

Redirect headers

location
/cookiesync/dsp/segmento?set_buzzoola_cookie=t&uid=XG_gtXZ4Glxl
date
Sat, 24 Dec 2022 11:58:03 GMT
server
nginx
etag
W/"27850115a591ec35846c885ef7a1f3e7b6756be0b094ac67eca6ed9f3ece73f3"
content-length
103
serverid
TODO
content-type
text/html; charset=utf-8
XG_gtXZ4Glxl
an.yandex.ru/mapuid/rutargetis/ Frame AC12 		43 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/rutargetis/XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Sat, 24 Dec 2022 11:58:03 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 24 Dec 2022 11:58:03 GMT
sg
tech.rtb.mts.ru/ Frame AC12 		0
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tech.rtb.mts.ru/sg?segmento_id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
213.87.44.187 , Russian Federation, ASN13174 (MTSNET Moscow, Russia, RU),
Reverse DNS
infrastructure-187-44.mts.ru
Software
nginx/1.20.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.20.2
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=utf-8
cm.gif
ad.mail.ru/ Frame AC12 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mail.ru/cm.gif?p=34&id=XG_gtXZ4Glxl
Requested by
Host: tag.rutarget.ru
URL: https://tag.rutarget.ru/tag?response=syncframecontent&sm=sync_fc821051ae5abea671f7ac556f1ea647%2Csync_ec8bf516fafa51927e71233e18e82503%2Csync_71c015090a068e09460994346a52bdbb%2Csync_d7a14e30636d52e10b35d10c02578019%2Csync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tag.rutarget.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Last-Modified
Sat, 24 Dec 2022 11:58:03 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
Content-Type
image/gif
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
Expires
Sat, 24 Dec 2022 12:58:03 GMT
355148128256.jpg.webp
static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/355148128256.jpg.webp
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6463923ad6cc5932a793d04594631b65b18b98cf574ae2163f82e48aaf313573

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Dec 2022 12:00:16 GMT
server
cloudflare
age
56164
etag
"63a59850-5e68"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e929b6b8f913eb-ORD
content-length
24168
expires
Sat, 23 Dec 2023 20:21:58 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=470130830935906&ev=PageView&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&rl=&if=false&ts=1671883083396&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671883083348.1283750245&it=1671883078722&coo=false&rqm=GET
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 24 Dec 2022 11:58:03 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4321
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LC1W0R9O-9-J315
  • https://s.amazon-adsystem.com/ecm3?id=LC1W0R9O-9-J315&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LC1W0R9O-9-J315&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YD4E7CC8ZTG2JWC79RGW
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LC1W0R9O-9-J315&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
Expires
0
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame 0FC7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=ef4e7eb254ea44468cd3ee2cb02c73e4&vfdur=1824&cbust=1671883083549472
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal115.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:03 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
12/23/2022 11:58:03
dv-measurements3326.js
cdn.doubleverify.com/ Frame 6ECC 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3326.js
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82a2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Sat, 24 Dec 2022 11:58:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Dec 2022 08:24:20 GMT
Server
Microsoft-IIS/10.0
ETag
"052474ccced91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108149
pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWJiNmI0NWQwNzBmZGQzM2ZiZjE3YjY5MzM4ZDgwNzkxZmFiMDEyZQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWJiNmI0NWQwNzBmZGQzM2ZiZjE3YjY5MzM4ZDgwNzkxZmFiMDEyZQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWJiNmI0NWQwNzBmZGQzM2ZiZjE3YjY5MzM4ZDgwNzkxZmFiMDEyZQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4321
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/DnzAr6yyJLikhc-bkSDymQ?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LaAer2FE2oL.Cm9ARvi5lkZm6wYMweQtU1KMvg--~A
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LaAer2FE2oL.Cm9ARvi5lkZm6wYMweQtU1KMvg--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-LaAer2FE2oL.Cm9ARvi5lkZm6wYMweQtU1KMvg--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 4321
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=9MWU6AuITlOB2gcbvA13Uw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9MWU6AuITlOB2gcbvA13Uw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9MWU6AuITlOB2gcbvA13Uw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W99Y9C9J992YEF4QJXT5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=9MWU6AuITlOB2gcbvA13Uw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4321
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
setuid
px.ads.linkedin.com/ Frame 4321
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1W0R9O-9-J315
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1W0R9O-9-J315
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 1F6A7DF44EEF48088C06AC165D42F81F Ref B: CHGEDGE1420 Ref C: 2022-12-24T11:58:04Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXwkZ1c1xwstDc7RTVADA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LC1W0R9O-9-J315
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4321 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4ZRFX742039QH2CECSJH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 4321
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY2XeR9rPsDf9qDlublB64&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY2XeR9rPsDf9qDlublB64&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECY2XeR9rPsDf9qDlublB64&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4321
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxVzBSOU8tOS1KMzE1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxVzBSOU8tOS1KMzE1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.98 Glen Cove, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEMxVzBSOU8tOS1KMzE1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 0FC7 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 0FC7 		2 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
animejs.js
static.criteo.net/animejs/ Frame 0FC7 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
/
www.facebook.com/tr/ Frame 33B6 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: psebay.kinoafisha.info
URL: https://psebay.kinoafisha.info/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://psebay.kinoafisha.info
Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://psebay.kinoafisha.info
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:58:04 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
visit.js
tps.doubleverify.com/ Frame 6ECC 		724 B
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=638&ttfrms=61&brid=3&brver=108.0.5359.124&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTaue_ggd6f7b_g3ha2ahfh72%60_d334_%60c6a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauAD632J%5D%3C%3A%3F%4027%3AD92%5D%3A%3F7%40Tar9EEADTbpTauTaue_ggd6f7b_g3ha2ahfh72%60_d334_%60c6a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETar9EEADTbpTauTau25D%5DFD%5D4C%3AE6%40%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=545&ddur=728&uid=1671883084264864&jsCallback=dvCallback_1671883084264494&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=970&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3326&tgjsver=3326&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fads.us.criteo.com%2Fdelivery%2Fr%2Fafr.php%3Fz%3DY6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg%26u%3D%257CrCHERtz1NaGV%252BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%253D%257C%26c1%3Dm7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng%26ct0%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%2526client%253Dca-pub-2276134140992200%2526adurl%253D&fcifrms=18&brh=2&sdf=2&dvp_epl=355&noc=4&nav_pltfrm=Win32&ctx=13846930&cmp=28205461&sid=1340728&plc=342025052&btreg=banner_content&btadsrv=banner_content&adsrv=169&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=5528552883.942986&dvp_tukv=97452461724.76215&dvp_uuid=421312100.48888&dvp_strhd=1.1000003814697266&dvpx_strhd=1.1000003814697266&dvp_tuid=639139561674&jurtd=852327148
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
7ba42911d371afcf87e78b4d8281aca396a676f020bcfc1c62a731ef2c20643a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:04 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
12/23/2022 11:58:04
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 0FC7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 0FC7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.us.criteo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
1a7b4fb10c8a4768bf92ecc6eb402274_cpn_970x250_2.jpg
static.criteo.net/design/dt/5535/221216/ Frame 0FC7 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5535/221216/1a7b4fb10c8a4768bf92ecc6eb402274_cpn_970x250_2.jpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20391421aa9801133dd20cb97fb07cc52c9b847a42caccfcb4a1cc76a92fc9bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 16 Dec 2022 14:58:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"639c877a-491e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
18718
expires
Tue, 19 Dec 2023 11:58:04 GMT
4fb407cc18614c0e9430685835981bb0_cpn_970x250_3.jpg
