www.cineman.ch Open in urlscan Pro
172.67.41.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cinequiz.ch/
Effective URL:
https://www.cineman.ch/
Submission: On November 23 via api (November 23rd 2023, 10:37:45 am UTC) from CH — Scanned from CH

Summary HTTP 166 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 41 IPs in 9 countries across 34 domains to perform 166 HTTP transactions. The main IP is 172.67.41.119, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.cineman.ch.
TLS certificate: Issued by E1 on November 19th 2023. Valid for: 3 months.

This is the only time www.cineman.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3032::ac43:b5d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	172.67.41.119 172.67.41.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	104.26.15.6 104.26.15.6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
5	18.66.122.123 18.66.122.123	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	52.59.96.4 52.59.96.4	16509 (AMAZON-02) (AMAZON-02)
1	18.194.125.69 18.194.125.69	16509 (AMAZON-02) (AMAZON-02)
1	34.160.111.29 34.160.111.29	15169 (GOOGLE) (GOOGLE)
4 11	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 18	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.33 13.32.27.33	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.128 18.66.122.128	16509 (AMAZON-02) (AMAZON-02)
4	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	18.185.252.128 18.185.252.128	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	108.129.52.148 108.129.52.148	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	3.69.66.66 3.69.66.66	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.112.20 18.66.112.20	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:d70:0:a:... 2a00:d70:0:a::150	29097 (HOSTPOINT-AS) (HOSTPOINT-AS)
1	2600:9000:225... 2600:9000:2250:9a00:19:a7f1:4080:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:225... 2600:9000:2251:d600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2600:1f13:800... 2600:1f13:800:7780:25e5:b3da:7d1d:5e73	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	154.59.122.79 154.59.122.79	174 (COGENT-174) (COGENT-174)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	2600:9000:211... 2600:9000:211e:4200:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
2	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:780... 2a02:26f0:780::210:a46b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
166	41

1 2606:4700:3032::ac43:b5d6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cinequiz.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 172.67.41.119 (United States)

ASN13335 (CLOUDFLARENET, US)

www.cineman.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.26.15.6 (None, )

ASN13335 (CLOUDFLARENET, US)

media.services.cinergy.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.122.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-123.fra60.r.cloudfront.net

gbucket.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.96.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-96-4.eu-central-1.compute.amazonaws.com

weather.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.125.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-125-69.eu-central-1.compute.amazonaws.com

gs-goldbach.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.111.29 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 29.111.160.34.bc.googleusercontent.com

ch-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.89.210.153 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams3-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-33.fra56.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-128.fra60.r.cloudfront.net

beagle.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.185.252.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-252-128.eu-central-1.compute.amazonaws.com

beagleider.tamedia.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pexus.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zuba2.prod.tda.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.129.52.148 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.66.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-66-66.eu-central-1.compute.amazonaws.com

video.gbads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-20.fra56.r.cloudfront.net

templates.da-services.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:d70:0:a::150 (Switzerland) 1 redirects

ASN29097 (HOSTPOINT-AS, CH)

domain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.domain.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9a00:19:a7f1:4080:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2o03xjkdzg1z6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2251:d600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 (Boardman, United States)

ASN16509 (AMAZON-02, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.79 (Schiphol, Netherlands) 1 redirects

ASN174 (COGENT-174, US)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:3b2e:d970:bb65:e6b3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:4200:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:780::210:a46b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149 aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com	170 KB
25	adsafeprotected.com cdn.adsafeprotected.com — Cisco Umbrella Rank: 3789 pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	215 KB
24	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 246 acdn.adnxs.com — Cisco Umbrella Rank: 609 secure.adnxs.com — Cisco Umbrella Rank: 495 cdn.adnxs.com — Cisco Umbrella Rank: 1682 ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903	164 KB
21	doubleclick.net 4 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 245 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 pubads.g.doubleclick.net — Cisco Umbrella Rank: 401 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 154	216 KB
20	cineman.ch www.cineman.ch	835 KB
11	cinergy.ch media.services.cinergy.ch	207 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	117 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
5	gbucket.ch gbucket.ch — Cisco Umbrella Rank: 410873	16 KB
4	tda.link beagle.prod.tda.link — Cisco Umbrella Rank: 189705 pexus.prod.tda.link — Cisco Umbrella Rank: 189508 zuba2.prod.tda.link — Cisco Umbrella Rank: 363971	7 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	da-services.ch weather.da-services.ch — Cisco Umbrella Rank: 159515 gs-goldbach.da-services.ch — Cisco Umbrella Rank: 154253 templates.da-services.ch — Cisco Umbrella Rank: 877876	7 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 447	413 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	688 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 823	1 KB
2	domain.ch 1 redirects domain.ch www.domain.ch	1 KB
2	gbads.net video.gbads.net	378 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	159 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1549	63 KB
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 2969	1 KB
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	378 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 716	438 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 597	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	713 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1309	684 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533	584 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	cloudfront.net d2o03xjkdzg1z6.cloudfront.net	13 KB
1	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4239	218 KB
1	google.ch www.google.ch — Cisco Umbrella Rank: 30247	409 B
1	tamedia.link beagleider.tamedia.link — Cisco Umbrella Rank: 169868	441 B
1	mookie1.com ch-gmtdmp.mookie1.com — Cisco Umbrella Rank: 437858	214 B
1	cinequiz.ch 1 redirects cinequiz.ch	426 B
0	gstatic.com Failed csi.gstatic.com Failed
166	34

	Domain	Requested by
20	www.cineman.ch	www.cineman.ch
16	pagead2.googlesyndication.com	imasdk.googleapis.com www.cineman.ch tpc.googlesyndication.com securepubads.g.doubleclick.net aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com www.googletagservices.com
15	dt.adsafeprotected.com
11	cm.g.doubleclick.net	4 redirects aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com googleads.g.doubleclick.net
11	media.services.cinergy.ch	www.cineman.ch
10	ib.adnxs.com	1 redirects www.cineman.ch gbucket.ch acdn.adnxs.com
9	tpc.googlesyndication.com	imasdk.googleapis.com tpc.googlesyndication.com securepubads.g.doubleclick.net www.cineman.ch aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
7	ams3-ib.adnxs.com	www.cineman.ch cdn.adnxs.com
6	s0.2mdn.net	imasdk.googleapis.com www.cineman.ch s0.2mdn.net aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	www.cineman.ch securepubads.g.doubleclick.net www.googletagservices.com
5	pixel.adsafeprotected.com	cdn.adsafeprotected.com acdn.adnxs.com
5	gbucket.ch	www.cineman.ch gbucket.ch
4	static.adsafeprotected.com	pixel.adsafeprotected.com www.cineman.ch
4	acdn.adnxs.com	gbucket.ch www.cineman.ch acdn.adnxs.com
3	imasdk.googleapis.com	www.cineman.ch gbucket.ch imasdk.googleapis.com
2	ad.doubleclick.net	www.cineman.ch
2	sync.1rx.io	2 redirects
2	image6.pubmatic.com	2 redirects
2	www.google.com	tpc.googlesyndication.com aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
2	aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.adnxs.com	acdn.adnxs.com
2	zuba2.prod.tda.link	beagle.prod.tda.link
2	video.gbads.net	gbucket.ch
2	www.googletagmanager.com	www.cineman.ch www.googletagmanager.com
1	code.createjs.com	s0.2mdn.net
1	a.rfihub.com	1 redirects
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net	1 redirects
1	dis.criteo.com	aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	www.googletagservices.com	aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
1	googleads.g.doubleclick.net	aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
1	d2o03xjkdzg1z6.cloudfront.net	templates.da-services.ch
1	www.domain.ch
1	domain.ch	1 redirects
1	templates.da-services.ch	www.cineman.ch
1	crcdn01.adnxs-simple.com
1	pubads.g.doubleclick.net	imasdk.googleapis.com
1	www.google.ch	www.cineman.ch
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	pexus.prod.tda.link	www.cineman.ch
1	secure.adnxs.com	1 redirects
1	beagleider.tamedia.link	beagle.prod.tda.link
1	beagle.prod.tda.link	gbucket.ch
1	cdn.adsafeprotected.com	gbucket.ch
1	ch-gmtdmp.mookie1.com	www.cineman.ch
1	gs-goldbach.da-services.ch	gbucket.ch
1	weather.da-services.ch	gbucket.ch
1	cinequiz.ch	1 redirects
0	csi.gstatic.com Failed	imasdk.googleapis.com
166	54

This site contains links to these domains. Also see Links.

Domain
www.teleboy.ch
www.facebook.com
twitter.com
cineman.freshdesk.com
cinergy.ch
www.events.ch
www.cinergy.ch
www.instagram.com

Subject Issuer	Validity	Valid
www.cineman.ch E1	`2023-11-19` - `2024-02-17`	3 months	crt.sh
cinergy.ch Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
gbucket.ch Amazon RSA 2048 M02	`2023-04-19` - `2024-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
weather.da-services.ch R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
gs-goldbach.da-services.ch R3	`2023-11-08` - `2024-02-06`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-03-29`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-22` - `2024-06-19`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
beagle.prod.tda.link Amazon RSA 2048 M02	`2023-02-22` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
beagleider.tamedia.link R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.gbads.net Amazon RSA 2048 M02	`2023-03-15` - `2024-04-12`	a year	crt.sh
zuba2.prod.tda.link R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
templates.da-services.ch Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M01	`2023-05-09` - `2024-06-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://www.cineman.ch/
Frame ID: D4CA2A33FAA683B3CDE014BC2A5B9C68
Requests: 89 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 4A16DDD1443CFCDAC941A629F263BA46
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B3B327269D1D20602CA93E64F09ADE99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html
Frame ID: 8A6F034327E6C86D67D957BC55B284BD
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930694&campId=160x600&pubId=5677529&chanId=14564518&placementId=23135385&pubCreative=476989059&pubOrder=9146275&cb=590260547&adsafe_par&impId=517f52e2-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0
Frame ID: D44CC407AEA3028149AC59A22EA124D6
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 8DCC27D625441DA2B91569ED6FF3AB0E
Requests: 15 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603
Frame ID: 8C621BCD58222A887E11D41F9677D7B4
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603
Frame ID: 973BF5481B4B381058209948096F012A
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 86B42571864BE599D35F07B25CE90DFC
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6B1F9754BC1D6AC1D3EECC844A71494A
Requests: 1 HTTP requests in this frame

Frame: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DF609A298A8E17375EDC35B7DA145DBA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63C796931BEA96BCE5B9E5345EAC778C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D31696BCC7FF302F16B8177C66D74D1E
Requests: 2 HTTP requests in this frame

Frame: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D3C32006ED608BDDC5D5D9711CD5D616
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCgqpfKBBjZjPLnATAB&v=APEucNU8mNDuYImeCoS_-h_KBD4CgelPEhGnajfySm86EPRgzOQFRiZqnZc7hf3tAN5_Ipb4zhUatCJpj-qc_f9Hqv8E4e_uVA
Frame ID: 3DCC27D40AB72B3B34B0B0DA57AEC0A6
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7A946669CA6EBE170095CDF2DF910EFB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 112139F2C96B3BFD0F2B868268EFDA99
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.html?ev=01_250
Frame ID: 37ECDE3FB62746CDFBBCC5B38E14E3A1
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F715C3808BE873DBA6C4E398C15E7A75
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cineman - Kinoprogramm

Page URL History Show full URLs

https://cinequiz.ch/ HTTP 301
https://www.cineman.ch/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

166
Requests

91 %
HTTPS

47 %
IPv6

34
Domains

54
Subdomains

41
IPs

9
Countries

2892 kB
Transfer

7549 kB
Size

31
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.teleboy.ch/programm/charts/1/movie
Title: Filme am TV

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cinemanch
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Cineman
Title: Twitter

Search URL Search Domain Scan URL

URL: https://cineman.freshdesk.com/support/home
Title: FAQ

Search URL Search Domain Scan URL

URL: https://cinergy.ch/werbung.html
Title: Werbung

Search URL Search Domain Scan URL

URL: https://cinergy.ch/unternehmen.html#jobs
Title: Offene Stellen

Search URL Search Domain Scan URL

URL: https://www.teleboy.ch/

Search URL Search Domain Scan URL

URL: http://www.events.ch/

Search URL Search Domain Scan URL

URL: https://www.cinergy.ch/
Title: © Cinergy AG

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cineman.ch/
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cinequiz.ch/ HTTP 301
https://www.cineman.ch/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc= HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA1Pf5Pd1fLQbs4RyrvSTXE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA1Pf5Pd1fLQbs4RyrvSTXE%26google_cver%3D1

Request Chain 59

https://secure.adnxs.com/getuid?https://pexus.prod.tda.link/v2/create/xandr/$UID/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%253A%252F%252Fwww.cineman.ch%252F HTTP 302
https://pexus.prod.tda.link/v2/create/xandr/5451625968084753092/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%3A%2F%2Fwww.cineman.ch%2F

Request Chain 83

https://domain.ch/... HTTP 301
https://www.domain.ch/...

Request Chain 131

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPGk3R6p_mgaovv80sE0E7M&google_cver=1&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09DlJdRv0G-Yd50i HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDYwNDg4OTI1NjQyNTYxNA%3D%3D&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09DlJdRv0G-Yd50i

Request Chain 132

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOOimUDUsGRaWuMyM9mPBE4&google_cver=1&google_push=AXcoOmTs8-6pGG5WN_No0Bvoa5vd5njLXycr80NI1qtO4WDriasWhFU4xZIWr95X11GmN8u1bOtSJkgTSHLYhrd5PXUt95Okeqvu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855745124148&us_privacy=1---

Request Chain 133

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHdaqYEqpz8PyA90r_xgtOM&google_cver=1&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNxTUF2a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNxTUF2a&google_hm=eS0uQ2dJc0ZCRTJwR2VJR1ZtVWszNlpFTTJGTjVPSVRVYn5B

Request Chain 135

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMjSxCVMqudwrq09zGP8_u4&google_cver=1&google_push=AXcoOmQuvxKDD2tuTI59zAycEPLzb5Jh62giNFnruF7dlt3W0wmXY0Tz2ixtcN0T79XYbP9uC9aBbGVonx5MIKqwBt4e7qm-GfpR HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMjSxCVMqudwrq09zGP8_u4&google_cver=1&google_push=AXcoOmQuvxKDD2tuTI59zAycEPLzb5Jh62giNFnruF7dlt3W0wmXY0Tz2ixtcN0T79XYbP9uC9aBbGVonx5MIKqwBt4e7qm-GfpR&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dygh7g4ZSTWfx-66YUNZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuvxKDD2tuTI59zAycEPLzb5Jh62giNFnruF7dlt3W0wmXY0Tz2ixtcN0T79XYbP9uC9aBbGVonx5MIKqwBt4e7qm-GfpR

Request Chain 136

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGC74IKdNKVJUXo599QaV94&google_cver=1&google_push=AXcoOmTKCBKewRhQxZszwBgSGEr63VIzVOxt5InB5gZLHoqTDNI-3-euzOFWXA9X6EWCTJL4tesQeA11ZLEZ_pF6j9vCWF0QtDfs HTTP 302
https://sync.1rx.io/usersync/smaato/b7370788e0?gdpr=0&gdpr_consent= HTTP 302
https://sync.1rx.io/usersync/smaato/b7370788e0?zcc=1&cb=1700735858641 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003

Request Chain 137

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHWMuy5ZblexuGwmFcytezU&google_cver=1&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01KFWb24w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01KFWb24w&google_hm=Mzk3MzUwNjIwNjgzMjkzNTE0Mg==

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&C=1

Request Chain 145

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV8rcvpd9AsnF.tTcGRDwQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&google_hm=2

166 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.cineman.ch/
Redirect Chain

https://cinequiz.ch/
https://www.cineman.ch/

222 KB
24 KB

608ms
423ms

Document
text/html

172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

30746e71d940f1d387837fd50f56e01b27765681b6c2892a0233170e69ce9082

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, must-revalidate, private, s-maxage=60
cf-cache-status: DYNAMIC
cf-ray: 82a8c7186d145b98-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 23 Nov 2023 10:37:35 GMT
expires: Thu, 23 Nov 2023 10:37:35 GMT
server: cloudflare
strict-transport-security: max-age=300; includeSubDomains;
vary: Accept-Encoding
via: 1.1 varnish-v4
x-cache: MISS
x-varnish: 908312130

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82a8c716ca7b8fef-FRA
content-type: text/html
date: Thu, 23 Nov 2023 10:37:35 GMT
location: https://www.cineman.ch
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFZbrDPPodVPT9N1f7gmTgtUlnTu0qRwel5tUITOUICEJ0Fd2KaWI64SMlSZil8E2G2ZD4E3AktWDVW6I9cmJ%2BJ7jzejMoA90k7PCgOfaqmBb0n%2BKUWmGOFXuPAuBqWqah2Td1dqg0oONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 fa-brands-400.woff2
www.cineman.ch/fonts/fontawesome/ 70 KB
71 KB 43ms
40ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/fontawesome/fa-brands-400.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1555
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 72124
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "119bc-60abef13350c0"
vary: Accept-Encoding
x-varnish: 895237306 900051500
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f4f5b98-FRA

GET
H2 200 hind-v6-latin-600.woff2
www.cineman.ch/fonts/hind/ 16 KB
16 KB 40ms
38ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/hind/hind-v6-latin-600.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edb925d69948010bc96587ada59dcdd4dea5e81122c173a36787532c8fdb4c8e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1980
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 16320
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "3fc0-60abef13350c0"
vary: Accept-Encoding
x-varnish: 900124726 899504169
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f505b98-FRA