static.criteo.net/design/dt/5535/221216/ Frame 0FC7 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5535/221216/4fb407cc18614c0e9430685835981bb0_cpn_970x250_3.jpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a83425d418592728e05b49d04edddbe9d15aa2c1c02f8a79cc22ad740f16b3fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 16 Dec 2022 14:58:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"639c877a-689c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
26780
expires
Tue, 19 Dec 2023 11:58:04 GMT
6c4e2af27f074459b381191924725071_cpn_970x250_4.jpg
static.criteo.net/design/dt/5535/221216/ Frame 0FC7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/5535/221216/6c4e2af27f074459b381191924725071_cpn_970x250_4.jpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
2d492d9ab6895dbb85497151ee6ab5ee6134ccac502c798921648e924bf47e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 16 Dec 2022 14:58:02 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"639c877a-321e"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
12830
expires
Tue, 19 Dec 2023 11:58:04 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?h=496&m=0&partner=5535&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F5535%2F190813%2Fd5bb21879100431680b4588fceb6cd1e_logo_lightbg_horizontal.png&v=3&w=356&s=-_-rN6bD8mPmoR5HO0wVJlPN
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
9ef3834bb388654e98c93238bf603d1e46a4c6c93f2b24b441dd2cf6f9199db0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28656763
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12108
expires
Tue, 21 Nov 2023 04:10:48 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F3%2Foptimized%2F21915733_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=8IA3TNGpVgQXY2AJY40wU7T6&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
232be7d1a3844f035a20a40e9cb3f713420f80458c8ef22b6e5cd244ba9afc61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1914715
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
11014
expires
Sun, 15 Jan 2023 15:49:59 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F9940975_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=TaAh4TDITyVaXqMWRj2CHy2a&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
a1e730339a4e1201c95d73b8f6d92dffff8c7cc7e5128f29b67bb3dacdbae1a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2018487
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
9216
expires
Mon, 16 Jan 2023 20:39:32 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F2%2Foptimized%2F17396694_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=Bk7JNMqT0X8dYNV3juq9ZC6V&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
1eefc78931aa025b2c758bd5ac9cc84e0aeb52d3d75f48cde529ec47b11b9c4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=382401
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
4082
expires
Wed, 28 Dec 2022 22:11:26 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F1%2Foptimized%2F23087575_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=c_a-K4KR8ecEx1-T-M_EHWwO&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
9a3a949eda42dc80ba03de5f19d975d46f729ef2dbc1c3beba071c504c0a7eeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2454902
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6086
expires
Sat, 21 Jan 2023 21:53:07 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F1%2Foptimized%2F19234631_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=WATPtNG2GDr_3f5fgxBj9DmI&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
b1b20719f1abf851609e1f741f6d6dfc82b8596d992e27f50ae4d50ebab0865f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2434031
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
15668
expires
Sat, 21 Jan 2023 16:05:16 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F0%2Foptimized%2F21912183_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=8PS8-leEVTW9KwRfWl2aEltZ&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
01bc81c20c18f85fd8a39fd759e9f52000336b3a8d643a35e760ece9a2e75e35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1897837
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
7260
expires
Sun, 15 Jan 2023 11:08:42 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F7%2Foptimized%2F22256191_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=nPJE6aIvJNviviJuha6kqtAK&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
f1f64bde5a276280afd78b97cafa4d8a83b1c60f49b2b55b91a4028e93afacaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1936510
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21738
expires
Sun, 15 Jan 2023 21:53:15 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F6%2Foptimized%2F22876648_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=HIEoBKHi_9sNaleczovwLwaD&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
c2d1a845fb4426332e14d7377325cd79d484f8bffe1941a94372f8565708ca5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=618085
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5686
expires
Sat, 31 Dec 2022 15:39:30 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F22552854_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=2CFJNi0-tVs_7p7M4Y6U5Www&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
80785bc2cfbff52ad54520a2d1c22729649882b66c8a96864d27fe23ff1b09ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1858208
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12304
expires
Sun, 15 Jan 2023 00:08:13 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F9%2Foptimized%2F21641158_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=BoRiq7UmRPoyb-F2lcuVfqTW&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
eae9545b6b4c6d66cc1fc008c8608e69201f24e62eedcbf0b212a27a1099de1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2518431
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
17186
expires
Sun, 22 Jan 2023 15:31:56 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F4%2Foptimized%2F22552911_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=ipFDhkUPF-I5tePF1wlOk5um&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
83b7db0166c52508fe28104967416c1855cbedd17ba2eed6994c9edbf0c8bd90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2544319
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6882
expires
Sun, 22 Jan 2023 22:43:24 GMT
img
pix.us.criteo.net/img/ Frame 0FC7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.us.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=5535&q=80&r=0&u=https%3A%2F%2Fslimages.macysassets.com%2Fis%2Fimage%2FMCY%2Fproducts%2F5%2Foptimized%2F20334135_fpx.tif%3Fwid%3D1200%26fmt%3Djpeg%26qlt%3D100&v=3&w=400&s=i8vkr4YpBOqeKK1Xz-IgJ6Mc&b=400
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
b355c8d5d61dbdf162659970fe0dbe6cf4fc31ff6b62b18593dacbdbb0e7a2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1488198
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12046
expires
Tue, 10 Jan 2023 17:21:23 GMT
all
csm.us.criteo.net/ Frame 0FC7 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=MgbzItC8UjoLZwOejXz4CwuZMhZuc0hXRa9O08KZFsfvdzqJY2UUQDxUGRbVMZiXkuLDhwLAWmshrr7lKRkqrT84fz4zQq-gCw-gRAo-RgJWt-IsnA-b6WGS9z0sbEPGTiijjB11tFBnV-vLA7xVi7mL9Gtv3uU7qvJw_XQWQABgRw_IEGzaaMo0XL7M_QnWJoScJ2rrCsdXPt0VEaz9tcnGfjuhz3DtIIbNoW0N7GgaKS2ZOy2J9MTSZdxe_MI4XxnSEw&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 11:58:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0FC7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 0FC7 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:04 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 19 Dec 2023 11:58:04 GMT
28763351
mc.yandex.com/watch/ 		43 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/28763351?page-url=goal%3A%2F%2Fpsebay.kinoafisha.info%2Fokko_button_sticker_show&page-ref=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_ae6b5d070b60d8d34cd0d2a88e8cbdf0ca1876dc72d87e43b81d0add1d1cb310&browser-info=ar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A1%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115805%3Aet%3A1671883085%3Ac%3A1%3Arn%3A284249139%3Arqn%3A3%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C15267%2C15268%2C%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883085%3At%3A%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&t=gdpr(14)mc(p-4-h-1)clc(0-0-0)rqnt(3)lt(729900)aw(1)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:05 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:58:05 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:58:05 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1553457476&t=event&_s=2&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=tracking&ea=source&el=Kinoafisha&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=948821434.1671883077&tid=UA-21667993-5&_gid=1174609996.1671883078&gtm=2oubu0&z=1265008192
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 01:33:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
37471
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65409683ef3f94994938dddcef24665572a1a1b3294d9562a82cbcd59d2b0399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11181
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7EEB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=psebay.kinoafisha.info
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:58:04 GMT
server
Kestrel
server-processing-duration-in-ticks
495580
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 24 Dec 2022 11:58:05 GMT
sid
mug.criteo.com/ Frame 7EEB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=kinoafisha.info&sn=ChromeSyncframe&so=0&topUrl=psebay.kinoafisha.info&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9rTCNXx4eUVOWGtyd08vQi8wV0tGc3Q4SjA3TmRlaWlxK1d3aytjQXQ4eXdUcjJjVGMvakhDUWNIMXdTbTVMYnhlWTV6ZHp5TitvMVdhNTdoY1JGZTdMK28zMkdwRS93TlNNZS9paDQ2MDUweGFQNk45VGlSRTRaVGVmTV...