GET
H2 200 hind-v6-latin-300.woff2
www.cineman.ch/fonts/hind/ 15 KB
15 KB 41ms
39ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/hind/hind-v6-latin-300.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e68d07b17c254c6f5352bae08309aa9d79e6083a881eb0096cf7ec317595109f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 2504
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15608
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "3cf8-60abef13350c0"
vary: Accept-Encoding
x-varnish: 899637970 900051503
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f515b98-FRA

GET
H2 200 fa-regular-400.woff2
www.cineman.ch/fonts/fontawesome/ 142 KB
142 KB 68ms
66ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/fontawesome/fa-regular-400.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1555
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 145052
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "2369c-60abef13350c0"
vary: Accept-Encoding
x-varnish: 898982735
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f535b98-FRA

GET
H2 200 hind-v6-latin-regular.woff2
www.cineman.ch/fonts/hind/ 16 KB
16 KB 67ms
65ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/hind/hind-v6-latin-regular.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4a120351b4229bfe985d52e9e20d5369127c7bce029210a15067378b0661c2d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1980
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 15940
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "3e44-60abef13350c0"
vary: Accept-Encoding
x-varnish: 897462398 900216674
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f555b98-FRA

GET
H2 200 fa-solid-900.woff2
www.cineman.ch/fonts/fontawesome/ 115 KB
115 KB 67ms
66ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1555
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 117616
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "1cb70-60abef13350c0"
vary: Accept-Encoding
x-varnish: 899042282 899504181
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f575b98-FRA

GET
H2 200 hind-v6-latin-500.woff2
www.cineman.ch/fonts/hind/ 16 KB
16 KB 68ms
66ms Font
application/octet-stream 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/fonts/hind/hind-v6-latin-500.woff2

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1076b1b1e1a4a8f2b70f4886c8e0ccc5e859a7814cfae60d22eb7cb65d8aed56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1980
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 16488
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "4068-60abef13350c0"
vary: Accept-Encoding
x-varnish: 899407529 886505142
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f595b98-FRA

GET
H2 200 a0fd435b82248b992618b5b7526ee29a.css
www.cineman.ch/assets_cache/ 351 KB
62 KB 68ms
67ms Stylesheet
text/css 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/assets_cache/a0fd435b82248b992618b5b7526ee29a.css

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37c29a5401ce2746314ada733bf6d560cdec058924113625953e42717bfa6c49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1578
content-encoding: br
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 19:49:28 GMT
server: cloudflare
etag: W/"57c04-60ac30457faa9-gzip"
vary: Accept-Encoding
x-varnish: 906787894
content-type: text/css
cache-control: max-age=691200
cf-ray: 82a8c71b1f585b98-FRA

GET
H2 200 cbe92f520ab8d365ebcf996eb8cfeb5d.png
www.cineman.ch/assets_cache/ 2 KB
2 KB 67ms
66ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/assets_cache/cbe92f520ab8d365ebcf996eb8cfeb5d.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a691d9a762c4b85a2073d7e3407ecdd1fd5f3c2a019784a5e3ef77c2be77230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 7070
cf-polished: origFmt=png, origSize=2274
x-cache: MISS
content-disposition: inline; filename="cbe92f520ab8d365ebcf996eb8cfeb5d.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1852
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 17:09:43 GMT
server: cloudflare
etag: "8e2-60ac0c90c9ad1"
vary: Accept
content-type: image/webp
x-varnish: 906999459
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b1f5a5b98-FRA

GET
H2 200 be052ebfe0c57ae3c9ee829d5508bd09.png
www.cineman.ch/assets_cache/ 850 B
1 KB 45ms
44ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/assets_cache/be052ebfe0c57ae3c9ee829d5508bd09.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bedede02903d0840314b765d15330f1d747f42ae0af4ce4e041a4a55f1e24da

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1181
cf-polished: origFmt=png, origSize=993
x-cache: HIT
content-disposition: inline; filename="be052ebfe0c57ae3c9ee829d5508bd09.webp"
alt-svc: h3=":443"; ma=86400
content-length: 850
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 22:42:16 GMT
server: cloudflare
etag: "3e1-60ac56e5af212"
vary: Accept
content-type: image/webp
x-varnish: 907910566 907936216
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b3f725b98-FRA

GET
H2 200 7c2c34bcbdd7ecb923e9783e75f2e0599b0205a0.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 17 KB
18 KB 119ms
38ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/7c2c34bcbdd7ecb923e9783e75f2e0599b0205a0.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c17703913467f1c332518693b352dbd2065a8ac08f15b640c8f3864b4065f938

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8212
cf-polished: qual=85, origFmt=jpeg, origSize=34476
x-cache: MISS
content-disposition: inline; filename="7c2c34bcbdd7ecb923e9783e75f2e0599b0205a0.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
x-ttl: 24h
server: cloudflare
last-modified: Thu, 23 Nov 2023 08:00:51 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F3zmynj3%2BYG8QWa23JkV%2BadBDZaSiMAVs9DgT2g27US55zG4NNvlrxq2mkdXeQj8YFnxC8YyY5cBn0%2FKPi2ujmhmwZC2QdW6AZXrVEqNIg00CbbWmygqU%2FS89X27Vm1NfawnimCV8A2Lm8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 98144014
cache-control: public, max-age=2678400
cf-ray: 82a8c71b992a9962-FRA

GET
H2 200 1a33a8c7f9e83bdd541e88e9f42a8c197ad2194c.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 38 KB
39 KB 97ms
37ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/1a33a8c7f9e83bdd541e88e9f42a8c197ad2194c.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fbc5dc1322a921c1732d1d9979da19eccfeb523ac3cb6af7b8739a950861fae

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7662
cf-polished: qual=85, origFmt=jpeg, origSize=59142
x-cache: MISS
content-disposition: inline; filename="1a33a8c7f9e83bdd541e88e9f42a8c197ad2194c.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
x-ttl: 24h
server: cloudflare
last-modified: Wed, 22 Nov 2023 12:08:48 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TuEbiu0lQWJheHNWNG0UP%2BtNotWCFmJJCLx7pzH4%2FTKdFUrO5Yk7KcEWgw2tGJn5HtCBrY2QLMyHCsx2PznXmbvAnCQse2bgtKZ2%2BSQpPaBkChrALIZbiimMa1yv2Wqz032SwQdHIAuWLxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 92576736
cache-control: public, max-age=2678400
cf-ray: 82a8c71b99269962-FRA

GET
H2 200 e38fb49bcc9fa4119e4feaf827cbb0cb74425501.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 24 KB
24 KB 122ms
62ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/e38fb49bcc9fa4119e4feaf827cbb0cb74425501.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee535e7b96b3393758e932d85165876bd291bc9feda0a3447acd2b222e3c816d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7662
cf-polished: qual=85, origFmt=jpeg, origSize=43200
x-cache: MISS
content-disposition: inline; filename="e38fb49bcc9fa4119e4feaf827cbb0cb74425501.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
x-ttl: 24h
server: cloudflare
last-modified: Wed, 22 Nov 2023 17:45:36 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5jjhTHcgkTmcJcDiB%2BAjdrriMjnluJ5H6VgVd%2F41OZs7snHyzpWbqjN2wxQyXrkrkDs8BCvlyS9eSz1fX4hymcwciIr%2BZ6ly53nSBylgXrOq5dXsurV6suWWVs6s9ZDiYBo1Nt1Y%2BJ%2BmbE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 97158970
cache-control: public, max-age=2678400
cf-ray: 82a8c71b99239962-FRA

GET
H2 200 2f2ab10d4da2a2f319fb13d1f22adb8eb0e8d37b.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 15 KB
16 KB 98ms
39ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/2f2ab10d4da2a2f319fb13d1f22adb8eb0e8d37b.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87af203f84908b12408b67c4d19ce8731c881260ac8666e5b64a641e2a90289a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7662
cf-polished: qual=85, origFmt=jpeg, origSize=31267
x-cache: MISS
content-disposition: inline; filename="2f2ab10d4da2a2f319fb13d1f22adb8eb0e8d37b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15834
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Nov 2023 16:35:41 GMT
x-ttl: 24h
server: cloudflare
etag: "655e2ddd-7a23"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khef6d%2F%2Fe7Ffao3k%2FeJKkDdl%2BhcrFF58VnPMjVZLEWr0YrYTt%2FsXZadgicXFl2rP4OAPu%2BUr%2FLP3qgExerZX7HtiGXVUBmRWQlA9AMDUyylIKLkZP3vgDfsrptMVj%2B2JQ7RFwDj1qgD3yL8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 93653716
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71b99299962-FRA

GET
H2 200 17b62cd4c4de51a9dcdfd473b2491ded15411d2e.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 31 KB
31 KB 120ms
62ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/17b62cd4c4de51a9dcdfd473b2491ded15411d2e.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c122da7cb618c8c723e55ad12f7fd95aeaeabaa8397cfe6ab2012c24fdd7937c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7662
cf-polished: qual=85, origFmt=jpeg, origSize=56716
x-cache: MISS
content-disposition: inline; filename="17b62cd4c4de51a9dcdfd473b2491ded15411d2e.webp"
alt-svc: h3=":443"; ma=86400
content-length: 31790
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 Nov 2023 09:52:51 GMT
x-ttl: 24h
server: cloudflare
etag: "655c7df3-dd8c"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NLDr%2FnWH7sR%2Fybogp6qBs2uXaNQjQ%2B6ukGZSeS%2BpE5BtPm8wgmeBRYUBDctm0v0dyrh2FaiVIN5000O1XPrCXnItf35GTOc%2BEVujIXGj6TL9fSOtWMAICvP8ka31DY7vGduaxWnQszwlkRM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 89857566
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71b992b9962-FRA

GET
H2 200 f13518b6bbd25247e7e2fa80d06ed7f5fe397039.jpg
media.services.cinergy.ch/media/card-teaser-3_4-368x491/ 21 KB
21 KB 118ms
61ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-3_4-368x491/f13518b6bbd25247e7e2fa80d06ed7f5fe397039.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9024c6d076707260b885e5bbcf8386a97d19dfff2f5ae982ce1951e30210b98a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7662
cf-polished: qual=85, origFmt=jpeg, origSize=46174
x-cache: MISS
content-disposition: inline; filename="f13518b6bbd25247e7e2fa80d06ed7f5fe397039.webp"
alt-svc: h3=":443"; ma=86400
content-length: 21030
cf-bgj: imgq:85,h2pri
last-modified: Tue, 21 Nov 2023 10:01:48 GMT
x-ttl: 24h
server: cloudflare
etag: "655c800c-b45e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qwKIP9DgMT%2FCtlAPvWUricLbOm%2FkZhAV2vwLH%2Fhm0%2FBHaOBlhbjCwANkfPfqHZqs6VFC7SnRmKI8%2BX6oE6Hu7QoqwCB%2FnIyzkLzhQAijn3iwgZ5oTvoc1AL8wEzJC1FcjHBiN9NaKrna63s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 88229183
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71b992c9962-FRA

GET
H2 200 02a7aebbc2f953ee7533f97d11757d5d3ad05431.jpg
media.services.cinergy.ch/media/cropratio70/ 230 B
648 B 51ms
39ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/cropratio70/02a7aebbc2f953ee7533f97d11757d5d3ad05431.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95733049c58658bbf06ff34c1070931d3b1e756b91fea587a758c56c09a44b9b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19701
cf-polished: qual=85, origFmt=jpeg, origSize=738
x-cache: MISS
content-disposition: inline; filename="02a7aebbc2f953ee7533f97d11757d5d3ad05431.webp"
alt-svc: h3=":443"; ma=86400
content-length: 230
cf-bgj: imgq:85,h2pri
last-modified: Fri, 07 Jul 2023 11:29:21 GMT
x-ttl: 24h
server: cloudflare
etag: "64a7f711-2e2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2F%2BfPqCrzInZ7CeRWTxhjv6j9VqNXDwR6pfiNwyaYRuVY9ABpS77pUIeQrLcMAWGDp0cc42YfIbFkbDR%2BIT1cILgoCjS77IfpomHCZC52UTgZWbiwl1SnAA5%2FnYN7g8reQXVez%2F7gC9WkPc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 97357738
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71bb95d9962-FRA

GET
H2 200 4b0651fb6ec3ffd769d1612c63c0e214fd9778f3.jpg
media.services.cinergy.ch/media/cropratio70/ 2 KB
3 KB 51ms
39ms Image
image/jpeg 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/cropratio70/4b0651fb6ec3ffd769d1612c63c0e214fd9778f3.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47201280ac3d11ddb0029f1f3fc27d90bb4a554576d4e5fb91ca0e2556b434a6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5516
cf-polished: degrade=85, origSize=2536, status=webp_bigger
x-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 2203
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Aug 2023 05:07:04 GMT
x-ttl: 24h
server: cloudflare
etag: "64ddaaf8-9e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQTie2IB2vYqLNsyghXOAOrI%2BYDo%2BwUAW8Eby0W16FsRjD4fd0xB74sUqHIAylDTyEzjxsy6HCUz7byZd8UQ4XVAmg%2Fbek4%2FVP49zWyAbcefPX%2F5BVhItEyPqQ%2FrwtrUHjvi7%2FPNxleVS1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
x-varnish: 98207091
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71bb9609962-FRA

GET
H2 200 d811c9df1cba0c8e808cb22be12ed1062faab319.jpg
media.services.cinergy.ch/media/cropratio70/ 1 KB
2 KB 51ms
39ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/cropratio70/d811c9df1cba0c8e808cb22be12ed1062faab319.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82f3d140e813e8ee37611eba98f8779fe1cb88fe2d62d00f1af499e3db7eac4e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19246
cf-polished: qual=85, origFmt=jpeg, origSize=2014
x-cache: MISS
content-disposition: inline; filename="d811c9df1cba0c8e808cb22be12ed1062faab319.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1496
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Aug 2023 03:48:37 GMT
x-ttl: 24h
server: cloudflare
etag: "64ed6a95-7de"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkOQwt8qvRLHZ3zHEyz5mKEgp0YDsUDoygDRhaZyGFKUv5%2FJ6aneXGjbZ38JOaMYfTUySOfoQ%2FZfRFWmP5WIZnyPUTLyRKAY1YcLA2eQvANWDPEeK6bbGc4fZfP2uiZ1hXbAbOvI9URzgZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 98107872
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 82a8c71bb9619962-FRA

GET
H2 200 1ab9ae430dd74aade06d5a0209a9a041.png
www.cineman.ch/assets_cache/ 2 KB
3 KB 45ms
45ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/assets_cache/1ab9ae430dd74aade06d5a0209a9a041.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052d48a882c74a46e0469862e9fcd84ec0923d61859dd853e6abe5ff1758e065

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 4889
cf-polished: origFmt=png, origSize=3013
x-cache: MISS
content-disposition: inline; filename="1ab9ae430dd74aade06d5a0209a9a041.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2548
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 15:22:24 GMT
server: cloudflare
etag: "bc5-60abf493fb068"
vary: Accept
content-type: image/webp
x-varnish: 905390711
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b3f735b98-FRA

GET
H2 200 e2a3ca1402a09461391d2c23e7166e06.png
www.cineman.ch/assets_cache/ 3 KB
3 KB 67ms
67ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/assets_cache/e2a3ca1402a09461391d2c23e7166e06.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87ca70e7f87fe90d65684880683390c2ebc12c143c909f924c6f31944909988a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 4889
cf-polished: origFmt=png, origSize=3752
x-cache: MISS
content-disposition: inline; filename="e2a3ca1402a09461391d2c23e7166e06.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3308
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 15:22:24 GMT
server: cloudflare
etag: "ea8-60abf493d855f"
vary: Accept
content-type: image/webp
x-varnish: 906542714
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b3f745b98-FRA

GET
H2 200 9114e47ea2679f2deb1d8ee09f8bc0c8.png
www.cineman.ch/assets_cache/ 3 KB
3 KB 44ms
43ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/assets_cache/9114e47ea2679f2deb1d8ee09f8bc0c8.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a89b918e0f1384be97b66ef30d4a5705f7146159d84aba6a972d696af2105e35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 4888
cf-polished: origFmt=png, origSize=3396
x-cache: MISS
content-disposition: inline; filename="9114e47ea2679f2deb1d8ee09f8bc0c8.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2796
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 15:22:24 GMT
server: cloudflare
etag: "d44-60abf493f1312"
vary: Accept
content-type: image/webp
x-varnish: 903013144
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 82a8c71b3f755b98-FRA

GET
H2 200 bae4a41ecb0ea95ff4780830bf070143.css
www.cineman.ch/assets_cache/ 114 KB
26 KB 47ms
44ms Stylesheet
text/css 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/assets_cache/bae4a41ecb0ea95ff4780830bf070143.css

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7562306879b8d65be698fc417e7eba78bdc561030b8e905d825dabb819c5a04b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1578
content-encoding: br
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 15:22:24 GMT
server: cloudflare
etag: W/"1c760-60abf4942164b-gzip"
vary: Accept-Encoding
x-varnish: 907295319
content-type: text/css
cache-control: max-age=691200
cf-ray: 82a8c71b3f705b98-FRA

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 365 KB
126 KB 133ms
78ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128095
x-xss-protection: 0
expires: Thu, 23 Nov 2023 10:37:35 GMT

GET
H2 200 80cf13134cf3f8ed340b3749f36afbe8.js Show response
www.cineman.ch/assets_cache/ 991 KB
285 KB 70ms
67ms Script
application/javascript 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/assets_cache/80cf13134cf3f8ed340b3749f36afbe8.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7ced871d2b25893b5254dbbb786ffd9d0b715aebf6c41747c8e2f00dfd20cdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:35 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1578
content-encoding: br
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Nov 2023 15:22:24 GMT
server: cloudflare
etag: W/"f7bd5-60abf493d826b-gzip"
vary: Accept-Encoding
x-varnish: 907716559 906692135
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 82a8c71b3f715b98-FRA

GET
H2 200 test.js Show response
gbucket.ch/PAL/ 4 KB
2 KB 93ms
28ms Script
application/javascript 18.66.122.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/PAL/test.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 757180826d393f4954ac2504b7e2fde617692e237cd6091ad3b72bc41f1f2d68

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Q4ic6y5uFwJWpRe2ean1AU0FEC7NSvgt
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 10:37:35 GMT
last-modified: Fri, 27 Aug 2021 14:31:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 5
etag: W/"97a7dd24b37bff855c971e792f71eebb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: EwHueIApyxgMyYDU_ehtcrmp1_R58hx62-xu4x6Hr3ZZKt04X_Ykeg==

GET
DATA 200
OK truncated
/ 668 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8d4cace2aa0f69aaaa64988472fa1c8e44e53e9b487a79dfb6b577d3f7b9952

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 993478d7b0fee44fe51f463a63427e757d60b77a152b2e2184c1d4f21f16802c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 magnifier.png
www.cineman.ch/images/icons/ 416 B
790 B 44ms
44ms Image
image/webp 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cineman.ch/images/icons/magnifier.png

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/assets_cache/a0fd435b82248b992618b5b7526ee29a.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70a867ab4cc38b3889fa144580850bd84a17b034f081db9cbd01e0227f74090b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 51
cf-polished: origFmt=png, origSize=725
x-cache: MISS
content-disposition: inline; filename="magnifier.webp"
alt-svc: h3=":443"; ma=86400
content-length: 416
cf-bgj: imgq:100,h2pri
last-modified: Wed, 22 Nov 2023 14:57:47 GMT
server: cloudflare
etag: "2d5-60abef13350c0"
vary: Accept
content-type: image/webp
x-varnish: 899633358
accept-ranges: bytes
cf-ray: 82a8c71c0a585d57-FRA

GET
H2 200 5663d27f9d059486faca81865afd7d8a13c56926.jpg
media.services.cinergy.ch/media/card-teaser-4_3-562x422/ 27 KB
28 KB 38ms
37ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-4_3-562x422/5663d27f9d059486faca81865afd7d8a13c56926.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08ea0cc99f1c814363229eefd627e54dc8df1385f3bef48fb85d640f37f9c832

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8212
cf-polished: qual=85, origFmt=jpeg, origSize=48880
x-cache: MISS
content-disposition: inline; filename="5663d27f9d059486faca81865afd7d8a13c56926.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
x-ttl: 24h
server: cloudflare
last-modified: Thu, 23 Nov 2023 08:08:07 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo%2B0pQbyM%2FbZFM2zlgp2oCcvJ8hWu4hrjaF%2BFZtUfbPS9t6qNCOAScFLrQJAOnlePJBChekqUBcTacmNhHAUoK2d4IZ9D6YfZ2CHwX7OQKecEROfmUlZR2cbgVKjXcf%2F018NbdTCZENTck4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 94801934
cache-control: public, max-age=2678400
cf-ray: 82a8c71cfafa9962-FRA

GET
H2 200 1cee842f8d2303efc9aa331fa834fea9e6188863.jpg
media.services.cinergy.ch/media/card-teaser-4_3-562x422/ 24 KB
25 KB 36ms
36ms Image
image/webp 104.26.15.6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.services.cinergy.ch/media/card-teaser-4_3-562x422/1cee842f8d2303efc9aa331fa834fea9e6188863.jpg
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.15.6 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b68c4cbcb74f2a22324ada36deb43c7b6c5103eb23921edc70829b36195b2026

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8212
cf-polished: qual=85, origFmt=jpeg, origSize=46261
x-cache: MISS
content-disposition: inline; filename="1cee842f8d2303efc9aa331fa834fea9e6188863.webp"
alt-svc: h3=":443"; ma=86400
cf-bgj: imgq:85,h2pri
x-ttl: 24h
server: cloudflare
last-modified: Thu, 23 Nov 2023 06:09:42 GMT
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4oe%2BqP52BWyQED9mBHoJ1vh6Wul7onlNM%2BUf6BKLoS3FzvloRzRXgYLylwHmqXxNsjWGoK4K7GnMr5Dtnl%2BqB9kHO3KYeRDSvwAIzn0iFkjrANLsHgu8YkADDZiNnR%2BMVu0s2Cbsbe3214%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 98205850
cache-control: public, max-age=2678400
cf-ray: 82a8c71cfafb9962-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
74 KB 83ms
30ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TFFQTF

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

feeb104fff9eceef6a9a21a30fe647dc585f9f62d01e925ca8a4975f218407ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74997
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Nov 2023 10:37:36 GMT

GET
H2 200 pal.js Show response
imasdk.googleapis.com/pal/sdkloader/ 140 KB
46 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/pal/sdkloader/pal.js

Requested by

Host: gbucket.ch
URL: https://gbucket.ch/PAL/test.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

678f12cbea984230dc14c0ea0335a149919c34428144e2e80ff951bc49b6e5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47028
x-xss-protection: 0
expires: Thu, 23 Nov 2023 10:37:36 GMT

GET
H2 200 ch_config_desktop.js Show response
gbucket.ch/CH/ 10 KB
4 KB 25ms
25ms Script
application/javascript 18.66.122.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/ch_config_desktop.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/assets_cache/80cf13134cf3f8ed340b3749f36afbe8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0789d0a22ff0df16f2a378cc93c82711cb77aefeb87c0f38dcdb93f0b183ce8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: d4IdTo51nxzunqqG2uz9fgaALitit4Lq
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 10:37:11 GMT
last-modified: Tue, 18 Apr 2023 12:18:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 25
etag: W/"cc7e714a00ad4f78d74a3c13e8d73e02"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 7fpJu3CJqmUrsXGXMYYvUd5pQV9HwHojFNFD4AFASTtEQ1Eoo-yhBQ==

GET
H3 206 d8ea2d35e8ae96a140a6d3877830feb6.mp4
www.cineman.ch/assets_cache/ 15 KB
15 KB 40ms
40ms Media
video/mp4 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/assets_cache/d8ea2d35e8ae96a140a6d3877830feb6.mp4

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24960278392fc0529939f582635cf356da5fe5d32bbb5ba58749dd07ed68dce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1252
x-cache: HIT
Content-Range: bytes 0-15017/15018
alt-svc: h3=":443"; ma=86400
Content-Length: 15018
last-modified: Wed, 22 Nov 2023 20:27:25 GMT
server: cloudflare
etag: "3aaa-60ac38c158cd1"
vary: Accept-Encoding
x-varnish: 908166347 895499203
content-type: video/mp4
cache-control: max-age=691200
cf-ray: 82a8c71d1bc15d57-FRA

GET
BLOB 206
Partial Content c91cebf5-713c-4060-9592-6dc3a916add3
https://www.cineman.ch/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cineman.ch/c91cebf5-713c-4060-9592-6dc3a916add3
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.google.ch/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 5c7ebcd7-decd-4b01-bde8-9fe44f4e8094
https://www.cineman.ch/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cineman.ch/5c7ebcd7-decd-4b01-bde8-9fe44f4e8094
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer: https://www.google.ch/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 searchPrefetch.json Show response
www.cineman.ch/de/page/ 34 KB
5 KB 242ms
242ms XHR
application/json 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/de/page/searchPrefetch.json

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/assets_cache/80cf13134cf3f8ed340b3749f36afbe8.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12b11be6b1c64a7accdc40e811cf6aafa1b7a558140f726445fe37e00eb784f7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.google.ch/
X-Requested-With: XMLHttpRequest
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: DYNAMIC
age: 0
content-encoding: br
x-cache: MISS
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Nov 2023 10:37:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-varnish: 906191103
cache-control: max-age=0, must-revalidate, private, s-maxage=0
cf-ray: 82a8c71d2be85d57-FRA
expires: Thu, 23 Nov 2023 10:37:36 GMT

GET
H2 200 totmGBucket.js Show response
gbucket.ch/scripts/totm/v1/ 11 KB
3 KB 25ms
24ms Script
application/javascript 18.66.122.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/scripts/totm/v1/totmGBucket.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4b64da2687f53b4930a2c619426acab23efbc6c29bb99748f87982eb66a50b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: iUKNWyg9cwpAvEJG8WArqlpn4q5fZiiW
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 10:37:24 GMT
last-modified: Fri, 12 Aug 2022 14:30:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 16
etag: W/"3ac5b9bf86994a0fbe71e68721cac540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Hp-7ha2UTEU-zczqvkFsvCwnCzY6840WEPIBO1LLIojP-q_IgTAAUA==

GET
H2 200 / Show response
weather.da-services.ch/ 79 B
305 B 129ms
31ms XHR
application/json 52.59.96.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://weather.da-services.ch/

Requested by

Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.59.96.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-96-4.eu-central-1.compute.amazonaws.com

Software

/ Express

Resource Hash

be09f80bb6b892b1c6650023f42912946f8cc17f55d137fcb27af165d73b7a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json

GET
H2 200 grapeshot Show response
gs-goldbach.da-services.ch/ 1 KB
1 KB 130ms
54ms XHR
application/json 18.194.125.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gs-goldbach.da-services.ch/grapeshot?url=https://www.cineman.ch/

Requested by

Host: gbucket.ch
URL: https://gbucket.ch/CH/ch_config_desktop.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.194.125.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-125-69.eu-central-1.compute.amazonaws.com

Software

/ Express

Resource Hash

6f68e63df3ac11163b1cbdeccd457b38385b47c5b6b1a0f5375c440a4d0c4fa0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
etag: W/"48d-7GTMbWe7tBvAuiINn/F+aZOjVC0"
x-powered-by: Express
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
content-length: 1165

GET
H2 200 learn
ch-gmtdmp.mookie1.com/t/v2/ 42 B
214 B 80ms
29ms Image
image/gif 34.160.111.29
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-gmtdmp.mookie1.com/t/v2/learn?tagid=V2_42006&src.rand=1700735856202&src.id=Goldbach
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.111.29 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 29.111.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
via: 1.1 google
last-modified: Thu, 19 Oct 2023 06:07:48 GMT
server: nginx
etag: "6530c7b4-2a"
content-type: image/gif
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_sc=&google_dbm=&google_tc=
https://ib.adnxs.com/setuid?entity=101&code=CAESEA1Pf5Pd1fLQbs4RyrvSTXE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA1Pf5Pd1fLQbs4RyrvSTXE%26google_cver%3D1

43 B
891 B

34ms
34ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA1Pf5Pd1fLQbs4RyrvSTXE%26google_cver%3D1

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
an-x-request-uuid: 76a1610d-6373-41b6-8da5-3a8048eb984e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
an-x-request-uuid: 810d3bd5-91b7-416d-b550-ff980624d823
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEA1Pf5Pd1fLQbs4RyrvSTXE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js Show response
gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/ 16 KB
5 KB 27ms
26ms Script
application/javascript 18.66.122.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/assets_cache/80cf13134cf3f8ed340b3749f36afbe8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 801dde4ed03d8ec2761d0eb4e14fd0e3931e3d42058a5b5d8318730db39f8e95

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 1PCGR5y13atA4Y9hmDwBkDWN176lI8IR
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 10:37:36 GMT
last-modified: Mon, 12 Dec 2022 08:36:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 11
etag: W/"81543e21e5467e79268baa6c020270b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: 2_fLsFfK2Yxe2DI71LI0Jcw5jR2slGu4am0kO37ITSbJgrQjZw_kjw==

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d09fbabddccdb6691c0795487b1160d50090f9ae251f9d457d1cc8ffcba0102

Request headers

Referer: https://www.google.ch/
Origin: https://www.cineman.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H3 206 d8ea2d35e8ae96a140a6d3877830feb6.mp4
www.cineman.ch/assets_cache/ 15 KB
15 KB 60ms
59ms Media
video/mp4 172.67.41.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cineman.ch/assets_cache/d8ea2d35e8ae96a140a6d3877830feb6.mp4

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.41.119 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24960278392fc0529939f582635cf356da5fe5d32bbb5ba58749dd07ed68dce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Request headers

Referer: https://www.google.ch/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-security-policy: upgrade-insecure-requests
via: 1.1 varnish-v4
strict-transport-security: max-age=300; includeSubDomains;
cf-cache-status: HIT
age: 1252
x-cache: HIT
Content-Range: bytes 0-15017/15018
alt-svc: h3=":443"; ma=86400
Content-Length: 15018
last-modified: Wed, 22 Nov 2023 20:27:25 GMT
server: cloudflare
etag: "3aaa-60ac38c158cd1"
vary: Accept-Encoding
x-varnish: 908166347 895499203
content-type: video/mp4
cache-control: max-age=691200
cf-ray: 82a8c71d9c835d57-FRA

GET
H3 200 bridge3.605.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4A16 752 KB
241 KB 23ms
22ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
age: 432590
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 246766
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 10:27:46 GMT
expires: Sun, 17 Nov 2024 10:27:46 GMT
last-modified: Wed, 15 Nov 2023 19:11:18 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 105ms
53ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Nov 2023 10:37:36 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B3B3 40 KB
14 KB 89ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:58:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 134ms
73ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?tid=pal&tv=1.0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/pal/sdkloader/pal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631229f4e901317dcf8142a947a12c1f375e255f5fe7c83d72d1fe0faf07f80d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8432
x-xss-protection: 0

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 121ms
26ms Script
application/javascript 13.32.27.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 04:17:59 GMT
Content-Encoding: gzip
Via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C2
Age: 454778
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Cache-Control: max-age=604800
Connection: keep-alive
X-Amz-Cf-Id: BQd6Mvvnpikx7x7v6midHI_KlLfxyLjWlkYKBD18v6XqWA9cCZQoqg==

GET
H2 200 inview.js Show response
gbucket.ch/scripts/ 5 KB
2 KB 31ms
31ms Script
application/javascript 18.66.122.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gbucket.ch/scripts/inview.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-123.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf4e5c5455750d04507c715644630248440d4cd3e2f0a513217d681a29e3e3fb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: KC0NYN.VfueYzNpgCzOew_S.zgK_aytT
content-encoding: gzip
via: 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
date: Thu, 23 Nov 2023 10:37:27 GMT
last-modified: Tue, 15 Sep 2020 13:01:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 10
etag: W/"1ebe229c18142c5a9bc45951f4d190c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MPDzHvOUyMKn229UgDoz1YgixaBfBeTCn4r1w2_b6rRvGO9oPtNhJw==

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
572 B 123ms
38ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj?