452 B
666 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9rTCNXx4eUVOWGtyd08vQi8wV0tGc3Q4SjA3TmRlaWlxK1d3aytjQXQ4eXdUcjJjVGMvakhDUWNIMXdTbTVMYnhlWTV6ZHp5TitvMVdhNTdoY1JGZTdMK28zMkdwRS93TlNNZS9paDQ2MDUweGFQNk45VGlSRTRaVGVmTVBaaENpRUd3Uk1mcWVqSnNyZHR6RWp4R0dDMTZJd2ZTbnZFZmhYYTNRU25NSW5xUFlBcXFUVEZFVmxRMVBvSWZram0zRlVHNW00NGxlNllzVk9YSjNESU01SldrejcxUzgreE9oenpjeVJHVTM5MUdhTHplVkdZVjZPTk5nZjJ0cVJTQWt0R25mT0ZKUU9WdS8wanArOUNvM3pnSE43Zz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
0d1058f1f992f9d7e3201898fdb979d618c2fa056287f999940ad4b36d1544b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:05 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1379792
expires
0

Redirect headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9rTCNXx4eUVOWGtyd08vQi8wV0tGc3Q4SjA3TmRlaWlxK1d3aytjQXQ4eXdUcjJjVGMvakhDUWNIMXdTbTVMYnhlWTV6ZHp5TitvMVdhNTdoY1JGZTdMK28zMkdwRS93TlNNZS9paDQ2MDUweGFQNk45VGlSRTRaVGVmTVBaaENpRUd3Uk1mcWVqSnNyZHR6RWp4R0dDMTZJd2ZTbnZFZmhYYTNRU25NSW5xUFlBcXFUVEZFVmxRMVBvSWZram0zRlVHNW00NGxlNllzVk9YSjNESU01SldrejcxUzgreE9oenpjeVJHVTM5MUdhTHplVkdZVjZPTk5nZjJ0cVJTQWt0R25mT0ZKUU9WdS8wanArOUNvM3pnSE43Zz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
670530
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E160 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
137730
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 21:42:35 GMT
expires
Fri, 22 Dec 2023 21:42:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F785 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2004 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
99b4cf3db2932351866ac81c1c9a195641deff64490edbaaa39fec282364155a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ecImvJkE_O8w7QlZ0CnJrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://psebay.kinoafisha.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ecImvJkE_O8w7QlZ0CnJrQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 24 Dec 2022 11:58:05 GMT
expires
Sat, 24 Dec 2022 11:58:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame E160 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 21:42:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
137735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Dec 2023 21:42:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F785 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=4114410815217459&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
all
csm.us.criteo.net/ Frame 0FC7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=MgbzItC8UjoLZwOejXz4CwuZMhZuc0hXRa9O08KZFsfvdzqJY2UUQDxUGRbVMZiXkuLDhwLAWmshrr7lKRkqrT84fz4zQq-gCw-gRAo-RgJWt-IsnA-b6WGS9z0sbEPGTiijjB11tFBnV-vLA7xVi7mL9Gtv3uU7qvJw_XQWQABgRw_IEGzaaMo0XL7M_QnWJoScJ2rrCsdXPt0VEaz9tcnGfjuhz3DtIIbNoW0N7GgaKS2ZOy2J9MTSZdxe_MI4XxnSEw&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 11:58:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
generate_204
tpc.googlesyndication.com/ Frame E160 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?P-oavw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=4114410815217459&bg=!wMOlw4fNAAYgquz3AKo7ACkAdvg8WkG9ob64PU8JGqmbPFhETA5j3xV923HnN3jSFx_1fMAdMiLnqgIAAAOHUgAAACBoAQcKAAbxxo7QgemZAvNwzS1H0EfBUlqkcjilZ_LwC1AsrkwLhzFSSoytGHINcfbzOFDzoWsUzXC4SHaNwP0iC5HfEJ0UEhLOfsVqVzRa5iHRBhuskpFbj1Ob6KrhigPQWGyISCk33oASkMwj-NCapDvNJH2JdTChjbJiqXdA2Eu6-7LQU4Dzf594_ukdsZMYmJgB7s6PHAkL_74DC51tIGQVTFpr3M_K4mPMfgOdtsKNHW0952ShP6WuMzhRLO1LxovFE-0aUPNgfQNJCVQ8L9a_4dHEc03CT6im3ZnmSqn6zNcZddRWBGk39jeyPUK9Cqq5T6Ok3ZRORFttIV3fVAVBLfk82B4qjojLNkNDOM2Re9rLLTxBbTKq3d3-2g2Ru7ZO5Hdd6gRofsI_Z5s96a6Ost5kHjWNjQ7NW6ZDAFUOllGQy_F8DZ6wA1-bn8fyz5i_PG0zItGwvaa3cLY3zRXA38OE_MdefoE4mC9Rdh2p9Wv0kTxZrGF-bq95t0dHcQVRfwkUwUJajsNHpNRkie4FNHIb9NZU4P2whqhL57vqqqnh8zhlJTSOKk0L3FV-SLV3clv4DblflFjqSlufslzZ46jJrIrpWm7uPZAtfH1Jdkm4VRu8ymViGUnYIywUmg8C1ehvZbCmkrE-q6VRHzCohkIQJNqtj0Ghqfogsm8eLE7M6YtFJgDbqot9S08SM4TmkNEy5a0Uvg6Wyq1g-t9T7sFjWBofO16WkBQO1SYRDdeHpgfrvfZle4Dgi9XT8RmOEQPbyYDLVvYPnQ8ZgJwSCIJwU4CRvaepW91UGHYVFa1kXxSbJ5baWw95G9YXv1krArld2x2sDO3QD5eb3dMt2VnDwxIX4PNYX-gjSPExhexzdI5pdCkaYC8ZJAAJZtnaPrFEyCrzDKwQRR3ueSZ4BFWAGAw18qwcUf_SrfOveD-Xv_Iax56JH-C7n9mySJYrg9L8wtfPm58AOXBnwjcxZvPLsjS-LJVfln1drA0lzifNVeLxkdq7KqYs4weuAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
event.png
tpsc-ue1.doubleverify.com/ Frame 6ECC 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=73b27ad454a547c3b71aa49847660430&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=493&eoid=14&msrjs=3326&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=728&tetms=133&msltms=218&vltms=493&sei=289&vetms=15&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=328&msrcannum=3&ismms=141&isumms=141&nvr=2&elmtp=3&isbxdms=2645&b0=2895&adhgt=250&adwdth=970&norwdth=970&norhgt=250&dvp_vsosnmr=1&lftb=2895&sftb=2895&msrdp=1&naral=64&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=126&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&ttfurm=3568&cbust=1671883087776246