Requested by

Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
an-x-request-uuid: dfe32bbd-87c7-49f4-abc7-578f47babce2
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 beagle.min.js Show response
beagle.prod.tda.link/scripts/goldbach/ 16 KB
7 KB 93ms
26ms Script
application/javascript 18.66.122.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beagle.prod.tda.link/scripts/goldbach/beagle.min.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-128.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c5883c9170e136f0b9e1c772542db75733b326aa5791fe58f06613ad1ad91328

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 09:10:49 GMT
content-encoding: gzip
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
last-modified: Mon, 14 Nov 2022 14:06:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 5208
etag: W/"d7d769bccf81e3e340f2418c852b045a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=90000
x-amz-cf-id: ghy9DhzDNTx-dTygDANxIOx19HBmeafFFMfau2klHj9Fagy-fiIb3w==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 102 KB
35 KB 118ms
24ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/CH/GBv2_0/Cinergy_AG/cineman_ch/Desktop/DE_cineman_ch_ROS_inc_Homepage_Desktop_AAF.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 61ca1acf758fd7382294cd05b42369f705b8bbb9ac87053e83258806a18933d1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Thu, 09 Nov 2023 16:37:02 GMT
Date: Thu, 23 Nov 2023 10:37:36 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 64807
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 35100
X-Served-By: cache-lga21942-LGA, cache-fra-eddf8230041-FRA
Last-Modified: Wed, 08 Nov 2023 16:36:58 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1700735856.407657,VS0,VE0
ETag: W/"654bb92a-198e2"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 86326, 29259

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BPGRT7H4R9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFFQTF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

977cf3a9acb8235c08e10f7804a52232156a02e33a5259ff3dde72a390376a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 10:37:36 GMT

GET
H2 200 xdEizrWJ.js Show response
tpc.googlesyndication.com/sodar/ 41 KB
15 KB 81ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/pal/sdkloader/pal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 01:15:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 465755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15273
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 01:15:01 GMT

GET
H2 200 profile-cookie Show response
beagleider.tamedia.link/v1/ 2 B
441 B 121ms
26ms Fetch
text/plain 18.185.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://beagleider.tamedia.link/v1/profile-cookie?target=goldbach&id=34ff4dce0faf59ebfa450336bc3ca5c1&referer=https://www.cineman.ch/

Requested by

Host: beagle.prod.tda.link
URL: https://beagle.prod.tda.link/scripts/goldbach/beagle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-252-128.eu-central-1.compute.amazonaws.com

Software

Resource Hash

843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.cineman.ch
access-control-expose-headers: Access-Control-Allow-Origin, Access-Control-Allow-Credentials
access-control-allow-credentials: true
content-length: 2

GET
H2

200

https%3A%2F%2Fwww.cineman.ch%2F
pexus.prod.tda.link/v2/create/xandr/5451625968084753092/tx/34ff4dce0faf59ebfa450336bc3ca5c1/
Redirect Chain

https://secure.adnxs.com/getuid?https://pexus.prod.tda.link/v2/create/xandr/$UID/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%253A%252F%252Fwww.cineman.ch%252F
https://pexus.prod.tda.link/v2/create/xandr/5451625968084753092/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%3A%2F%2Fwww.cineman.ch%2F

2 B
240 B

90ms
29ms

Image
text/plain

18.185.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pexus.prod.tda.link/v2/create/xandr/5451625968084753092/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%3A%2F%2Fwww.cineman.ch%2F

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Server

18.185.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-252-128.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type, X-Requested-With, Origin
content-length: 2
content-type: text/plain; charset=UTF-8

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
an-x-request-uuid: b687b438-3eb7-4321-8e3d-2a8be035fb1d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://pexus.prod.tda.link/v2/create/xandr/5451625968084753092/tx/34ff4dce0faf59ebfa450336bc3ca5c1/https%3A%2F%2Fwww.cineman.ch%2F
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 95ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BPGRT7H4R9&gtm=45je3b81v892917095z872090805&_p=1700735856151&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=137698593.1700735857&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700735856&sct=1&seg=0&dl=https%3A%2F%2Fwww.cineman.ch%2F&dt=Cineman%20-%20Kinoprogramm&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1522
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPGRT7H4R9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cineman.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 100ms
33ms Ping
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BPGRT7H4R9&cid=137698593.1700735857&gtm=45je3b81v892917095z872090805&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BPGRT7H4R9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cineman.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
409 B 96ms
45ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BPGRT7H4R9&cid=137698593.1700735857&gtm=45je3b81v892917095z872090805&aip=1&dma=0&gcd=11l1l1l1l1&z=1420471485

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 520 B
753 B 207ms
60ms XHR
application/json 108.129.52.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=930694&slot=%7Bid:div-ad-gds-1625-1,ss:%5B300.250%5D,p:-,t:display%7D&slot=%7Bid:div-ad-gds-1625-2,ss:%5B500.1000,300.600,160.600%5D,p:-,t:display%7D&slot=%7Bid:div-ad-gds-1625-3,ss:%5B994.560,994.500,994.250,728.90%5D,p:-,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=97e01876-818a-c9a4-0a49-f53d56cd790d&url=https%253A%252F%252Fwww.cineman.ch%252F
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 0564a9d9b61d4038b6ae8b8c9aab440b6f81b1e4186bd905bb064dd309971929

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
server: nginx
x-server-name: app11.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cineman.ch
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4A16 156 B
677 B 481ms
387ms XHR
text/xml 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=1024x576&iu=%2F346010489%2FCineman%2FWelcome_Ad_de&ciu_szs&nofb=1&tfcd=0&npa=0&vad_type=linear&hl=en&vpos=preroll&gdfp_req=1&env=vp&output=xml_vast4&unviewed_position_start=1&vpmute=1&vpa=auto&url=https%3A%2F%2Fwww.cineman.ch&description_url=https%3A%2F%2Fwww.cineman.ch&correlator=4160605174689059&cust_params&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&psd=%5Bobject%20Object%5D&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.8.1&sdki=445&ptt=20&adk=1724422459&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fwww.cineman.ch%2Fassets_cache%2Fd8ea2d35e8ae96a140a6d3877830feb6.mp4&sid=CAB0B18F-EA48-4157-8A39-BBF305ED1ABA&nel=0&eid=44731964%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948&top=https%3A%2F%2Fwww.cineman.ch%2F&loc=https%3A%2F%2Fwww.cineman.ch%2F&dt=1700735856604&cookie_enabled=1&scor=3573640746466608&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 LVEN46HQ.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A6F 23 KB
8 KB 23ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/LVEN46HQ.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/xdEizrWJ.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d510de3a1d076b47340cc5f84fa93285645cb07919480ff0fc6c2cb3cc10ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
age: 559237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8534
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Nov 2023 23:16:59 GMT
expires: Fri, 15 Nov 2024 23:16:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
235 B 58ms
57ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?length=944&loaderinit=1244.400001525879&nonreq=1244.6999969482422&nonload=1568.900001525879&palv=1.21.3&lid=1&id=pal_html5&c=1303139298661294&domain=www.cineman.ch

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 storepal Show response
video.gbads.net/ 2 B
378 B 29ms
28ms XHR
text/plain 3.69.66.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.gbads.net/storepal?pal=AQzzBGQEYtteKDmwI6MbbvF_oGrNoDkP8-YM9iw-cTfV0lFFLyMxxaAKjFMCWbxaCEAetD5-Pi4KWMSbvMa4PeBP1YC3us91Rq25pgxgoNmRe2xIDYpNWwS5X-QAzN9hYRmYjv5qs6vj5APXmMOK0hv4yQdsC2Vat5vMlDgB8yK8_tZoKhkGhc8C0GC5ddV2vhBja8majSEbRUlO0wc7xPCUtlE_o0yhzmH0PKfaIfRGLpVmcGrxcsfGsDjYz39xxFG3IthsgiBcYr_evOute9E4ttZYpPoFPRSp8QgoY8XdhUSRJjb08jCrXmGwnSnSwGzPmqqsHbbdaHTyC2LjAEJZ2L9X7jmkMWmeb5dmGoOOoAIfF2kjkvehgkBaXW6c_jSxshCWDvxLXlfF7jwXblo-05GmlTYit-pUimM1CNSPJQeHOjub-LeeoWUR5JwSXZ8WP9akfxlSvbeBDPqq29AB1fivTXEQnfaCBMJL9HmTPjuQGhl5s12Tuqj1SHlgA_WB7dpeF6FYGihBR92t_6CcLOuur4vWE_ozPcRLxJLuCLqOx6GWQih9zADS8ONJrih-2u1XOdtw9iOdD4ZxmDY7GQUdHmt0gYXUptUAQzQ8duOzJmbrbMBt82uBCndcI_ltf__EYADVKsDkLzZTY9vksVEfkbaL8Om7xQke49swAB1EVGTcGxeglP_yjkpMyeD0bq0xtaQ-11cbp-xngXiihQvO7-3lo37QNFD6Pb5jxAQEUyo-yPmvxgdpXY-WCUtkIRVR6ZTPb0Du7eFDJ7SU25X2KgFafFmqqXUYzU_h8ySSt-f-v4EBnNByptw7mJyi-0LGsXynS0h2A2D1w-AL8j-d3PUxV4nuvOhZVIqPtdkCiaOAqu0F7VvGEAf3K6u2eKcmLoX4rpPSe_Vl3NzhOAhlX76DR5v_OqLP1ZYUPA..
Requested by: Host: gbucket.ch
URL: https://gbucket.ch/PAL/test.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.66.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-66-66.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 10:37:36 GMT
server: nginx/1.22.1
vary: Origin, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-max-age: 3600
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.cineman.ch
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
content-length: 2

OPTIONS
H2 200 storepal
video.gbads.net/ Frame 0
0 100ms
29ms Preflight 3.69.66.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.gbads.net/storepal?pal=AQzzBGQEYtteKDmwI6MbbvF_oGrNoDkP8-YM9iw-cTfV0lFFLyMxxaAKjFMCWbxaCEAetD5-Pi4KWMSbvMa4PeBP1YC3us91Rq25pgxgoNmRe2xIDYpNWwS5X-QAzN9hYRmYjv5qs6vj5APXmMOK0hv4yQdsC2Vat5vMlDgB8yK8_tZoKhkGhc8C0GC5ddV2vhBja8majSEbRUlO0wc7xPCUtlE_o0yhzmH0PKfaIfRGLpVmcGrxcsfGsDjYz39xxFG3IthsgiBcYr_evOute9E4ttZYpPoFPRSp8QgoY8XdhUSRJjb08jCrXmGwnSnSwGzPmqqsHbbdaHTyC2LjAEJZ2L9X7jmkMWmeb5dmGoOOoAIfF2kjkvehgkBaXW6c_jSxshCWDvxLXlfF7jwXblo-05GmlTYit-pUimM1CNSPJQeHOjub-LeeoWUR5JwSXZ8WP9akfxlSvbeBDPqq29AB1fivTXEQnfaCBMJL9HmTPjuQGhl5s12Tuqj1SHlgA_WB7dpeF6FYGihBR92t_6CcLOuur4vWE_ozPcRLxJLuCLqOx6GWQih9zADS8ONJrih-2u1XOdtw9iOdD4ZxmDY7GQUdHmt0gYXUptUAQzQ8duOzJmbrbMBt82uBCndcI_ltf__EYADVKsDkLzZTY9vksVEfkbaL8Om7xQke49swAB1EVGTcGxeglP_yjkpMyeD0bq0xtaQ-11cbp-xngXiihQvO7-3lo37QNFD6Pb5jxAQEUyo-yPmvxgdpXY-WCUtkIRVR6ZTPb0Du7eFDJ7SU25X2KgFafFmqqXUYzU_h8ySSt-f-v4EBnNByptw7mJyi-0LGsXynS0h2A2D1w-AL8j-d3PUxV4nuvOhZVIqPtdkCiaOAqu0F7VvGEAf3K6u2eKcmLoX4rpPSe_Vl3NzhOAhlX76DR5v_OqLP1ZYUPA..
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.66.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-66-66.eu-central-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.cineman.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-allow-origin: https://www.cineman.ch
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 23 Nov 2023 10:37:36 GMT
server: nginx/1.22.1
vary: Origin Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 externalpage.json
zuba2.prod.tda.link/v1/dakt2/ 3 B
203 B 85ms
30ms Ping
application/json 18.185.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba2.prod.tda.link/v1/dakt2/externalpage.json

Requested by

Host: beagle.prod.tda.link
URL: https://beagle.prod.tda.link/scripts/goldbach/beagle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-252-128.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.cineman.ch
date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 3
vary: Origin
content-type: application/json; utf-8

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A6F 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/LVEN46HQ.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

POST
H2 200 externalevent.json
zuba2.prod.tda.link/v1/dakt2/ 3 B
202 B 24ms
23ms Ping
application/json 18.185.252.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://zuba2.prod.tda.link/v1/dakt2/externalevent.json

Requested by

Host: beagle.prod.tda.link
URL: https://beagle.prod.tda.link/scripts/goldbach/beagle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.185.252.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-185-252-128.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.cineman.ch
date: Thu, 23 Nov 2023 10:37:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 3
vary: Origin
content-type: application/json; utf-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A6F 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=33&t=2&li=v_h.h.3.2.2&sid=cCtfZcGmF6mixdwP5oGc0AE&bg=!eXqlejXNAAZxrfrxUa07ADQBe5WfOMPZZIU6kij1YSFgkg_ADnZlqNUYyO1eZg2IynB_76jCiazm7W1-5r4LUDVrpVZlAgAAAEBSAAAAA2gBBwoA39AianqpX1BksPeiWWWOyUMZOLdua4O6krXRFhQLOKpFfi6TTGyYCXTrCzsjpbKsZ6zzokDGTIg4a5lAb4_YHAxul0haB86EKu5nczhj_YFpBo_PIEGuj7rDIWCBm3M7t14z-75fJUDGAeafJPafv_V6p3_uk5eFcwtNvogdOrbAwxTZSVF1VKMd_CJM3bn3ZlxIT8c2JJYI9GZejlIYN35rIOhRBXtIFdr5oFSvHFfX8dBMgIM0oAXbOHup5pkfhOAOhnW8QkSPpJNBTuWZezu36IKgRb9yxa0vwRBOKG2ZAhYZiKMnR3AdMIwQw6GzWkckdH4EpHW3B3gE64mnJ_fK_-vDjQ1CUTiEawt-7U44oqKOCj50stRXTma-s3b618nI5We0hSJYxBQXbLDk8pgdWswIuiqY5KBJe6wJwwRprWf_0G1Fj0IVOpYRX_5U3yjLWU6kG0ZxwJDfS5t2zu-AucEzc89QhPVOkn99cZ7aKxxCWVvJ17WH5kbb97ChqYH5gMDt2rx2Dwm7pqqQK0EAYzcMIfwkKlmIgxdUjaiFA75h-mUirM9lSw_3OqasaaArqDIbuF2BSspy-1-fN0CYIGBJJK5RgJieJpwOMXAUBKmLbfVEg3SOf21DreHS6F0UeIAF6zbfxcb3EIjT5X6rk45qYJ9CE8G3HDNq8zFtPYZHWcf23bJ8x9CvB3ZAKT_YSEvavZNV5XNGTLkMb_obgX0kf5X5DGpsUz9-gRm8vi-c9VrB-nK2cnaINOxcTXBCo_KwCJNT2jIClwMNLLsC5HpacZvmJpHaFUHi7DUIImjqsMBj_emTngt1km_nuYYbrPEGaEY6HGH2B9iQEj49deXO4KO4Cp3f3FaJ6TDjxBmlZH9E7ivxpR-tjvJPPKoWM0gOH-01qVWYM7TdxpIjDlkgsqP9LlvoUA5MCIyMeQ9ffv2X1zVCtWZsaayc2ff7O4wxdNSz9jMA-QFyeFxt9H9OJsdsrvSMfm0UXmnFAXCXD25AjKw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v3 Show response
ib.adnxs.com/ut/ 46 KB
12 KB 300ms
300ms XHR
application/json 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9ca00f8ca3c2bae0ff8d24511b63287d7abae4fdeca7af8156c251a21d315f78

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.google.ch/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: gzip
an-x-request-uuid: 43a92ea3-d379-434a-a420-900a81f5e305
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST csi
csi.gstatic.com/ Frame 4A16 0
0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame D44C 49 KB
13 KB 188ms
94ms Script
application/javascript 108.129.52.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=930694&campId=160x600&pubId=5677529&chanId=14564518&placementId=23135385&pubCreative=476989059&pubOrder=9146275&cb=590260547&adsafe_par&impId=517f52e2-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: dcca52366c4395a41327c3e2e921a96a4428c298dbf116ec37f20b4138f29f7f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame D44C 80 KB
27 KB 176ms
46ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 10:37:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 22 Nov 2024 10:37:37 GMT

GET
H/1.1 200
OK 872b737b-3549-4528-b957-44a5edca4ca4.jpg
crcdn01.adnxs-simple.com/creative20/p/3741/2023/11/10/51953104/ 217 KB
218 KB 111ms
36ms Image
image/jpeg 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative20/p/3741/2023/11/10/51953104/872b737b-3549-4528-b957-44a5edca4ca4.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.21.3 /
Resource Hash: 5008bc9e1b1af8f0aa70b2560c3938bd67c01392eb9e56a156059a113af331e7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Sat, 06 Jan 2024 23:00:33 GMT
x-ms-blob-type: BlockBlob
Date: Thu, 23 Nov 2023 10:37:37 GMT
Via: 1.1 varnish, 1.1 varnish
Content-MD5: ZcXrYreJsdujglNNTuq+Ig==
Age: 41823
X-Cache: MISS, HIT
Connection: keep-alive
Content-Length: 222072
X-Served-By: cache-lga13623-LGA, cache-fra-eddf8230021-FRA
x-ms-lease-status: unlocked
Last-Modified: Fri, 10 Nov 2023 08:18:06 GMT
Server: nginx/1.21.3
X-Timer: S1700735857.277135,VS0,VE3
ETag: 0x8DBE1C59112EC6B
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: e1a323c4-a01e-003d-5697-1d63e1000000
Cache-Control: max-age=3888000
x-ms-version: 2009-09-19
Accept-Ranges: bytes
X-Cache-Hits: 0, 1

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8DCC 100 KB
31 KB 173ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6ae703a4d6865cd58d21e53d6396ef65a16ad2f3ca7132257d6757bb63c130f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31357
x-xss-protection: 0
server: cafe
etag: 198 / 19684 / 31079657 / config-hash: 16204867678510254442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 10:37:37 GMT

GET
H2 200 index.js Show response
templates.da-services.ch/01_universal/mcm/0.0/js/ Frame 8DCC 12 KB
6 KB 107ms
28ms Script
application/javascript 18.66.112.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://templates.da-services.ch/01_universal/mcm/0.0/js/index.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-20.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62d026908eacc8a8270206e175cb7e00541d78d65f7761004e6ae385420eb26e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 10:38:43 GMT
content-encoding: gzip
via: 1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
last-modified: Mon, 13 Jun 2022 15:33:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 86335
etag: "3808632e25356069848e8ec115e8d08e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 5529
x-amz-cf-id: NXbmcdbYVxwf98h8iM7ucgflabcGmA9uWN7U7Sm2UT0GJdwyuoQsHA==

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 8DCC 49 KB
13 KB 110ms
50ms Script
application/javascript 108.129.52.148
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=930694&campId=728x90&pubId=2977028&chanId=14564518&placementId=17039811&pubCreative=340680220&pubOrder=6824902&cb=590260547&adsafe_par&impId=517f52e3-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 0273f406ea42907dcc773c77c2fda6bd01a175d382b56728a73e1282a2ce453d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/240/ Frame 8DCC 80 KB
27 KB 153ms
45ms Script
application/x-javascript 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/240/trk.js
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 10:37:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Nov 2023 14:06:46 GMT
Server: AkamaiNetStorage
ETag: "ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27680
Expires: Fri, 22 Nov 2024 10:37:37 GMT

GET
H2

404

...
www.domain.ch/
Redirect Chain

https://domain.ch/...
https://www.domain.ch/...

0
0

101ms
36ms

Image
text/html

2a00:d70:0:a::150
HOSTPOINT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.domain.ch/...
Protocol: H2
Server: 2a00:d70:0:a::150 , Switzerland, ASN29097 (HOSTPOINT-AS, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy: default-src 'none'; form-action 'self' admin.hostpoint.ch www.facebook.com; frame-src 'self' *.fls.doubleclick.net *.hotjar.com maps.google.com td.doubleclick.net tpc.googlesyndication.com www.facebook.com www.google.com www.googletagmanager.com; connect-src 'self' admin.hostpoint.ch adservice.google.com bat.bing.com *.google-analytics.com *.hotjar.com wss://*.hotjar.com *.hotjar.io stats.g.doubleclick.net t.co www.facebook.com www.google.com www.google-analytics.com; font-src 'self' fonts.gstatic.com; img-src 'self' data: *; media-src 'self'; object-src 'self'; script-src 'unsafe-inline' 'unsafe-eval' 'self' analytics.twitter.com bat.bing.com connect.facebook.net googleads.g.doubleclick.net *.hotjar.com maps.googleapis.com px.ads.linkedin.com snap.licdn.com sjs.bizographics.com ssl.google-analytics.com static.ads-twitter.com tpc.googlesyndication.com twitter.com www.gstatic.com www.google.com www.googleadservices.com www.googletagmanager.com www.google-analytics.com www.linkedin.com; style-src 'unsafe-inline' 'self' fonts.googleapis.com; block-all-mixed-content; report-uri https://hostpoint.uriports.com/reports/report; report-to default;
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
nel: {"report_to":"default","max_age":2592000,"include_subdomains":true,"failure_fraction":1.0}
server: Apache
date: Thu, 23 Nov 2023 10:37:37 GMT
x-frame-options: sameorigin
report-to: {"group":"default","max_age":2592000,"endpoints":[{"url":"https://hostpoint.uriports.com/reports"}],"include_subdomains":true}
content-type: text/html; charset=iso-8859-1
location: https://www.domain.ch/...
content-length: 233
x-xss-protection: 1; mode=block

GET
H2 200 it
ams3-ib.adnxs.com/ 0
647 B 44ms
34ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QL0CvBDdAUAAAMA1gAFAQjw1vyqBhCYt7j_4eTT7VEYxLXy3_GdhNRLKjYJKxN-qZ_JgEARKxN-qZ_JgEAZAAAAIIVrNEAhKxMJGwApESTwgTEAAACgcP0wQDCm-fgGOJ0dQJ0dSAJQg4254wFYlfpZYABog-9ReML0BYABAYoBA1VTRJIBA0NIRpgBoAGgAdgEqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigI-dWYoJ2EnLCA1Njc3NTI5LCAwKTt1ZignaScsIDkxNDYyNzUVFDByJywgNDc2OTg5MDU5BRb0DgGSAo0EITdXSDh0UWo3NU44YkVJT051ZU1CR0FBZ2xmcFpNQUE0QUVBRVNKMGRVS2I1LUFaWUFHQmNhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUUxV2c3MEFMQjlRTUVCeDVlUHE1X0pnRURKQVFBQUFBQUFBUEFfMlFFbGVobkZja3ZzUC1BQm81LXVCUFVCQUlEdFE1Z0NBS0FDQWJVQ0FBQUFBTDBDTXpNelA4QUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVUZOVXpNNk5qQTVPT0FEaFVXQUJMaVZyQXlJQkx1VnJBeVFCQUNZQkFIQkJBAZEJAQR5URGhJEFBQU5nRUFQRUUBCwkBMENJQmRJdnFRVWxlaG4JuAg3RUYJHAEBCERCQg0_GHNIMUF5UVUBFRhBQUFEd1A5MigAAFoRKMhBUEFfNEFYbzZjNFo4QVdaaVlRTC1BWFp3OW9DZ2dZRFEwaEdpQVlNa0FZQm1BWUFvUVkBUQRBQSFcJEtnR0JMSUdKQWsJFAEBAEIdrwRCawESCQEAQx0YGExnR0pvRUkNGTh3ZlVBLpoCmQEhdnhTdzE-EQIoSlg2V1NBRUtBQXgdMRQ2Q1VGTlUxYRRFQ0ZSVWs5FQAxHW0ARh2FAEcdGABHHRgASB0YEEhnQWlRERD0FwFEd1B3Li6yAiAzNGZmNGRjZTBmYWY1OWViZmE0NTAzMzZiYzNjYTVjMdgC9ZsB4AL7oi_qAhdodHRwczovL3d3dy5jaW5lbWFuLmNoL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_r1VOADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTQ1LjEyLjIyMi4xNzSoBACyBBAIABABGPQDIOgHKAAwADgCuAQAwAQAyAQA0gQOMzc0MSNBTVMzOjYwOTjaBAIIAeAEAfAEg4254wGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGCSIo8D_QBtsO2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwvQF0gcNCREoASYM2gcGCAUJ8G_gBwDqBwIIAPAHwP8MighDCj8AAAGL-8GtgFHbTyYf7huYaeLmHNigcR5Rgz3ml9mbf4f_RqvFZhZu-YqmavDgfoYOdRXcHAphVIW__EHESGAQAZUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=207ad684cb00859f30ca09a304b4e7911548bc53

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: a8494f98-7c34-44b3-ac3b-83f6a130d2dc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 it
ams3-ib.adnxs.com/ 0
647 B 48ms
38ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QLvCqBvBQAAAwDWAAUBCPDW_KoGEIuws4v6_7rSCBjEtfLf8Z2E1EsqNgkAAAkCABEJBwgAABkJCQhEQCEJCQgAACkRCfCBMQAAACCF6zpAMKb5-AY4nR1AnR1IAlCcvLmiAViV-llgAGiD71F4wvQFgAEBigEDVVNEkgEDQ0hGmAHYBaABWqgBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCPnVmKCdhJywgMjk3NzAyOCwgMCk7dWYoJ2knLCA2ODI0OTAyLBEUNHInLCAzNDA2ODAyMjAsARbwZZICiQQhZmxGVlpBamszOTRZRUp5OHVhSUJHQUFnbGZwWk1BUTRBRUFFU0owZFVLYjUtQVpZQUdCY2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRRUFBQUFBQQEECE1FQgEHCQGQREpBYmZaQktKZXZBTkEyUUVsZWhuRmNrdnNQLUFCeHNlZ0FfVQkwKEpnQ0FLQUNBTFVDBTwETDAJCPBSTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6TTZOakE1T09BRGhVV0FCTnlzNGdlSUJQNnM0Z2VRQkFDWUJBSEIJcQkBCHlRUQkJAQEUTmdFQVBFHc0gQ0lCZEl2cVFVGbgIN0VGASsJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oAKg0QVVBOEFYRGc1QUktQVdFMnJVQmdnWURRMGhHaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGBhMZ0dESUVJCRkFASgumgKZASFDaEpGVj4NAihKWDZXU0FFS0FBeAUrCQEANjJdARRFQ0ZSVWs5EQAxHW0ARh2FAEcdGABHHRgASB0YEEhnQWlRHRDwyUEuLrICIDM0ZmY0ZGNlMGZhZjU5ZWJmYTQ1MDMzNmJjM2NhNWMx2AL1mwHgAvuiL-oCF2h0dHBzOi8vd3d3LmNpbmVtYW4uY2gvgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-vVU4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNNDUuMTIuMjIyLjE3NKgEALIEEAgAEAEY4gcgsAQoADAAOAK4BADABADIBADSBA4zNzQxI0FNUzM6NjA5ONoEAggB4AQB8ARl9iCIBQGYBQCgBf8RARQBwAUAyQWJMRTwP9IFCQkJDHAAANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AbbDtoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8L0BdIHDRViASYI2gcGAV3wcRgA4AcA6gcCCADwB8D_DIoIQwo_AAABi_vBrYAIpOv_oWzYCzxKSn5rLvBse9v2GjwCNWd6FjPcoTKJVkIdpv2j1WHKTymaFG1Z3wf7RlUqCRulEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=bbf47eda1dac861a040450db01b223546fc87f27

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: 46da61b8-4823-4bdd-ba4d-03a0b47523ae
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 data.json Show response
d2o03xjkdzg1z6.cloudfront.net/fromGoogleSpreadsheet/ Frame 8DCC 205 KB
13 KB 133ms
33ms XHR
application/json 2600:9000:2250:9a00:19:a7f1:4080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2o03xjkdzg1z6.cloudfront.net/fromGoogleSpreadsheet/data.json
Requested by: Host: templates.da-services.ch
URL: https://templates.da-services.ch/01_universal/mcm/0.0/js/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9a00:19:a7f1:4080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2fb8752c857ecaf09244956a1d84b84f04578a2627c2f2aeb6ba329c68e65cb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:15:59 GMT
content-encoding: gzip
via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
last-modified: Fri, 13 Oct 2023 04:58:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 55299
x-amz-server-side-encryption: AES256
etag: W/"5b078e7dbf575ff98a8c53a4dc8ba87d"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: liZAX0Pj5Ui5mCZ3z1Pt0ARql2BAEfQutg8vRlGxA49T5pon9aIKXA==

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame 8DCC 213 KB
66 KB 136ms
33ms Script
application/javascript 2600:9000:2251:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930694&campId=728x90&pubId=2977028&chanId=14564518&placementId=17039811&pubCreative=340680220&pubOrder=6824902&cb=590260547&adsafe_par&impId=517f52e3-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 90744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 1H0vD7PofojS-qd0pwomqJ9zy3tEaYbo_ni4jm477_8HxHtkoVIGYw==

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8C62 52 KB
17 KB 25ms
25ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7189
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 23 Nov 2023 10:37:37 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2454, 72949
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230041-FRA
X-Timer: S1700735857.381354,VS0,VE0

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame 8DCC 0
647 B 63ms
62ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QLsFKBsCgAAAwDWAAUBCPDW_KoGENPtw_T5rJSbGxjEtfLf8Z2E1EsqNgkAAAkCABEJBywAABkAAABgZqYxQCEREgApEQnwgTEAAACAwvUvQDCm-fgGOJ0dQJ0dSAJQx7S5ogFYlfpZYABog-9ReML0BYABAYoBA1VTRJIBA0NIRpgBrAKgAfoBqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigI-dWYoJ2EnLCAyOTc3MDI4LCAwKTt1ZignaScsIDY4MjQ5MDIVFDByJywgMzQwNjc5MjM5BRbwZZICiQQheFZFWnZ3amszOTRZRU1lMHVhSUJHQUFnbGZwWk1BUTRBRUFFU0owZFVLYjUtQVpZQUdCY2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRRUFBQUFBQQEECE1FQgEHCQGQREpBUzIxbDRSaEl2Z18yUUVsZWhuRmNrdnNQLUFCeHNlZ0FfVQkwKEpnQ0FLQUNBTFVDBTwETDAJCPBSTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6TTZOakE1T09BRGhVV0FCTnlzNGdlSUJQNnM0Z2VRQkFDWUJBSEIJcQkBCHlRUQkJAQEUTmdFQVBFHc0gQ0lCZEl2cVFVGbgIN0VGASsJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oAKg0QVVBOEFYRGc1QUktQVdFMnJVQmdnWURRMGhHaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGBhMZ0dESUVJCRkFASwumgKZASFMUklfWWc6DQIoSlg2V1NBRUtBQXgFKwkBADYyXQEURUNGUlVrOREAMR1tAEYdhQBHHRgARx0YAEgdGBBIZ0FpUR0Q8HlBLi6yAiAzNGZmNGRjZTBmYWY1OWViZmE0NTAzMzZiYzNjYTVjMdgC9ZsB4AL7oi_qAhdodHRwczovL3d3dy5jaW5lbWFuLmNoL_ICEQoGQURWX0lEEgcyOTc3MDI48gISCgZDUEdfSUQSCDE3MDM5ODEx8gIRCgVDUAUUXDUxODg0MDA08gINCghBRFZfRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWAMBzY4MmGoAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HA0KCFNQTElUAU3wgQEwgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-vVU4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNNDUuMTIuMjIyLjE3NKgEALIEEAgAEAEYrAIg-gEoADAAOAK4BADABADIBADSBA4zNzQxI0FNUzM6NjA5ONoEAggB4AQB8ASlBSCIBQGYBQCgBf8RARQBwAUAyQWpQBTwP9IFCQkJDMAAANgFAeAFAeoFFQoHa3Zyb3V0ZRIKaG9tZS5pbmRleOoFDgoDZHJnEgd2ZXJ5TG93BREMYWR0EhkRoBoKDHdlYXRoZXJfdGVtcBIKd2ludGVybGljaOoFCgoGa3ZjaXR5EgDqAUwEaGEuOwBgDAoIa3ZrYW50b24SAOoFCQoDZ3JtEgI0MAVnCGRsbR1nZKUFCgZnc19jYXQSmgVndl9zYWZlLGN0eF9lAW4odGFpbm1lbnQsZ2IJGg0iFF9hZHVsdBkOCHJtcxUNEGNyaW1lFQ4AZAHEGF9pbmp1cnkZFRhvd25sb2FkGREIcnVnGUIkaGF0ZXNwZWVjaBUhFG1pbGl0YR1DHG9ic2Nlbml0GVUgdGVycm9yaXNtFTUodG9iYWNjbyxwb3MNsQEKFGJyYW5kLQHoBHR5BREJsQEbMq0ABREFmAEKKG1pZGRsZS1lYXN0BRAccG9saXRpY3MFDRl7AStcdWtyYWluZV9ydXNzaWFuX2ludmFzaW9uBR0Id2FyCQgob29kLWZpcmUsZ3M5bAENFGdlbnJlcwEKNYMQX21vdmkJFBRzY2llbmMFNhRzZWFzZXYhnQBzERckX2dlb2dyYXBoeQFADGhvYmIFCR1JDHVzaWMBHEBldmVudF9ibGFja2ZyaWRheQEVEVI-GAAAdCGLNG5lZ19iZWllcnNkb3JmKUctRkEwASQQbm9sb2cFSgEOGF9jb21wdXQFrAWLKF9hcnRzY3JhZnRzBTMRzAE_HGxpZmVzdHlsBS4ccG9wY3VsdHUpHgxhdXRvRboIb2ZmXboIEwoHbSFcEghiZXdvZWxrdOoFCwoCdncSBTQwLDUwBQ6IZnISBWZhbHNl6gUXCgpzY3JlZW5zaXplEgkxNjAweDEyMDAFXQhhbGMdXRQOCgN2aW8dEfBAKgoCaWQSJDUxN2Y1MmUxLTg5ZWMtMTFlZS05MDg1LTA2M2VjYTBiNDk4N_AFAfoFBAgAEACQBgCYBgC4BgDBBgCFGijwP9AG2w7aBhYKEAUQHQFwEAAYAOAGAfIGAggAgAcBiAcAoAcByAfC9AXSBw2VWAEmCNoHBgFd8GkYAOAHAOoHAggA8AfA_wyKCEMKPwAAAYv7wa2AGzZRZ56Q9tN6n1M9qlm2LFHkWysk-WTsHXZjW6fsxcsr1vfg_VvMcTfrLVFApn3ebKfk3ACC7hABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=e43242eb80ec5267f9984502c1668299ca279b3b&bdref=https%3A%2F%2Fwww.cineman.ch%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.cineman.ch%2F,https%3A%2F%2Fwww.cineman.ch%2F&

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: d989bab4-6d21-428f-b362-5c611b1a96a0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame D44C 213 KB
66 KB 169ms
72ms Script
application/javascript 2600:9000:2251:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=930694&campId=160x600&pubId=5677529&chanId=14564518&placementId=23135385&pubCreative=476989059&pubOrder=9146275&cb=590260547&adsafe_par&impId=517f52e2-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:14 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 90744
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: F0Q7Ar3g3oMvv16uiT1J-ts3p3YPbI1BMyA_dWU9n2Tq9m-5mu3xig==

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 973B 52 KB
17 KB 55ms
26ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7189
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 23 Nov 2023 10:37:37 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2454, 72950
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230041-FRA
X-Timer: S1700735857.414299,VS0,VE0

GET
H2 200 rd_log Show response
ams3-ib.adnxs.com/ Frame D44C 0
646 B 40ms
39ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: a9a0e5b4-2ae1-4199-adb3-a1aefe2e3850
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8C62 0
595 B 107ms
107ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3741&pub_id=1169603&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: a4f7e68c-2efb-4dc1-917b-fa06c2ac2f6e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ Frame 8DCC 429 KB
135 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 17:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61228
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137535
x-xss-protection: 0
server: cafe
etag: 18342593356503948095
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 21 Nov 2024 17:37:09 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 8DCC 131 B
108 B 268ms
221ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.cineman.ch