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Sat, 24 Dec 2022 11:58:07 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
12/23/2022 11:58:07
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-3GNTWFZ027&gtm=2oebu0&_p=1553457476&cid=948821434.1671883077&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1671883076&sct=1&seg=0&dl=https%3A%2F%2Fpsebay.kinoafisha.info%2F&dt=%D0%9A%D0%B8%D0%BD%D0%BE%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BA%D0%B8%D0%BD%D0%BE%20%D0%B8%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%B0%D1%85%20.%20%D0%A4%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%20%D0%B8%20%D0%B0%D1%84%D0%B8%D1%88%D0%B0%20%D0%BA%D0%B8%D0%BD%D0%BE%D1%82%D0%B5%D0%B0%D1%82%D1%80%D0%BE%D0%B2&en=source&_ee=1&ep.event_category=tracking&ep.event_label=Kinoafisha&_et=8364
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3GNTWFZ027&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
28763351
mc.yandex.com/watch/ 		43 B
145 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/28763351?page-url=https%3A%2F%2Fpsebay.kinoafisha.info%2F&charset=utf-8&hittoken=1671883078_ae6b5d070b60d8d34cd0d2a88e8cbdf0ca1876dc72d87e43b81d0add1d1cb310&browser-info=nb%3A1%3Acl%3A6030%3Aar%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A952%3Acn%3A1%3Adp%3A1%3Als%3A162860700985%3Ahid%3A1006205164%3Az%3A0%3Ai%3A20221224115810%3Aet%3A1671883090%3Ac%3A1%3Arn%3A651660146%3Arqn%3A4%3Au%3A1671883075238850984%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C231%2C%3Aco%3A0%3Acpf%3A1%3Aeu%3A2%3Ans%3A1671883069735%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1671883090&t=gdpr(14)mc(p-4-h-1-g-1)clc(0-0-0)rqnt(4)lt(781200)aw(1)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Dec 2022 11:58:10 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 24-Dec-2022 11:58:10 GMT
content-type
image/gif
access-control-allow-origin
https://psebay.kinoafisha.info
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 24-Dec-2022 11:58:10 GMT
all
csm.us.criteo.net/ Frame 0FC7 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=MgbzItC8UjoLZwOejXz4CwuZMhZuc0hXRa9O08KZFsfvdzqJY2UUQDxUGRbVMZiXkuLDhwLAWmshrr7lKRkqrT84fz4zQq-gCw-gRAo-RgJWt-IsnA-b6WGS9z0sbEPGTiijjB11tFBnV-vLA7xVi7mL9Gtv3uU7qvJw_XQWQABgRw_IEGzaaMo0XL7M_QnWJoScJ2rrCsdXPt0VEaz9tcnGfjuhz3DtIIbNoW0N7GgaKS2ZOy2J9MTSZdxe_MI4XxnSEw&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y6bpRQAKWqsKyPwCAACOWcR5mdROLGhVid4Jtg&u=%7CrCHERtz1NaGV%2BU69pRFZXlDzgv1xW5yIdvDZuqsfRSI%3D%7C&c1=m7oIQCLYgBslArNoBtbzWHzwUuYl18vyg3BSPsDH_dDD2K7jTI2b_BKeMDzVLXpjbb1IpffVYgEMlcX4h_b2NPQo-zyI1B7DxHn_gLwvzt_FcLKcffDbxzJHhiywc5hIv1aiiEVYTfc7_nHcjnwT_szGc5pfRx1M9xPnfLU0LZd5KNp2zBkbSAAe9zP9FQqlb_z5BjXHihcgjZqK9AC89jg1Cb_ANW_SNueEmmwwooa61QqKj--ZPmOitYETlootv2tKaOrv4HvTNMeYRCe2IM1ixg1Q0eVmnmBoDDthmzuyT5XX5MDcY0DtLDX73i0NqZjdeLZoTs3TjtMTPmTT-6ZMPGMXZrQtCz1iVr5K-QFlAiCFpcgbJVFvZPOC5nJQ-QpRz-SmCOWWT3Y8VDVSd__WBdbppde-j6LRzjs_8UIgRrYdWpqF9mPpObAWJiaAE5Q0Dc5-k9R5TlcBz9PiLE6huxCnYfpaI11_nSHx8w6iPmQ6pmarErP-5pdEbYovZCQxDI-4trKiOr89A_6tYFIjLZFfkOHQWQUB6iHYRSLSaHJzlqs4wtiEJ-UTDSy7M3-uDik6Y30utxvjK775ccKAso1vq5OZbQBuRw_JObBWF02Ou2GKVeNeQXJpT4_QVHDRruGq_OXMRe59U9XJng&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC30VrRemmY6u1KYL4owbZnIL4C5yB77BcosqnqnTAjbcBEAEgAGDJtqOI8KPsEoIBF2NhLXB1Yi0yMjc2MTM0MTQwOTkyMjAwyAEJ4AIAqAMBqgToAU_Q7VeRBQViPmvOj0ol9zEygk6_cY4j2briq1ZwrNygEqT7_YIvKAwZ69MJJTWt5TjI1US_AXEQI-9b5sItZrV3M_WoeHdbzMzFoY79eRXO-KUX_QLK8WPKSDeiP6B9-5wxrjgSYtM3bLNvE2-FBtY7t-_4k_1InCMqU_H-0Gwj-3vRM252Q-xjf43fLNlUcso9lAZb9z7GxMZD0VfOl8zpTXkz6choWvLkcqi4ITXSDImv2JokZjGkFNGVIOxdkcH4MpP-ufVApLEuyQmci48sBlavzsyv1ra4fh9iJseOzGc92hrtpqzgBAGABoih5fuWkZHYeqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_01YxIgLX3JuV5F1-bNSbbEJ4Kp5w%26client%3Dca-pub-2276134140992200%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Dec 2022 11:58:11 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
384944689488.jpg.webp
static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/384944689488.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e453b26ee793bdfa512a3e7e23fbf8c723b4376fad6031a88ab3470b0e08c30a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:12 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 15:22:52 GMT
server
cloudflare
age
56173
etag
"63a1d34c-5a68"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e929ef4cf813eb-ORD
content-length
23144
expires
Sat, 23 Dec 2023 20:21:59 GMT
787722078868.jpg.webp
static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.kinoafisha.info/k/carousel/canvas/470x265/upload/carousel/787722078868.jpg.webp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5e06c38e70902d47cb25067b8d4d24c9129f74efd260722d4964f324725813

Request headers

accept-language
en-US,en;q=0.9
Referer
https://psebay.kinoafisha.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 11:58:23 GMT
cf-cache-status
MISS
last-modified
Thu, 01 Dec 2022 11:09:45 GMT
server
cloudflare
etag
"63888b79-50ca"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