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2b406ff5db8934e3cde01e40ca2c64aa22d8344311efaa99582c70b54520a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0
expires: Thu, 23 Nov 2023 10:37:37 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame D44C 0
662 B 36ms
36ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QL0CvBDdAUAAAMA1gAFAQjw1vyqBhCYt7j_4eTT7VEYxLXy3_GdhNRLKjYJKxN-qZ_JgEARKxN-qZ_JgEAZAAAAIIVrNEAhKxMJGwApESTwgTEAAACgcP0wQDCm-fgGOJ0dQJ0dSAJQg4254wFYlfpZYABog-9ReML0BYABAYoBA1VTRJIBA0NIRpgBoAGgAdgEqAEBsAEAuAEBwAEEyAEC0AEA2AEA4AEA8AEAigI-dWYoJ2EnLCA1Njc3NTI5LCAwKTt1ZignaScsIDkxNDYyNzUVFDByJywgNDc2OTg5MDU5BRb0DgGSAo0EITdXSDh0UWo3NU44YkVJT051ZU1CR0FBZ2xmcFpNQUE0QUVBRVNKMGRVS2I1LUFaWUFHQmNhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUUxV2c3MEFMQjlRTUVCeDVlUHE1X0pnRURKQVFBQUFBQUFBUEFfMlFFbGVobkZja3ZzUC1BQm81LXVCUFVCQUlEdFE1Z0NBS0FDQWJVQ0FBQUFBTDBDTXpNelA4QUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVUZOVXpNNk5qQTVPT0FEaFVXQUJMaVZyQXlJQkx1VnJBeVFCQUNZQkFIQkJBAZEJAQR5URGhJEFBQU5nRUFQRUUBCwkBMENJQmRJdnFRVWxlaG4JuAg3RUYJHAEBCERCQg0_GHNIMUF5UVUBFRhBQUFEd1A5MigAAFoRKMhBUEFfNEFYbzZjNFo4QVdaaVlRTC1BWFp3OW9DZ2dZRFEwaEdpQVlNa0FZQm1BWUFvUVkBUQRBQSFcJEtnR0JMSUdKQWsJFAEBAEIdrwRCawESCQEAQx0YGExnR0pvRUkNGTh3ZlVBLpoCmQEhdnhTdzE-EQIoSlg2V1NBRUtBQXgdMRQ2Q1VGTlUxYRRFQ0ZSVWs5FQAxHW0ARh2FAEcdGABHHRgASB0YEEhnQWlRERD0FwFEd1B3Li6yAiAzNGZmNGRjZTBmYWY1OWViZmE0NTAzMzZiYzNjYTVjMdgC9ZsB4AL7oi_qAhdodHRwczovL3d3dy5jaW5lbWFuLmNoL4ADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_r1VOADAOgDAPgDAYAEAJIEBi91dC92M5gEAKIEDTQ1LjEyLjIyMi4xNzSoBACyBBAIABABGPQDIOgHKAAwADgCuAQAwAQAyAQA0gQOMzc0MSNBTVMzOjYwOTjaBAIIAeAEAfAEg4254wGIBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUB-gUECAAQAJAGAJgGALgGAMEGCSIo8D_QBtsO2gYWChAJERkBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwvQF0gcNCREoASYM2gcGCAUJ8G_gBwDqBwIIAPAHwP8MighDCj8AAAGL-8GtgFHbTyYf7huYaeLmHNigcR5Rgz3ml9mbf4f_RqvFZhZu-YqmavDgfoYOdRXcHAphVIW__EHESGAQAZUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=207ad684cb00859f30ca09a304b4e7911548bc53&type=nv&nvt=5&jm=1003&px=0&py=0&bw=478&bh=284&sid=3894272811851017536&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14564518&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5892&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: 423a4a77-9a5a-4279-81e6-06ce9e140e59
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 973B 0
595 B 34ms
33ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3741&pub_id=1169603&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: c2ed3d53-0cd1-47ff-8e52-1c00096c9a0b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8DCC 0
663 B 68ms
67ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QLvCqBvBQAAAwDWAAUBCPDW_KoGEIuws4v6_7rSCBjEtfLf8Z2E1EsqNgkAAAkCABEJBwgAABkJCQhEQCEJCQgAACkRCfCBMQAAACCF6zpAMKb5-AY4nR1AnR1IAlCcvLmiAViV-llgAGiD71F4wvQFgAEBigEDVVNEkgEDQ0hGmAHYBaABWqgBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCPnVmKCdhJywgMjk3NzAyOCwgMCk7dWYoJ2knLCA2ODI0OTAyLBEUNHInLCAzNDA2ODAyMjAsARbwZZICiQQhZmxGVlpBamszOTRZRUp5OHVhSUJHQUFnbGZwWk1BUTRBRUFFU0owZFVLYjUtQVpZQUdCY2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRRUFBQUFBQQEECE1FQgEHCQGQREpBYmZaQktKZXZBTkEyUUVsZWhuRmNrdnNQLUFCeHNlZ0FfVQkwKEpnQ0FLQUNBTFVDBTwETDAJCPBSTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6TTZOakE1T09BRGhVV0FCTnlzNGdlSUJQNnM0Z2VRQkFDWUJBSEIJcQkBCHlRUQkJAQEUTmdFQVBFHc0gQ0lCZEl2cVFVGbgIN0VGASsJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oAKg0QVVBOEFYRGc1QUktQVdFMnJVQmdnWURRMGhHaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGBhMZ0dESUVJCRkFASgumgKZASFDaEpGVj4NAihKWDZXU0FFS0FBeAUrCQEANjJdARRFQ0ZSVWs5EQAxHW0ARh2FAEcdGABHHRgASB0YEEhnQWlRHRDwyUEuLrICIDM0ZmY0ZGNlMGZhZjU5ZWJmYTQ1MDMzNmJjM2NhNWMx2AL1mwHgAvuiL-oCF2h0dHBzOi8vd3d3LmNpbmVtYW4uY2gvgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-vVU4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNNDUuMTIuMjIyLjE3NKgEALIEEAgAEAEY4gcgsAQoADAAOAK4BADABADIBADSBA4zNzQxI0FNUzM6NjA5ONoEAggB4AQB8ARl9iCIBQGYBQCgBf8RARQBwAUAyQWJMRTwP9IFCQkJDHAAANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AbbDtoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8L0BdIHDRViASYI2gcGAV3wcRgA4AcA6gcCCADwB8D_DIoIQwo_AAABi_vBrYAIpOv_oWzYCzxKSn5rLvBse9v2GjwCNWd6FjPcoTKJVkIdpv2j1WHKTymaFG1Z3wf7RlUqCRulEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=bbf47eda1dac861a040450db01b223546fc87f27&type=nv&nvt=5&jm=1003&px=404&py=496&bw=728&bh=90&sid=3894272811851017536&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14564518&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=5892&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
an-x-request-uuid: 0f93dcb7-c636-45dc-a868-f483f98efc77
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 86B4 91 KB
23 KB 30ms
30ms Script
application/javascript 2600:9000:2251:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5480907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PnmlaZsqALbZBAN6Rh-6FRF4flQ7Ujv4-hkiRRBbAxd6m8kBpnchNg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 64ms
64ms Image
image/gif 108.129.52.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=930694&campId=728x90&pubId=2977028&chanId=14564518&placementId=17039811&pubCreative=340680220&pubOrder=6824902&cb=590260547&adsafe_par&impId=517f52e3-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0&adsafe_url=https%3A%2F%2Fwww.cineman.ch%2F&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.google.ch%2F&adsafe_type=f&adsafe_jsinfo=,id:4035fc73-c328-3e3a-202f-546039e7f0d6,c:uN0YoK,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-66f6d74bff-vql4d,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.sky1.carre1.pfzr1.mazdade1.qktrf1,mtim:217,mot:0,app:0,maw:0,fm:tWqCkNU+11%7C121%7C13*.930694%7C131,idMap:13*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.us.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:233,oid:51d00b56-89ec-11ee-aba8-aed47cdddef5,v:19.8.461,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
server: nginx
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 6B1F 91 KB
23 KB 31ms
31ms Script
application/javascript 2600:9000:2251:d600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: www.cineman.ch
URL: https://www.cineman.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 21 Sep 2023 00:09:11 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 5480907
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: PviLL17EGl4e9VZ6pd8RC_mCfZ5sK7zf4Vrez_SJvroLh_vZDsrK5A==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
217 B 62ms
62ms Image
image/gif 108.129.52.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=930694&campId=160x600&pubId=5677529&chanId=14564518&placementId=23135385&pubCreative=476989059&pubOrder=9146275&cb=590260547&adsafe_par&impId=517f52e2-89ec-11ee-9085-063eca0b4987&custom=1169603&custom2=4042918&custom3=0&adsafe_url=https%3A%2F%2Fwww.cineman.ch%2F&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwww.google.ch%2F&adsafe_type=f&adsafe_jsinfo=,id:922653fb-20b7-c8c3-19c4-9f3127912f65,c:uN0Ypa,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-66f6d74bff-5qvvf,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.0.0,am:i,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1.sky1.carre1.pfzr1.mazdade1.qktrf1,mtim:246,mot:0,app:0,maw:0,fm:tWqCkO0+11%7C12*.930694%7C121%7C131%7C132,idMap:12*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us.bi,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:252,oid:51d00ba0-89ec-11ee-94a1-2e7c6e112b76,v:19.8.461,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.129.52.148 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-129-52-148.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:37 GMT
server: nginx
x-server-name: app15.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 628ms
199ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0Ypp,pingTime:0,time:273,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:273,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B52~100%5D,as:%5B52~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWqCkNU+11%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 620ms
200ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0Ypx,pingTime:-2,time:281,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:184,beZ:185,mfA:401,cmA:402,inA:402,inZ:407,prA:407,prZ:411,si:416,poA:417,poZ:434,cmZ:434,mfZ:434,loA:457,loZ:460,ltA:464,ltZ:464,mdA:185,mdZ:356%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:281,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B60~100%5D,as:%5B60~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,slid:%5Butif_div-ad-gds-1625-3_de5a5890-bb0d-4bad-a8c9-4d1a468dbb0d,div_utif_div-ad-gds-1625-3,div-ad-gds-1625-3,gb-lb-slot%5D,sinceFw:47,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
217 B 616ms
198ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=922653fb-20b7-c8c3-19c4-9f3127912f65&tv=%7Bc:uN0YpA,pingTime:-2,time:278,type:a,im:%7BpBlk:260,sf:0,pom:1,prf:%7BbeA:214,beZ:215,mfA:460,cmA:460,inA:460,inZ:463,prA:463,prZ:464,si:466,poA:466,bl:474,poZ:474,cmZ:474,mfZ:474,loA:485,loZ:487,ltA:491,ltZ:491,mdA:216,mdZ:405%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1700735857644,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:252%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:278,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:252,wc:0.0.1600.1200,ac:0.0.0.0,am:i,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B29~0%5D,as:%5B29~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWqCkNU+11%7C12*.930694%7C121%7C13.930694%7C131%7C132,idMap:12*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us.bi,siq:253,slid:%5Butif_div-ad-gds-1625-2_9a64abbc-b4b2-49ce-8615-74c63dafd748,div_utif_div-ad-gds-1625-2,div-ad-gds-1625-2,gb-sky-slot%5D,sinceFw:25,readyFired:true%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 563ms
199ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=922653fb-20b7-c8c3-19c4-9f3127912f65&tv=%7Bc:uN0Yqs,time:332,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:332,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:252,wc:0.0.1600.1200,ac:0.0.0.0,am:i,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B83~0%5D,as:%5B83~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tWqCkNU+11%7C12*.930694%7C121%7C13.930694%7C131%7C132,idMap:12*,rmeas:1,rend:0,renddet:IMG.us.bi,siq:253,sis:323%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt14.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8DCC 114 KB
47 KB 452ms
452ms Fetch
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=447376611780076&correlator=3888557898460315&eid=31079657&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&iu_parts=46753895%3A346010489%2CGBA-CH%2Cch-cinergyag%2Ccineman_ch%2Cdisplay-desktop%2Cd-ros-banner&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700735857719&lmt=1700735857&adxs=404&adys=496&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=bvfxs2qvy0xd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fwww.cineman.ch%2F&ref=https%3A%2F%2Fwww.cineman.ch%2F&top=https%3A%2F%2Fwww.cineman.ch%2F&vis=1&psz=728x90&msz=728x90&fws=256&ohw=0&ea=0&ga_vid=137698593.1700735857&ga_sid=1700735858&ga_hid=1944406433&ga_fc=true&dlt=1700735857184&idt=338&adks=2375822377&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a3c4567a553f2725a920d42b740a283e02463c146e167ef2735b9fb10a5ad6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48191
x-xss-protection: 0
google-lineitem-id: 5628017912
pragma: no-cache
server: cafe
google-creative-id: 656282300857
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8DCC 16 KB
12 KB 72ms
71ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1414661ac9ac79d37e6080678340b8b127cfeace66f9c5c9e33938cd428564d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12432
x-xss-protection: 0

GET
H2 200 container.html Show response
aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DF60 6 KB
3 KB 138ms
57ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 10:37:37 GMT
expires: Fri, 22 Nov 2024 10:37:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8DCC 17 KB
6 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:37:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63C7 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
age: 358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 10:31:39 GMT
expires: Fri, 22 Nov 2024 10:31:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D316 829 B
1 KB 80ms
30ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c072c33b41dccc8cc969d8012454f7662c1232896bf2ebf25ed99021340e092

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S7bqBdmGC5cyeGYQtc3v2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-S7bqBdmGC5cyeGYQtc3v2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 10:37:37 GMT
expires: Thu, 23 Nov 2023 10:37:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 510ms
390ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0Yuf,pingTime:-10,time:573,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700735857939%7C%7C402832eb8d5ade9f49c43ee9a079a19e%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc542ec0b821681b5a6f37d6a8a005216%7C%7C9d3c0a74c54ea70f9dd787a6932c0b52%7C%7C2716fcd81d362555295bfaf5d0c4d7c6%7C%7Cd7aaf89e3e2ce44d6a574a1ddfbb625c%7C%7C0acde96a8a44e5c946ab1e364f78ff1a%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 63C7 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D316 0
0 56ms
56ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=447376611780076&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63C7 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8PixPA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D3C3 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 10:37:37 GMT
expires: Fri, 22 Nov 2024 10:37:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3DCC 478 B
532 B 117ms
61ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCgqpfKBBjZjPLnATAB&v=APEucNU8mNDuYImeCoS_-h_KBD4CgelPEhGnajfySm86EPRgzOQFRiZqnZc7hf3tAN5_Ipb4zhUatCJpj-qc_f9Hqv8E4e_uVA

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 175
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 10:37:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame D3C3 111 KB
39 KB 66ms
22ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.ch/
Origin: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 06:30:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14847
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Nov 2023 06:30:11 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame D3C3 7 KB
3 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:40:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame D3C3 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:40:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10630
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 07:40:28 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame D3C3 41 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 491550
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D3C3 3 KB
1 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:00:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 10:00:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7A94 1 KB
643 B 24ms
21ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

age: 46845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:36:53 GMT
etag: 48472445140208031
expires: Thu, 23 Nov 2023 21:36:53 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D3C3 20 KB
8 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 23:16:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3C3 42 B
63 B 57ms
55ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4mYMu9p4xWGANPb7kT--sWrKyoZ29umwljkoT4399y0oaPUi0Mcr1iy24-rWRhM3s1R7-4hxvqAM-4pymhBxwXyDrGYlcX51RKnimoIHY54TqlTw

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D3C3 0
0 30ms
28ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTFoasBZikhrAAwRy6qDHSzgXhp4-DAvPLaw8XXl4Pm7h4XFqKkhN4dsq23rCaYmEqXoEWsQr5tuZrndJ96uH3ldCE6Q
Requested by: Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3C3 202 KB
64 KB 136ms
84ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 10:37:38 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1121 38 KB
13 KB 24ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
age: 394673
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 18 Nov 2023 20:59:45 GMT
expires: Sun, 17 Nov 2024 20:59:45 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D3C3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 795d8ddd9a15cc560f37b9513ada6faaee89a96fc664feae03c602ea6050a6a1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A94
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEPGk3R6p_mgaovv80sE0E7M&google_cver=1&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDYwNDg4OTI1NjQyNTYxNA%3D%3D&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09DlJd...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDYwNDg4OTI1NjQyNTYxNA%3D%3D&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09DlJdRv0G-Yd50i

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwNDYwNDg4OTI1NjQyNTYxNA%3D%3D&google_push=AXcoOmQkezqTtHAvjaHMMTpbDBA-zBpiF6tGlhuTNAXVtTmBCZLrwITUEzDy8nvjcf7gDkKPZMngWMnraxeP09DlJdRv0G-Yd50i
Date: Thu, 23 Nov 2023 10:37:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A94
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOOimUDUsGRaWuMyM9mPBE4&google_cver=1&google_push=AXcoOmTs8-6pGG5WN_No0Bvoa5vd5njLXycr80NI1qtO4WDriasWhFU4xZIWr95X11GmN8u1bOtSJkgTSHLYhrd5PXUt95Okeqvu
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855745124148&us_privacy=1---

170 B
188 B

33ms
32ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855745124148&us_privacy=1---

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=855745124148&us_privacy=1---
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A94
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHdaqYEqpz8PyA90r_xgtOM&google_cver=1&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNx...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNxTUF2a&google_hm=eS0uQ2dJc0ZCRTJwR2VJR1...

170 B
188 B

34ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNxTUF2a&google_hm=eS0uQ2dJc0ZCRTJwR2VJR1ZtVWszNlpFTTJGTjVPSVRVYn5B

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 23 Nov 2023 10:37:38 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSaB3YfN_kipLSg5mw8fEkDiGYz2mE-cM4laZojL06KhbVheuPRl_WdnhpvWL6bJpN7K32Ug2FPNgcppvp8uxlwjNxTUF2a&google_hm=eS0uQ2dJc0ZCRTJwR2VJR1ZtVWszNlpFTTJGTjVPSVRVYn5B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7A94 43 B
363 B 131ms
37ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSGWgN5m7yf5qiJ8o1HvLahMcc9OP2S9phTn58LFSXnEAW3lzpMBEvBzuFMbK4cW1twK2kVr1dmuzYs10UQWXSc8jTtW1jy&google_gid=CAESEGk0wztWE-SL1yzQsD0eOgg&google_cver=1

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 211316
expires: Thu, 23 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A94
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dygh7g4ZSTWfx-66YUNZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dygh7g4ZSTWfx-66YUNZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuvxKDD2tuTI59zAycEPLzb5Jh62giNFnruF7dlt3W0wmXY0Tz2ixtcN0T79XYbP9uC9aBbGVonx5MIKqwBt4e7qm-GfpR

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=dygh7g4ZSTWfx-66YUNZpg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQuvxKDD2tuTI59zAycEPLzb5Jh62giNFnruF7dlt3W0wmXY0Tz2ixtcN0T79XYbP9uC9aBbGVonx5MIKqwBt4e7qm-GfpR
date: Thu, 23 Nov 2023 10:37:37 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003
sync.targeting.unrulymedia.com/csync/ Frame 7A94
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEGC74IKdNKVJUXo599QaV94&google_cver=1&google_push=AXcoOmTKCBKewRhQxZszwBgSGEr63VIzVOxt5InB5gZLHoqTDNI-3-euzOFWXA9X6EWCTJL4tesQeA11ZLEZ_pF6...
https://sync.1rx.io/usersync/smaato/b7370788e0?gdpr=0&gdpr_consent=
https://sync.1rx.io/usersync/smaato/b7370788e0?zcc=1&cb=1700735858641
https://sync.targeting.unrulymedia.com/csync/RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003

43 B
378 B

388ms
202ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:39 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003
pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7A94
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEHWMuy5ZblexuGwmFcytezU&google_cver=1&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01KFWb24w&google_hm=Mzk3MzUwN...

170 B
188 B

33ms
33ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01KFWb24w&google_hm=Mzk3MzUwNjIwNjgzMjkzNTE0Mg==

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AXcoOmToHWeXD6vrthdU-MAA7mgeJ-rRtZ38fsW90gzX6lR7s_jMV2NJAkQx52j3ki2jT_0cL8hKN0Ba0hhSsUsd3-ifS01KFWb24w&google_hm=Mzk3MzUwNjIwNjgzMjkzNTE0Mg==
Date: Thu, 23 Nov 2023 10:37:38 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 7A94 0
12 B 32ms
31ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0sb8lJsK4G3VgQSnsSUXpiWp9pVh9aPqleT9vG-mK7yOlqKYjZHwJtRJfQaAfF6oWhLoezA

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.html Show response
s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/ Frame 37EC 8 KB
3 KB 24ms
22ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45f6a796db5e51c4f9bac2a4e0ca888e2013ef11bce464a065eba743472c8774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 491187
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2753
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 17 Nov 2023 18:11:11 GMT
expires: Sat, 16 Nov 2024 18:11:11 GMT
last-modified: Thu, 02 Nov 2023 09:02:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D3C3 0
0 135ms
73ms Fetch
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvnA5LoKRj-sbF_S2T-VzPk24eSuInfZPJMwBAn9GRAMKYkFNIQaTfPJTbFCEYmEnubFP5fHsp4lKAMOfmOqhh8qQlqLaPEOMQpDT990D9O3nVTt2I55HzEDtaRf2N9Mq6HrvwM1lutibwHWmKgKTEjAnDu2eGbU7w589fT2LqaTx-UVktOWFoOZ3JReFjtMQe86vrph4eoHGk3F9CFUgtgt1shu3uvg5FgMAFN11Q55IFx8LRvj3FYN9jU1ksZXGDkTKpCtRcSBIVRUKiuW4ASlmPHTLuRZgZrH0Tgj7HhUvOK_sI0KcrdO_I4TI9-gLLSrYdSKKyya-P_AUiY1yCSWgejAcxAYI9HTPemFF-I8zcmjk1OQBGRTFGNKjRZJPFBLUO9IoEBmotB1n1nWRH7v7cgkuky4KUTUFnwgW5NX0uPTs5vrHS7sSduoI0D8mStaDJs_kotU29Pg5yBJgh1qrBjbf0KEYKfzgY-3s6z2YxY3q1yxFjZIkGTRhB0vfLrQvT-SbmsESEPL_Jj3xmKDkVuluU0cF--YOw6cQH9BVDpv5BrKy9M1SyQKt51V5H41O02iKBBcQfyEL8lzBtlM5uZE0ORu6JqWwR5GEr59ZZho4JBYTEtZyq5HoW6fk52A608DwK2fAttmt81WqVGFrsrdjHCZDuT5Wn68azHWItpBw0-r0zsgStE9yO28k7i-MiXj48E-nZEGg2KahmBBJIxluTwj5DQsp_TKbZKzvGBDqU8XrQbzHVOL2rfh7IbCaGDYg2LxkhFVeTOiX9qqY2WVCfPclVesD39uhro3ju2DSP6XfHCnWEfnDzweyKdgO7mBshWzT81AJKQcT3HEXTQFB2O-YbDEl5-utqCYP0O6B-WRMqRx2FmnLXPiqgpb2O0gBglzgF-vVsBnzfT5IoRHbgj-srQQEggjTB176FMuz20Q4oUrLPI5dTprN_laG0AfqhVoSeXCbL5ZJh9Yd8mM3jjgA6DksQVJb4NQPAe5gXSd5WmHq254UYPoknA2MvC1_iALwqD0Qto5lalC1Wq-Bye4DWOLTKLM1Nq_Ki3r9ImMh2POK_u-dUsFyIQxE1V-V7xGPYmeOdXSbFFAqhbmJPN8Ra__WiCOIokJalu4p-wJ7qi6mtnSsA9jRceANoWXfTlPciLqcVtQFs_Vo4Fdt-eAzz8UYBwtAfVJnZunRoijAMtruZIdBo64bTbEjBt_1jtNxTL0kuq_43LveWNufdGyxMidmP_b5MNIjRbd9Uqh1bs3WRhF-SVAHvHMaZb0uHn-ODazcKDIt2VeTPXACVgq8houlmNWXbBhgbbfCj1ze5tzHkLoQdpowRfwwqE_MpxylscOQK94e2K3pErzuH0X7v7m09S4PsjCa-nRv4Pa8z1zfsDxEQk-4W38-316TzyK_SbR5A9RPq8glkI0qTYzWv5BTlrxzV88IXBLLp6YQmEpIKyj6wNafxqFEuXDcgixjeif392U-JfqNolab7m1kaYSUv33WR0NFJpinSkyxT9iAfjXxhktYOmv967wc9EoWQUjTz_dlZmKP5LkGdT5B1lK0cXUkpexWEc2FxB-97yFL-gch96n5kIyrAoLShb7WSnD-cg6LwKwQPC1HP22A3x6lUjICq02CrTNQqEzVj4VvJAPRJQHnAJBOIInXXQCsaLyWbHRJ0E5azK87abiaXtPPm-qQXERcmLQ-YegWmMekAMSVOw_DskN5YHWu9zKCB40FaHgz-hvCQ5erAqnOD6OdJLz9ZZCbBzlkj4VfN0vBDcqVUthwTkSacotmywfQEZlVs6_nmktU9qqOfX&sai=AMfl-YQwaK1ZFgn6QVRedB_xJ6vFZawkcTA_5boS8lLdlwVVd86o42B-xmbGfYlv8XII1PmqBeNfp2H240fhDU9x9PYn9IiYxbzpSNCtz1CSKdxTli-TvD9u42Qezwj-iypDDldExC6PvPk11skLrYGKnubPqObpF8tdloTctKFz6ZNLXy6Pr39ZEN9DOstHppNR17DWxf_d3zdbEc2_LoAR0jECcBdhZWRImV8ZhbSiBqK5NeoUTFTUvPC5LXgXjzrJ2JhBSQ6XJ2prXnVrdmGHygJu3wovSl9AftmkYLS4-SJZAAQikycLgxnL8a8q_O4d7ww4mSLEy-kqCrgNgUgrGfMpGEBfZg2E_x7EkosU7kIFBpKa3XyeCZQDMDh6JraaqyxZjB7OlfpdUFPUtf6oOsUQ4Q6sBe1lsdOkf0kRGKE&sig=Cg0ArKJSzAnpnTMPtGxsEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9jb29wLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=95&cbvp=1&cstd=91&cisv=r20231109.54586&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 10:37:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 1121 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 23:21:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 126970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 23:21:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 198ms
197ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=922653fb-20b7-c8c3-19c4-9f3127912f65&tv=%7Bc:uN0YAZ,pingTime:-10,time:985,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700735857939%7C%7C402832eb8d5ade9f49c43ee9a079a19e%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc542ec0b821681b5a6f37d6a8a005216%7C%7C9d3c0a74c54ea70f9dd787a6932c0b52%7C%7C2716fcd81d362555295bfaf5d0c4d7c6%7C%7Cd7aaf89e3e2ce44d6a574a1ddfbb625c%7C%7C0acde96a8a44e5c946ab1e364f78ff1a%7C%7C1663701684,sca:%7Bspg:4035fc73-c328-3e3a-202f-546039e7f0d6%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt13.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3DCC 170 B
188 B 36ms
35ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCgqpfKBBjZjPLnATAB&v=APEucNU8mNDuYImeCoS_-h_KBD4CgelPEhGnajfySm86EPRgzOQFRiZqnZc7hf3tAN5_Ipb4zhUatCJpj-qc_f9Hqv8E4e_uVA

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 3DCC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&C=1

43 B
339 B

42ms
41ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCgqpfKBBjZjPLnATAB&v=APEucNU8mNDuYImeCoS_-h_KBD4CgelPEhGnajfySm86EPRgzOQFRiZqnZc7hf3tAN5_Ipb4zhUatCJpj-qc_f9Hqv8E4e_uVA
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrtSrh4tLfjssVee1zaSvbI3FvUDi%2B05MkJPaqCa8Vt%2BKVi8IH84py4hS7IDpS9ZexPS2%2B4HYKR%2BJKn66246l0FmOxCJcBA9EglsS1plRzLMTN3XMEbnVbjcvIenPbFjOVEid2BzQbfqfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82a8c72ba86a1ac5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PeybDo0Fb3IKa5k8oF7KXwWCguE0UD6St9chkUVmQISjkbcfySEFFPH%2FOXU80z0fRMOfrlZMl7tujh7vHKVByiar3B6ufkgyvFtxJ2YpX8upWLLo5yKiFSsZna0SG9%2B%2Bd2tyELRnEbqYEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&C=1
cache-control: no-cache
cf-ray: 82a8c72b4fd11ac5-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3DCC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV8rcvpd9AsnF.tTcGRDwQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&google_hm=2

43 B
778 B

51ms
50ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJjjZhCgqpfKBBjZjPLnATAB&v=APEucNU8mNDuYImeCoS_-h_KBD4CgelPEhGnajfySm86EPRgzOQFRiZqnZc7hf3tAN5_Ipb4zhUatCJpj-qc_f9Hqv8E4e_uVA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xTmDI3b%2FxO0RSMzLwoEu%2Bvkg6N8pLpuwPlIEmnZHtTNKxFQEW%2BVCkERL2BhJiUVfKo8%2Bph0qknM%2BCKJEfe%2Fs0FNRBFT%2BTgvosWM82ipAIlwbiKIo%2B2XYa9mB1wCALmAKFtTktwtA%2FrdXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82a8c72c2aaf3661-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBf5Y4uXKIIY_bBgtBduahY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 37EC 236 KB
63 KB 157ms
52ms Script
text/javascript 2a02:26f0:780::210:a46b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.html?ev=01_250
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:780::210:a46b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 23 Nov 2023 10:52:38 GMT

GET
H2 200 VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.js Show response
s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/ Frame 37EC 78 KB
15 KB 23ms
21ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.js?1697620307022

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2de489d176cf76a391cc3d96ba75b01b6a1bf8969bb327d7ffb6507a21eb9ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 18:22:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 404094
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15466
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:02:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Nov 2024 18:22:44 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 8C62 0
596 B 34ms
33ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3741&pub_id=1169603&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
an-x-request-uuid: e2a06849-338e-4b72-93b1-20707f082e80
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D3C3 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQyXMC6ooSNJ8X2h436OOmuyxwBhlvj8FWK8EPvrCDQuhvQUhJFgMUD8BUxzrZJSf2SnKkX_bD4RIKrV97fafa1b7FqStCkA3Yv1mv43Hq4wQl8B6EzHeVAZfGsKXpAumQ6DN2Z-tYjQR6JAFWCMIxn80eEawf2iPTsAhT3MR6fKDI9sYC6ly6sl_G-Asmy2bDJRoTL2BKRLDJEEQdRC9VOXjKKQ04NCwmA9jEmQIv4dYSkle4_mvUoqQoZH7JD4P4J2A5TN0IG351TUxYKOrTEfE-NJFDiCAWjhNnE-W_fg2yRaXXRtcG3lseKOwqV_BmPLNyNasGhEDK836pamtfmCemhdK9A2grKNijOTKKwlLbqEGnhbDS3UrS2p9SRFjkqKyt2AKw9j8GjVmoIfcR4OejUAqnEp_-ZfCbnwXSR9UR&sai=AMfl-YScdL5cldgf6XQ8LgBe08uKS6MxHBVnppzkL5Iz4BFZU8f4AWO5wDMLwu8_5P_sT34mRgPjOnnbLQegLfd3275B51lHI1nIRmfx0jpeRoGcQLIvj2lU4KU2akp-oQ&sig=Cg0ArKJSzCmB0eJQYgF3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Nov 2023 10:37:38 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 973B 0
596 B 38ms
37ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=3741&pub_id=1169603&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=3741&pub_id=1169603

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
an-x-request-uuid: d0c85176-e1e4-4126-a40f-a73c159c5805
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 vevent
ams3-ib.adnxs.com/ Frame 8DCC 0
662 B 34ms
34ms Ping
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.cineman.ch%2F&e=wqT_3QLvCqBvBQAAAwDWAAUBCPDW_KoGEIuws4v6_7rSCBjEtfLf8Z2E1EsqNgkAAAkCABEJBwgAABkJCQhEQCEJCQgAACkRCfCBMQAAACCF6zpAMKb5-AY4nR1AnR1IAlCcvLmiAViV-llgAGiD71F4wvQFgAEBigEDVVNEkgEDQ0hGmAHYBaABWqgBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCPnVmKCdhJywgMjk3NzAyOCwgMCk7dWYoJ2knLCA2ODI0OTAyLBEUNHInLCAzNDA2ODAyMjAsARbwZZICiQQhZmxGVlpBamszOTRZRUp5OHVhSUJHQUFnbGZwWk1BUTRBRUFFU0owZFVLYjUtQVpZQUdCY2FBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRVNxQUVEc0FFQXVRRUFBQUFBQQEECE1FQgEHCQGQREpBYmZaQktKZXZBTkEyUUVsZWhuRmNrdnNQLUFCeHNlZ0FfVQkwKEpnQ0FLQUNBTFVDBTwETDAJCPBSTUFDQU1nQ0FOQUNBTmdDQU9BQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6TTZOakE1T09BRGhVV0FCTnlzNGdlSUJQNnM0Z2VRQkFDWUJBSEIJcQkBCHlRUQkJAQEUTmdFQVBFHc0gQ0lCZEl2cVFVGbgIN0VGASsJAQhEQkIdPwh5UVUJFwEBAE4yKAAAWi4oAKg0QVVBOEFYRGc1QUktQVdFMnJVQmdnWURRMGhHaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGBhMZ0dESUVJCRkFASgumgKZASFDaEpGVj4NAihKWDZXU0FFS0FBeAUrCQEANjJdARRFQ0ZSVWs5EQAxHW0ARh2FAEcdGABHHRgASB0YEEhnQWlRHRDwyUEuLrICIDM0ZmY0ZGNlMGZhZjU5ZWJmYTQ1MDMzNmJjM2NhNWMx2AL1mwHgAvuiL-oCF2h0dHBzOi8vd3d3LmNpbmVtYW4uY2gvgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgD-vVU4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNNDUuMTIuMjIyLjE3NKgEALIEEAgAEAEY4gcgsAQoADAAOAK4BADABADIBADSBA4zNzQxI0FNUzM6NjA5ONoEAggB4AQB8ARl9iCIBQGYBQCgBf8RARQBwAUAyQWJMRTwP9IFCQkJDHAAANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgkjKPA_0AbbDtoGFgoQCREZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8L0BdIHDRViASYI2gcGAV3wcRgA4AcA6gcCCADwB8D_DIoIQwo_AAABi_vBrYAIpOv_oWzYCzxKSn5rLvBse9v2GjwCNWd6FjPcoTKJVkIdpv2j1WHKTymaFG1Z3wf7RlUqCRulEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=bbf47eda1dac861a040450db01b223546fc87f27&type=pv&jm=1003&px=404&py=496&bw=728&bh=90&sf=1&sid=3894272811851017536&vd=ct~0|rr~6&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=14564518&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
an-x-request-uuid: c10e63fd-79f8-4ddc-a03a-5948496fae5b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.cineman.ch
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1121 0
20 B 58ms
58ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BCudccStfZbnKL4CN1PIPhaGs2AwAAAAAOAHgBAI&bg=!e3ileDfNAAZxrfrxUa07ADQBe5WfOI7BNtrcEpibQbbERQfCBNyVX_ekhR4XkmYUrHAJ6fFrrqxEmfudfua1t8gb_lBsAgAAAIpSAAAABGgBB5kDE69484Ya5RO9N9ISUlpldbsuqR3l5Xs0YQl1jPZWltTN5Jy6qudR0xzTUT8daZoG3BHWUHX88ffqURxtIUldRZ4d1DK_Kri4KZQLDXyZbXvo4Xe2Mo1K6LenuiDN0liX1r4S1wEaxhnhBtS9V7zoPpEhLpVJTwsN3fh4u4_ANCC3g0XDskzN4IkJwFs7WswZ5jIzPrHXYARIcgqHr5YhTHhNj5AuEkS8DsCIYaYZIApOP1MXRZ7qGAAN5FAk4k28Er_8EYclkBrhDaUi4Z4ievsK3xfWtUGiHfJ0TevfekpjjB-EyslJnmQh7lZTSioU8wvr6VesAorfsIf4PQZ6g1j-10v7oT5qOsFdN8G2w37hapbzNVfIwxjV5Gq-RT4Mubr49gIpDRaty9xHaFUTwWBOU6Q2oIV6eVt0348SZ12OqipnFSHUR9zq8XQRC3SR6rWIOHRs7QXkRO95qZLbN3CFe1nelDF0qsHOtkE2aMV5in6pMo02DWBHCu3h4y48K5Ur3L0bp-vDLaeN_zec8JQ_GANnZTsdyglsW9rsB7TJRf9OFGXCybzc23Ktkepfnc7DldZZ5RmXNh2_S-J-NNlLHh_nOaVIjql90mxVv3HrxkZeIkxsrxD5JEAG3VcX5cegPlCL_76smj_2npk8DOoktcCe4tfig01pL7NVxSiWm53d-9SDC8s1_BgdeYTqgyS1aUfWHxKjc_6MM5x0CP7cIhzydbs6qW07qx1HOLehkMGAmrwp7hd6HZpDyvS9uimP_YJ0ZDoapWPkWUc6gxUgOKI-psvD9sTnHT6ti4I6fOztyQ1hBv6xvMBPGHlOEe2qeIS9bCTLEUvgx6NuOjF-LP7od2-2qtkxoSuBHzk2i5E4HIsvpxTjpron44htpiQoSX9I93XOVk74DgdfMOQ7diEZ_ezmu--xoJBeF6iV6wzh2HG3S_aQGmCGsQupdevOq9r-QxrXZDiTyJ87QwlH3UwWJCr7u8_6K3oeaRTLtuuuyVADe6m0wV2EJ7jN14XOdvNHAoEsm_tj0rgSV7VP1_k