77e92a30ca5d13eb-ORD
content-length
20682
expires
Sun, 24 Dec 2023 11:58:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
adx.adform.net
URL
https://adx.adform.net/adx/?rp=4&bWlkPTkxMDA0NiZ0cmFuc2FjdGlvbklkPWQwZWExZTU3LWNhMWYtNGUxMC1hY2MzLTUzOTVlMDMxOGZjNSZyY3VyPVVTRA%3D%3D&pt=gross&stid=58ef6965-a5c9-47e5-90ad-027f2e829d2d&fd=1
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=8406441312
Domain
prebid-eu.creativecdn.com
URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Domain
prebid-bidder.rutarget.ru
URL
https://prebid-bidder.rutarget.ru/bid
Domain
htlb.casalemedia.com
URL
https://htlb.casalemedia.com/cygnus?s=641474&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2211dda3c48e3e3a1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fpsebay.kinoafisha.info%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22168e6a64-04fb-4d8d-aee3-25b606b47778%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2212865d6d1e0df5e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22641474%22%2C%22sid%22%3A%22970x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Domain
tlx.3lift.com
URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fpsebay.kinoafisha.info%2F&tmax=1000
Domain
ghb.adtelligent.com
URL
https://ghb.adtelligent.com/v2/auction/
Domain
c2shb.ssp.yahoo.com
URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9699050176763cf9053f44170f00ad&pos=8a969cb00176764229344401378f0019&cmd=bid&secure=1
Domain
pb.adriver.ru
URL
https://pb.adriver.ru/cgi-bin/bid.cgi
Domain
ad.mail.ru
URL
https://ad.mail.ru/hbid_yandex/
Domain
adfox-hb-bidder.rutarget.ru
URL
https://adfox-hb-bidder.rutarget.ru/bid
Domain
px.adhigh.net
URL
https://px.adhigh.net/rtb/yandex_hb
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontentvisibilityautostatechange object| APP object| yaContextCb object| adfoxBiddersMap object| adUnits number| userTimeout object| YaHeaderBiddingSettings object| googletag function| notsyInit undefined| notsyPageSettings function| gtag object| dataLayer function| uPopup function| videoPlayer function| notsy_pbChunk object| notsy_pb object| _pbjsGlobals function| notsyInitUnit function| notsyNewPlacementTagAdded function| notsyDisableUnit function| notsyDisableRefreshOnUnit function| notsyReEnableRefreshOnUnit function| notsyRemoveAllAds function| notsyDisableRefresh object| yieldMaster object| apstag object| Criteo object| notsyCmd object| yieldMasterCmd function| cnc object| webpackChunkyandex_pcode object| __activeTestIds object| __vasActiveTestIds object| __pcodeAllActiveTestIds object| Ya number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| ya object| yaads object| ggeac object| google_tag_data object| google_js_reporting_queue object| smiq object| google_tag_manager number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| fbq function| _fbq object| TicketWidget object| PostMessage function| iFrameResize string| GoogleAnalyticsObject function| ga boolean| IS_CLIENT_SIDE boolean| IS_ANDROID_WEBVIEW boolean| IS_IOS_WEBVIEW boolean| IS_WEB undefined| androidBridge undefined| iosBridge function| _bridgeSend function| _bridgeSupports boolean| IS_BRIDGE_AVAILABLE function| obj2qs object| fastXDM object| VK object| yaCounter28763351 boolean| apstagLOADED function| onYouTubeIframeAPIReady object| gaGlobal object| googleToken object| googleIMState function| processGoogleToken function| google_sa_impl boolean| _gfp_p_ number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_132 object| Criteo_132 object| Criteo_prebid_132 boolean| yandex_context_perf_logging object| $sf object| yaSafeFrameAsyncCallbacks object| yaCounter42093449 function| Swiper object| GoogleGcLKhOms object| google_image_requests

104 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQlP78n9QwCgoIgQIQlP78n9QwCgoI4gEQlP78n9QwCgoI5gEQlP78n9QwCgoIhwIQlP78n9QwCgkICRCU_vyf1DAKCQg6EJT-_J_UMAoKCIwCEJT-_J_UMAoJCF8QlP78n9QwCgkIHxCU_vyf1DA=
.kinoafisha.info/ Name: PHPSESSID
Value: 5b2639d5e18845cb627cfa98481ebabd
.kinoafisha.info/ Name: ka_city
Value: cHNlYmF5Lmtpbm9hZmlzaGEuaW5mb3xwc2ViYXk%3D
.kinoafisha.info/ Name: _ym_uid
Value: 1671883075238850984
.kinoafisha.info/ Name: _ym_d
Value: 1671883075
.vk.com/ Name: remixlang
Value: 3
.vk.com/ Name: remixstlid
Value: 9058093919912260332_2fEZVY3oTkhiwJgdoPngwg1JzBLh87rGaMgg1Zp3zvg
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: tuuid
Value: 7933e094-b443-5366-ba44-9ac0d9e27385
.betweendigital.com/ Name: ut
Value: Y6bpRQAB5GC7azZt3ViyFPVD-B_CV62svyixvQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 969992556fake
.adhigh.net/ Name: gi_u
Value: xLHZOsYN3mZ.AikABlGFQ_80YQ
.rutarget.ru/ Name: userId
Value: XG_gtXZ4Glxl
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 991803856fake
.yandex.ru/ Name: yandexuid
Value: 4685741401671883077
.kinoafisha.info/ Name: _ym_isad
Value: 2
.kinoafisha.info/ Name: _ga
Value: GA1.2.948821434.1671883077
.kinoafisha.info/ Name: _gid
Value: GA1.2.1174609996.1671883078
.kinoafisha.info/ Name: _gat_gtag_UA_21667993_5
Value: 1
mc.yandex.com/ Name: yabs-sid
Value: 1109869721671883077
.yandex.com/ Name: i
Value: YkP4gIYSNZHsA1AkREWjqlmcSMF5rj/ZmjVlixlJOovBe3Ex1JNLALK+NethtxOfXOAptTPPpQosgLUahHXuioikzdU=
.yandex.com/ Name: yandexuid
Value: 6499700751671883077
.yandex.com/ Name: yuidss
Value: 6499700751671883077
.amazon-adsystem.com/ Name: ad-id
Value: A7QHvDvLNEdtkSM4iKDd63A
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.yandex.com/ Name: ymex
Value: 1703419077.yrts.1671883077#1703419077.yrtsi.1671883077
.kinoafisha.info/ Name: __gads
Value: ID=493464f475dcdc49-22253380b7d900c4:T=1671883077:RT=1671883077:S=ALNI_MZmqcliWXCzsy5gDmNnLthig_8WTQ
.kinoafisha.info/ Name: __gpi
Value: UID=000008e306e58ea8:T=1671883077:RT=1671883077:S=ALNI_MY72ngPLiFLwfpEIOgdLLjWAzi6DA
.doubleclick.net/ Name: IDE
Value: AHWqTUl4oYwOS050jhYmYFGQJ-eMM5jNeIHkEx8Bm7gFIo9au44k-qoKxm1fliDCbdk
.yandex.ru/ Name: i
Value: 7R5l9PSRaCshUqByB5dYTylF8cPJnpH+SIcRq9iSMPr8ipv/BEVuXnAnhkZfv3fyLAIkMnPc6qWHQeYEsMhOuohyB3A=
.3lift.com/ Name: tluid
Value: 2975828447412716551112
.smaato.net/ Name: SCM
Value: 9537df75
.smaato.net/ Name: SCMaps
Value: 9537df75
.sharethrough.com/ Name: stx_user_id
Value: 1b348dda-2383-46e0-8ff7-c6f95900276b
.bidswitch.net/ Name: tuuid
Value: 57d864d6-23b8-4d41-b351-7c97eba1ca9f
.bidswitch.net/ Name: c
Value: 1671883079
.smartadserver.com/ Name: pid
Value: 7164937848874519873
.casalemedia.com/ Name: CMID
Value: Y6bpR4Rjv-Yj0TMnThmtTgAA
.casalemedia.com/ Name: CMPS
Value: 187
.casalemedia.com/ Name: CMPRO
Value: 187
.bidswitch.net/ Name: tuuid_lu
Value: 1671883080
.adnxs.com/ Name: uuid2
Value: 2433049645475493699
.agkn.com/ Name: ab
Value: 0001%3Ag6ox2WaPVptOqy6cFDMlhQ3gBr6Z7%2B%2B1
.agkn.com/ Name: u
Value: C|0AAArOaXIKzmlyAAAAAAA
.adsrvr.org/ Name: TDID
Value: df9b23f8-323c-46aa-bbcc-f5691a86b5c4
.dotomi.com/ Name: DotomiTest
Value: 705130ca929e140f
.c.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 302786B65ACA6CF636AD94325B626D1F
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y6bpSQAGYF1CVAAo
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: li_sugr
Value: b531e9e0-196d-4dbd-b49b-53007e86284b
.linkedin.com/ Name: bcookie
Value: "v=2&c636f19b-93f4-4b92-8a96-be877744461b"
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2523:u=1:x=1:i=1671883081:t=1671969481:v=2:sig=AQFIHHitdCoGX-RfV3OmgtOaf9kc-Bet"
.dyntrk.com/ Name: dyn_u
Value: 04030001_63a6e9497771c
.yahoo.com/ Name: A3
Value: d=AQABBEnppmMCEAAxSJWfTP4DnJcT_3l82yUFEgEBAQE6qGOwYwAAAAAA_eMAAA&S=AQAAAtOkBSZGFJXIt83_ebm-oYg
.rutarget.ru/ Name: sync_0dc72aebf9a4e1cf6f0c8a3a421e31a2
Value: XG_gtXZ4Glxl|1671883081542
.rutarget.ru/ Name: sync_fc821051ae5abea671f7ac556f1ea647
Value: XG_gtXZ4Glxl|1671883081542
.rutarget.ru/ Name: sync_ec8bf516fafa51927e71233e18e82503
Value: XG_gtXZ4Glxl|1671883081542
.rutarget.ru/ Name: sync_d7a14e30636d52e10b35d10c02578019
Value: XG_gtXZ4Glxl|1671883081542
.rutarget.ru/ Name: sync_71c015090a068e09460994346a52bdbb
Value: XG_gtXZ4Glxl|1671883081542
.simpli.fi/ Name: suid
Value: 71C96DD3B63944F78E395A3509F86493
.openx.net/ Name: i
Value: 0a0b4f1e-ec00-0581-3f83-538c49bad4a7|1671883082
.quantserve.com/ Name: d
Value: EC0BDQHxJ7jvsQA
.quantserve.com/ Name: mc
Value: 63a6e94a-cb9b0-e8bb7-4c257
.company-target.com/ Name: tuuid
Value: 0e0515f4-4437-4258-9710-dc8a281661f1
.company-target.com/ Name: tuuid_lu
Value: 1671883082
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 65b363a6-e94b-4600-b0df-a712b8ec0f57
.admixer.net/ Name: am-uid
Value: df3ad13ec7fa48a7a0fd64f3b2e82e03
.sitescout.com/ Name: ssi
Value: 477b5be1-1022-4a9f-8a5f-f64a7600f1c8#1671883082831
.turn.com/ Name: uid
Value: 3099051828667121746
.analytics.yahoo.com/ Name: IDSYNC
Value: 175w~290z
.adform.net/ Name: uid
Value: 8796180841940499808
.rubiconproject.com/ Name: khaos
Value: LC1W0R9O-9-J315
.creative-serving.com/ Name: tuuid
Value: 92b78522-1846-4c5f-8de9-56939e87f7b2
.creative-serving.com/ Name: c
Value: 1671883083
.creative-serving.com/ Name: tuuid_lu
Value: 1671883083
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY3MTg4MzA4MzI3NSwiMzkiOjE2NzE4ODMwODMyNzUsIjciOjE2NzE4ODMwODMyNzV9
.fg8dgt.com/ Name: tuuid
Value: 27338996-65d8-492b-b578-ce7416c7e5ab
.fg8dgt.com/ Name: c
Value: 1671883083
.fg8dgt.com/ Name: tuuid_lu
Value: 1671883083
.kinoafisha.info/ Name: _fbp
Value: fb.1.1671883083348.1283750245
.tribalfusion.com/ Name: ANON_ID
Value: aOnrejSyZaRGRT8vnQXv4R87KjTfKx6BSD0ZdEZa3VBZb0cmAj8FTxafdc1df93tw9brIbYJquEj
.mts.ru/ Name: mts_id_last_sync
Value: 1671883083
.exchange.buzzoola.com/ Name: uuid
Value: 91f06af5-1505-4052-68ca-65c1c96f8014
.yandex.ru/ Name: yuidss
Value: 4685741401671883077
.mts.ru/ Name: mts_id
Value: b00d824f-7434-44bd-97f3-067c1770f24b
.bidr.io/ Name: bitoIsSecure
Value: ok
.adsrvr.org/ Name: TDCPM
Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI3Oy8vITssjsQBRIWCgdydWJpY29uEgsIuP7b04TssjsQBRgBIAIoAjILCNzkv-ma7LI7EAU4AVoMc2hhcmV0aHJvdWdoYAI.
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 7b51c84b9ef987fcb30ac4cd20870815
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQME8yNUy2MEmyTE2ztDBPS04yNkhMNklOMTKwMDewMDRlAILkZS%2B9QTQUAABiKwsm"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIXvbSG0hBAQAcDwI%2B"
.bidr.io/ Name: bito
Value: AADJ2E7HTdMAACMzZ9S4ng
.tapad.com/ Name: TapAd_TS
Value: 1671883084387
.tapad.com/ Name: TapAd_DID
Value: 587845f7-5418-4d90-ba57-6971e182d5f1
.rubiconproject.com/ Name: audit
Value: 1|8hdyqZhB8gYxAQhhjtyRMqBsUgqvFROD5Jp7o+2VdlLr1JKW4ws3nlf/Vk1M9pSED3AOq436J2siZ07GJqnMno4BjqNRGrmz
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.casalemedia.com/ Name: CMTS
Value: 3818
.kinoafisha.info/ Name: _ga_3GNTWFZ027
Value: GS1.1.1671883076.1.0.1671883085.51.0.0
.criteo.com/ Name: uid
Value: da8c4ea0-af93-4db5-96ad-5f30b2b14b13
.kinoafisha.info/ Name: cto_bundle
Value: _MkuzF95cFpNdjZFTnlCRUltV2k0cmhLNFFqVHhTR3pHemJQV1NFUXpLWlVvOEIlMkJJZXJ5SyUyRjNKYjVYc0hzb1llOTQlMkYzd0pNUm5WTSUyQnJiRiUyQjVWVEF2aTAwRWgxakNCQTM2b2Z0dDUlMkYlMkJ1ZTdJMVdxN0gzc0lPVWJHZGdqJTJCc0ZycVlWaEtHOTRVVmN5JTJCJTJCSlprZiUyQlVmMSUyRjFpcVElM0QlM0Q

3 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9862.4B-QKImPC9Avu9RbdWRpJBvty94-Gyra_Ybdgm1z4cFWCb26Kg1dGRxYdGR0ccGIZRwyc3LKW_8w1hnhcRImQIZhplYm1e4wdq68SSu_PVrpkAopRI45dgefaTo5f2daT0Zc9yeXsDAxK_MqROQGUn-LdR50oHbKiyFtZzM0sjgdGm8PjDsbVL2z_gKB-_cfK_MAaYIbRCSGK7MfJdQF4Q%2C%2C.ebFnuqDudqvD7tUlAbFZDWyLYi8%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=df9b23f8-323c-46aa-bbcc-f5691a86b5c4&expiration=1674475081&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

60885e7f308b92a2979fa105bbc014e2.safeframe.googlesyndication.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.mail.ru
ad.turn.com
adfox-hb-bidder.rutarget.ru
ads.adfox.ru
ads.betweendigital.com
ads.creative-serving.com
ads.us.criteo.com
adservice.google.com
adx.adform.net
amazon-tam-match.dotomi.com
an.yandex.ru
analytics.google.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cat.va.us.criteo.com
cdn-b.notsy.io
cdn.doubleverify.com
cdn.indexww.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.us.criteo.net
d.agkn.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.buzzoola.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
inv-nets.admixer.net
js-sec.indexww.com
jsn.24smi.net
m.fg8dgt.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
nep.advangelists.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
pix.us.criteo.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-bidder.rutarget.ru
prebid-eu.creativecdn.com
psebay.kinoafisha.info
px.adhigh.net
px.ads.linkedin.com
r.casalemedia.com
rtb.va.us.criteo.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.tribalfusion.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.criteo.net
static.kinoafisha.info
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
tag.rutarget.ru
tech.rtb.mts.ru
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
vk.com
widget.premieralight.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
yandex.ru
yastatic.net
ym-tack.b-cdn.net
ad.mail.ru
adfox-hb-bidder.rutarget.ru
adx.adform.net
bidder.criteo.com
c2shb.ssp.yahoo.com
dsum-sec.casalemedia.com
ghb.adtelligent.com
htlb.casalemedia.com
ib.adnxs.com
pb.adriver.ru
prebid-bidder.rutarget.ru
prebid-eu.creativecdn.com
px.adhigh.net
tlx.3lift.com
104.18.33.19
104.18.36.94
107.178.246.49
108.138.124.226
142.250.176.198
142.250.80.98
143.204.144.76
15.197.193.217
15.235.43.120
151.101.193.108
151.101.66.49
172.64.154.237
176.9.81.69
178.170.196.247
185.167.164.37
185.184.8.90
188.72.107.205
192.40.39.223
195.209.111.22
199.187.193.177
2001:4860:4802:34::178
2001:4860:4802:36::181
204.62.13.72
207.198.113.86
209.205.197.154
213.189.208.20
213.87.44.187
23.3.115.102
2400:52e0:1a00::871:1
2600:141b:13::17d7:82a2
2600:1f18:4e9:5a07:f838:172b:9f85:e97b
2600:9000:21da:7800:19:fc2c:a140:93a1
2600:9000:2209:d200:1b:5138:8a40:93a1
2606:4700:10::6816:178e
2606:4700:10::6816:284a
2606:4700:10::ac43:686
2606:4700::6812:18ad
2606:ae80:1451:14::1080
2607:f8b0:4004:c08::9c
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2008
2607:f8b0:4006:80d::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::2002
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2620:1ec:c11::200
2a00:1148:db00::17
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::90
2a02:6b8:a::a
2a02:6ea0:c454::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::485
3.92.156.8
34.117.228.201
34.205.183.92
34.96.71.22
35.173.168.2
35.194.66.159
35.211.141.197
35.211.178.172
35.244.159.8
35.71.139.29
37.157.6.245
52.207.194.90
52.45.33.138
52.46.130.91
52.72.250.173
54.152.246.118
54.86.146.255
54.87.58.125
67.220.224.150
68.67.160.184
68.67.179.155
69.173.151.100
74.119.119.139
74.119.119.147
74.121.140.14
8.43.72.97
87.240.132.78
96.46.186.57
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01bc81c20c18f85fd8a39fd759e9f52000336b3a8d643a35e760ece9a2e75e35
0317ace639ebb7dc528e63e0841d1fb9721a6aed47510690d303664d527a5939
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
057ad680bb47a98ecb645d23cee6e2090dd2e2cb4a1247bb565db47a037b9fe7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081303965b82fcd18dde7ba29b139667fd58122fcf700f7bd878a4467854f0e3
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8a319aa3a60c148a2ee35d8904b4b5c4bca11c2bc7fbfbfff2a5a2b017d12d
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c2db33131d697cbf5f7609e8321538bab0ff890843eb4b3e048c14f7664cf98
0d1058f1f992f9d7e3201898fdb979d618c2fa056287f999940ad4b36d1544b5
0edce35472c84713f71d2cbb070f6a937aebc724a3832de1f7b5b2f4649e23c4
11a476d160d9ea7afb0055f2dda17cc9619a5e8ff11329f7ebb3e01c94431ca7
180c12f21709e9ea1f2433c1f1f74e240d1d66864b914db6bc8fa9e42aea8080
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19ddd52c4ea2b2b38987deb13a0e40150b03212b3f922efb9d94710ba00e40e2
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
1eefc78931aa025b2c758bd5ac9cc84e0aeb52d3d75f48cde529ec47b11b9c4e
1feb31207034b38c01d216e39af745c13ba1036249d3c1d74f9db08436b700f4
20391421aa9801133dd20cb97fb07cc52c9b847a42caccfcb4a1cc76a92fc9bf
225eea9246405d3fbfa23fae814ff75bd35facc5357d7df2aee7a03db1878e8e
232be7d1a3844f035a20a40e9cb3f713420f80458c8ef22b6e5cd244ba9afc61
246fbe4e2666a757523b81faecbbe621d6280e45b7602540601485c04a165955
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
294c7b0bddb95299e265e78586b9935fb8fad8d782210f8a3de3ba17e9e26e6a
2d492d9ab6895dbb85497151ee6ab5ee6134ccac502c798921648e924bf47e86
2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
38302719b438937e4796e5d6d5d59a406f16cea319b1fdaf7478c56a8b87f640
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f5e06c38e70902d47cb25067b8d4d24c9129f74efd260722d4964f324725813
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421870e65ee4bc30200e85bbde85d3467591d7f7080e4d2cfd3e80d6b4a6bf3b
425a93feae79c0808f131cdd0d448df52229d6c385a287e368772984bf328787
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d9ea68acb20f401c1706f687a264178ec656fdd7a02d0cd2c0b06c30b66908
4804c2aedacd4aeaa883f9ee68a46db16fca0019e321d2991ccc16531d57f7aa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
49ff3d3ca4ef2a15c80d4b4fbc53afb7cf4415ce7d980ba3dbda71d2a449da7e
4aaf8de75d9426bfc8ae67cda554cab8399c74a619daaf024e9c8f11006deeb7
4dab4b964958354225cdc215ae7f8e86dbaad63b621bb7ba7e805b5110d2b36d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54bd8e0e4ef2a5789a91419ca7777f38f369a87fd68b9b76b066fb90d5a53c3a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
5ab1b0a057d2bd20012562459bc3bad3b1ca065f4a566cf988fa180ef5f78513
5ad1fbf2418eb4fd8d812d04bbf4c0d1b46306ecf13b93e1c5fd86186d238e13
5daddcea0d13b6e6de5f3e22cfbd338a69c94a93d437bdbc88422b276ec9e98d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463923ad6cc5932a793d04594631b65b18b98cf574ae2163f82e48aaf313573
65409683ef3f94994938dddcef24665572a1a1b3294d9562a82cbcd59d2b0399
66d688e41e6a25018935e9c91812570eb7d71d161c3b14f54bbbb0c74911b91d
6b1e8742e5f73c7a04901f74f9379ff87573e9958948ecc940c154fd59ee0c0d
721ba495ffcf81ac27c0d906ee12dddc187d2ea04a40130b939a79a8cc62f795
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73d8c98b86143e9d271f10f79e337994a1a9d967b422168697e7423cba3806aa
7444f8b2cca0e59929913024a2cbdb33d7301b06407f94d62f5f2e5a835ac637
75303046884e18e0f63d9a587ccd73cbbd3f1eb37a90c1c799e48906ed614585
7b238bd57150d1e00add029f25524829bcf5e9823ecfdef62c70adcef9fa6087
7b48d8c4437d282b4fc5b5edefca1649fd1133799fac4a175462291a7c4c53e3
7ba42911d371afcf87e78b4d8281aca396a676f020bcfc1c62a731ef2c20643a
80785bc2cfbff52ad54520a2d1c22729649882b66c8a96864d27fe23ff1b09ac
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b7db0166c52508fe28104967416c1855cbedd17ba2eed6994c9edbf0c8bd90
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84850d50823ca8d77cb4c238356e9289dc59dc770f00829d7f3a70aed85c3f70
857a00ff5084c04869fa6685522bec293830c909893d3162a20480333b9eaaa0
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
88c953cdc6c26bf2e8b4dbd2c40c31dc267e4abc0abd080b59ee5064e7331771
8a3bcf159522bd9e5af409d0165bafe5e33473591b3d8c9c74d5ffbdbb4b34a2
8aa6099de746bac671c1ae7b20cc24d3c1078599243e1a68d8d8370fdf7f7eac
8bd1bdb518479143fc511bbcd748491184f5f0d4ea1ccf0207c9d6119192474d
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90d33a10b8e8f7c0013b439759011c4dbd4e5e07c45e8d5dcc73f78ad8460ed9
90e8b07b7c1f24ea0879aeea46ead06a3dba99127e5707244b8bedc9935fb873
9448caca6957402ef4d18611667741a95658405db08781fb52758f47ed697a8c
9502b4e6736461a6d237d3c71e512a98a8c217c11c5dbb0574c7a40f6e2f532a
9669df55c5eeff2125e63d5e718cb9774b9f24e6e75e62ea5f6b30471c666aec
9798cea005aac4333203616f34c5eb42c280d1964703c9bac73e84013cdd9125
99b4cf3db2932351866ac81c1c9a195641deff64490edbaaa39fec282364155a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f821edf87404750ccdce8cd0f4306ab91cf4db0d4bdb39dfdbab62c9f4c179
9a1423b6437b397c09fba356e10ab602f6dba728f70520c56df82fd7b5fe23e4
9a3a949eda42dc80ba03de5f19d975d46f729ef2dbc1c3beba071c504c0a7eeb
9a4d4402cb6d86ad4d367ba47775afd5f46f8e99fd6adc7a896bf668c383d460
9b79a82e752999143ce1719ed45d3d951446203697e1bdc142147bb4cccee9b0
9bbbc45cf323952c8d63189451ef42bddc36562447f98fc0254939fb87633bd6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ef3834bb388654e98c93238bf603d1e46a4c6c93f2b24b441dd2cf6f9199db0
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1e730339a4e1201c95d73b8f6d92dffff8c7cc7e5128f29b67bb3dacdbae1a2
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a357b148cc11734eef438631edf3192edce69cfccd492b949cb3a29098f1af38
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83425d418592728e05b49d04edddbe9d15aa2c1c02f8a79cc22ad740f16b3fc
a8ef04083240bb5a83fa94d14084c25b796de7743e4fbe7f8e24df83b249103e
ac5752503f7b73a37b40dcc241f741a1a3ac7999560978b6a3b7931ffb3bcb8d
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b20719f1abf851609e1f741f6d6dfc82b8596d992e27f50ae4d50ebab0865f
b355c8d5d61dbdf162659970fe0dbe6cf4fc31ff6b62b18593dacbdbb0e7a2c8
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbcb1c0d84bfa25ba03a536643b0aa355079325af9581212c91c1215cdd4a39d
bd6f703dba4a7871b90ed891be9eee465e2d42ca16b40c77fdc533745f7b3fd2
c006c7645e06982dc31e1890ff87a6e665f9a87c54bebf7e76422b63ff625476
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2548faf0622c3e4314ddaf29d3fbda50496d35c8316ac2030b36d36f5064a98
c2d1a845fb4426332e14d7377325cd79d484f8bffe1941a94372f8565708ca5d
c3f6a6cfa836cb18a0cb6bcaa031444bdbe6e767c87b7b9dafb48dc807633adc
c4d122663b14f58c02364cec5bbe991cad4dfffae9c87c8a4742498e5280b0e2
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c7a1a339857bd66246666858a4f29747a8eb1b0cb8e0c21e458826ff19020e2e
cab69df790c9656ed775fc84eea46861bfdef15c07886a1f40c80aa269873b53
cb7d191eeade124bcf4fe9ebeff0da9575e6410937eb4eda086dee632dca1cf8
cc7107321f11546be5033936b4f2dd0f7e62a648ad4786b6646044165903257f
cd95d45c6b661c9c45e8a7ee5611744b7d196fbd0bdbac5647aec53aa2875121
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d18a2dc53eefab7c166340605fb398a07220d2954c89a882e420e2ccf6efde88
d495b605d874fff6c44230b7a0fcea83f8939d7b8c852a68e1673d9569ef9100
d8b1280df015b12fd4ea4138faad855238e57f1819a6d2b854d0fd9879532805
da7fcf6f0601d45c60cadf479b3ffe4d6a0ac9d308bbfaceb5d7d7fe0597e2ef
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e23d1ed62c982ac7ccbdbf25ce5289b23facf4631028e662b1b092f62332f4cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e453b26ee793bdfa512a3e7e23fbf8c723b4376fad6031a88ab3470b0e08c30a
e52ed875f727b75380e284e0fd4a241e2b760f87b2489fbda68ce5d578512e6d
e7938034962bdaffe07fe3c09231ed2633794c2464bcb77c70aa8f86db0fa18e
e7f9b142fccc95c741cc88f005d366a180e22bf7500e484c089fffeb1615087e
e8b565eae06e2addb7968fb578b2f8f2853502d63f2fc883a9acaa5441bae132
eae9545b6b4c6d66cc1fc008c8608e69201f24e62eedcbf0b212a27a1099de1a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7fa744a28ed3903030d78af3c64597224908800df9ecba58c39d8f5c47b630
f1a1ef71bcc5311a7d18cb4b715282cd81a37efd5b4b16f3ed3414a40d01e75f
f1f64bde5a276280afd78b97cafa4d8a83b1c60f49b2b55b91a4028e93afacaa
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
fb395b97b3f664eef046a836807532b48b8fbda1a16e62bd0f8d725319222f2b
fe8983772bdd1986d87874dcb8867a01a31bdb6134f709856be048a8ba39787f