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d_atlas_P_1.png
s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/images/ Frame 37EC 36 KB
36 KB 23ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/images/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d_atlas_P_1.png?1697620306893

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04e576e78916ac141efa0ac6d5f2e0d2f04a24db922e045e040f88226e49f0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 17:29:58 GMT
x-content-type-options: nosniff
age: 493660
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37008
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:02:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 16 Nov 2024 17:29:58 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame D3C3 0
0 63ms
62ms Fetch
image/gif 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvnA5LoKRj-sbF_S2T-VzPk24eSuInfZPJMwBAn9GRAMKYkFNIQaTfPJTbFCEYmEnubFP5fHsp4lKAMOfmOqhh8qQlqLaPEOMQpDT990D9O3nVTt2I55HzEDtaRf2N9Mq6HrvwM1lutibwHWmKgKTEjAnDu2eGbU7w589fT2LqaTx-UVktOWFoOZ3JReFjtMQe86vrph4eoHGk3F9CFUgtgt1shu3uvg5FgMAFN11Q55IFx8LRvj3FYN9jU1ksZXGDkTKpCtRcSBIVRUKiuW4ASlmPHTLuRZgZrH0Tgj7HhUvOK_sI0KcrdO_I4TI9-gLLSrYdSKKyya-P_AUiY1yCSWgejAcxAYI9HTPemFF-I8zcmjk1OQBGRTFGNKjRZJPFBLUO9IoEBmotB1n1nWRH7v7cgkuky4KUTUFnwgW5NX0uPTs5vrHS7sSduoI0D8mStaDJs_kotU29Pg5yBJgh1qrBjbf0KEYKfzgY-3s6z2YxY3q1yxFjZIkGTRhB0vfLrQvT-SbmsESEPL_Jj3xmKDkVuluU0cF--YOw6cQH9BVDpv5BrKy9M1SyQKt51V5H41O02iKBBcQfyEL8lzBtlM5uZE0ORu6JqWwR5GEr59ZZho4JBYTEtZyq5HoW6fk52A608DwK2fAttmt81WqVGFrsrdjHCZDuT5Wn68azHWItpBw0-r0zsgStE9yO28k7i-MiXj48E-nZEGg2KahmBBJIxluTwj5DQsp_TKbZKzvGBDqU8XrQbzHVOL2rfh7IbCaGDYg2LxkhFVeTOiX9qqY2WVCfPclVesD39uhro3ju2DSP6XfHCnWEfnDzweyKdgO7mBshWzT81AJKQcT3HEXTQFB2O-YbDEl5-utqCYP0O6B-WRMqRx2FmnLXPiqgpb2O0gBglzgF-vVsBnzfT5IoRHbgj-srQQEggjTB176FMuz20Q4oUrLPI5dTprN_laG0AfqhVoSeXCbL5ZJh9Yd8mM3jjgA6DksQVJb4NQPAe5gXSd5WmHq254UYPoknA2MvC1_iALwqD0Qto5lalC1Wq-Bye4DWOLTKLM1Nq_Ki3r9ImMh2POK_u-dUsFyIQxE1V-V7xGPYmeOdXSbFFAqhbmJPN8Ra__WiCOIokJalu4p-wJ7qi6mtnSsA9jRceANoWXfTlPciLqcVtQFs_Vo4Fdt-eAzz8UYBwtAfVJnZunRoijAMtruZIdBo64bTbEjBt_1jtNxTL0kuq_43LveWNufdGyxMidmP_b5MNIjRbd9Uqh1bs3WRhF-SVAHvHMaZb0uHn-ODazcKDIt2VeTPXACVgq8houlmNWXbBhgbbfCj1ze5tzHkLoQdpowRfwwqE_MpxylscOQK94e2K3pErzuH0X7v7m09S4PsjCa-nRv4Pa8z1zfsDxEQk-4W38-316TzyK_SbR5A9RPq8glkI0qTYzWv5BTlrxzV88IXBLLp6YQmEpIKyj6wNafxqFEuXDcgixjeif392U-JfqNolab7m1kaYSUv33WR0NFJpinSkyxT9iAfjXxhktYOmv967wc9EoWQUjTz_dlZmKP5LkGdT5B1lK0cXUkpexWEc2FxB-97yFL-gch96n5kIyrAoLShb7WSnD-cg6LwKwQPC1HP22A3x6lUjICq02CrTNQqEzVj4VvJAPRJQHnAJBOIInXXQCsaLyWbHRJ0E5azK87abiaXtPPm-qQXERcmLQ-YegWmMekAMSVOw_DskN5YHWu9zKCB40FaHgz-hvCQ5erAqnOD6OdJLz9ZZCbBzlkj4VfN0vBDcqVUthwTkSacotmywfQEZlVs6_nmktU9qqOfX&sai=AMfl-YQwaK1ZFgn6QVRedB_xJ6vFZawkcTA_5boS8lLdlwVVd86o42B-xmbGfYlv8XII1PmqBeNfp2H240fhDU9x9PYn9IiYxbzpSNCtz1CSKdxTli-TvD9u42Qezwj-iypDDldExC6PvPk11skLrYGKnubPqObpF8tdloTctKFz6ZNLXy6Pr39ZEN9DOstHppNR17DWxf_d3zdbEc2_LoAR0jECcBdhZWRImV8ZhbSiBqK5NeoUTFTUvPC5LXgXjzrJ2JhBSQ6XJ2prXnVrdmGHygJu3wovSl9AftmkYLS4-SJZAAQikycLgxnL8a8q_O4d7ww4mSLEy-kqCrgNgUgrGfMpGEBfZg2E_x7EkosU7kIFBpKa3XyeCZQDMDh6JraaqyxZjB7OlfpdUFPUtf6oOsUQ4Q6sBe1lsdOkf0kRGKE&sig=Cg0ArKJSzAnpnTMPtGxsEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9jb29wLmNo&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=331&vt=11&dtpt=236&dett=3&cstd=91&cisv=r20231109.54586&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.cineman.ch
URL: https://www.cineman.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 10:37:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DCC 0
0 58ms
58ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=447376611780076&bg=!1dal1pnNAAZxrfrxUa07ADQBe5WfOOlbpPM7llGCTyFx0yAzTJooK8ooMEKjwQGQDMcjVXs0rF3zNn60RMAnhu4IgiYtAgAAAF9SAAAAB2gBB5kC0kUTty7eggCFva_3N1Mf8swU_NuI52INigucZt-HS5wEpMgfcjGba4jaeSXRRGOQ28lJk0bOhgeFefXqJdzkS4Z_nxS_Ri28l-8J8HWZicaKk1WlBYjG9ecfzeUGqhd3L4wpkgiC6iLX7CWT4CJh23IcapfreNd9cp4oPPN_hsqlGcLefE_3sIhBAg00QRWDu1CeBYE54W0mR-W3J43eb8BjJulgWe_dKqxE8fSbY9fgtWg74HLd44ncuhfPGenJQ_LD6QIWVIiQUWGhN6IajioqVry3WhAk23VdDcRudn32XBDmYDmXTlZEZUd9sP5pSyAlZmog4I29WrMtoZY61JdU54cLRFd738tzgIooScSc1cu1fF5bxydPDQXaU5KptGrpmnkeY1VFcI2t02RUdvQ9ai-c6yL2QYpMp-LWHDp6ouSq1TblGsFfNjuHgRTJ5o3C2PUwt16RI2wMYktwKPZSWgKE-iBAXOHF0BBkUIlybpLPH3JPdoHjY_ZvsNi2TY5u8WXyYqPchi6Zw3_InQyQhcmA6Ngfz72oc2Z-nw_b7CesKTU4ZlPFQKKWy04KruNuVUB76hF6AnccLno4_8C179wTVoB0Ze9dQy8_DtAfuptq6WxE6AYa858tfdgYacenbYFJwRLb7QsVo-ysH0aagVD7-obixHbzHm3_GcwecL0pQUGEdtEiPe2kl0fo1s2o5A3HWLgG8_6-3EOEFqmwGMg6aWwMLfxBN_j3ubM2CfoEUeDq9opMinbzbpIdotXOQlM_rRq5s-FZ4aHewv5oMomaCuQH1OAvRkjsLJIJLrADyQfYJOcfaanXXFbG6HlqByL8-XIlcNsr1mh31CjbdUb-LNehBb4H8J1qi0iZ54PlOu1Kiu-i8Na18ZSFGm831nflq-abS7iQMzQKzr_kWLOvIuBBtq3FWsdsH4-FMtiDa0mvQnElbCDwtawoQiyu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d_atlas_NP_1.jpg
s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/images/ Frame 37EC 7 KB
7 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5152573899992465408/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d/images/VAL_RZ_Geschenkkarte_Xmas_B2B_728x90px_d_atlas_NP_1.jpg?1697620306893

Requested by

Host: aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
URL: https://aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1293623eefaa86ab03bf6c8461b83e95d809b2c3fa197752c7f7ef7e4e81814

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 11:11:22 GMT
x-content-type-options: nosniff
age: 429976
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6726
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 09:02:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 17 Nov 2024 11:11:22 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 200ms
199ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFy,pingTime:1,time:1274,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1274,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1053~100%5D,as:%5B1053~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 200ms
199ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFz,pingTime:1,time:1275,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1275,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1054~100%5D,as:%5B1054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt09.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 201ms
200ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFz,pingTime:1,time:1275,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1275,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1054~100%5D,as:%5B1054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 205ms
204ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFz,pingTime:1,time:1275,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1275,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1054~100%5D,as:%5B1054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:sky1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt10.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 199ms
198ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFz,pingTime:1,time:1275,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1275,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1054~100%5D,as:%5B1054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:pfzr1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt11.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 199ms
198ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YFA,pingTime:1,time:1276,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1276,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1055~100%5D,as:%5B1055~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:573,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:mazdade1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:38 GMT
server: nginx
x-server-name: dt12.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D3C3 42 B
64 B 66ms
65ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2gwVPWgY9GotgQF2vuLvOLJ08q44RKXq9Rng7NjUYvFjfs12lhCVfue0qJrU79TFF2LniltDbSVh_Rhv6djYHf8g9G1T6XDJMRktHuCBpwXCCcIi_rxGhbQ9MXLHyAaGbtTKnaayVxohFK8CQkwyE5zmmczKryZgNzRFbhJNjPp7HxE31a7I6sJqEARgvEyr1SwEreEeWu7xH5ql8JN345PM1_sXJMUuStIqisAg&sai=AMfl-YQUYLd0KXk9KdwnuyHvA5EXLO-uU9T6dAd1Y2o5_1iWUqex3HgOqNn-Kb0pgRItqUnXCQgazCYyvoKlLAA-Wv7I-bA4Nt_rTkZAU-R-5Rh9hGvAKwaC-seFrNk&sig=Cg0ArKJSzGVpVlqXxZ3_EAE&cid=CAQSOwDICaaNQfqwxOilEv7uZFMyt7trygC4VWwD_wG0g_ZUaPGa7zwKwEs47tyuKuR-5Ze0mafp10vId66aGAE&id=lidar2&mcvt=1000&p=496,404,586,1132&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2375822377&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700735858213&rpt=277&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 199ms
199ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YVG,pingTime:2,time:2274,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2274,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2053~100%5D,as:%5B2053~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:207,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:carre1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:39 GMT
server: nginx
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 199ms
198ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0YVG,pingTime:2,time:2274,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2274,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2053~100%5D,as:%5B2053~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:207,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316,metricId:qktrf1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:39 GMT
server: nginx
x-server-name: dt23.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame F715 52 KB
17 KB 23ms
23ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://www.cineman.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.ch/

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 7192
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 23 Nov 2023 10:37:40 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2454, 72988
X-Served-By: cache-lga13626-LGA, cache-fra-eddf8230041-FRA
X-Timer: S1700735860.226169,VS0,VE0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F715 0
595 B 34ms
33ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:40 GMT
an-x-request-uuid: ba0a0c22-1df8-454a-8bb5-101ea4e3d3f9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame F715 0
595 B 34ms
33ms Script
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:41 GMT
an-x-request-uuid: 62fcfe5a-3ecf-4703-8fcf-ae3209bdeccd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 45.12.222.174; 45.12.222.174; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 207ms
207ms Image
image/gif 2600:1f13:800:7780:25e5:b3da:7d1d:5e73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=930694&asId=4035fc73-c328-3e3a-202f-546039e7f0d6&tv=%7Bc:uN0ZI5,pingTime:5,time:5275,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:232%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5275,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:232,wc:0.0.1600.1200,ac:404.496.728.90,am:i,cc:404.496.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5054~100%5D,as:%5B5054~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:201,fm:tWqCkNU+11%7C12.930694%7C121%7C13*.930694%7C131,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.us.dr,siq:233,sis:316%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:800:7780:25e5:b3da:7d1d:5e73 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 10:37:42 GMT
server: nginx
x-server-name: dt15.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpb27tit&c=8750477010529&slotId=4375238505264.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpb27u10&c=8750477010529&slotId=4375238505264.5&uet=2&ghmsh_eids=44731964%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291%2C44807948

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cineman.ch/	1969-12-31 23:59:59	Name: cinemanauth-session Value: etjrk0hldc92daodgk94t7u2i6
.doubleclick.net/	1970-01-21 02:01:35	Name: IDE Value: AHWqTUnPx5jo8KHo_CtAgYI0mr9U6CQuV84LGmX_ze5Y8zys_jTKrxOlGvVxt038xMY
.adnxs.com/	1970-01-20 18:35:11	Name: uuid2 Value: 5451625968084753092
.adnxs.com/	1970-01-20 18:35:11	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il]rIdlv!]tbPl1M>e)ZlrFUfJ+tGXxp:D9l<v8e3!A>PM+-<TnyvAeCtg]5)P.MtelK3If)y3KL9D3I?+r?ay/k
.cineman.ch/	1970-01-20 20:44:47	Name: dakt_2_uuid Value: 34ff4dce0faf59ebfa450336bc3ca5c1
.cineman.ch/	1970-01-20 20:44:47	Name: dakt_2_uuid_ts Value: 1700735856533
.cineman.ch/	1970-01-20 20:44:47	Name: dakt_2_version Value: 2.1.59
.cineman.ch/	1970-01-20 16:25:37	Name: dakt_2_session_id Value: 847080dbd2a920a751402b99034f290e
.cineman.ch/	1970-01-21 02:01:35	Name: _ga_BPGRT7H4R9 Value: GS1.1.1700735856.1.0.1700735856.60.0.0
.cineman.ch/	1970-01-21 02:01:35	Name: _ga Value: GA1.1.137698593.1700735857
beagleider.tamedia.link/	1970-01-21 02:01:35	Name: uid_cookie Value: 5c7a7010dc008634f3e51c2406593b1a
.adnxs.com/	1970-01-20 18:35:11	Name: icu Value: ChgIw7FHEAoYASABKAEw8db8qgY4AUABSAEQ8db8qgYYAA..
.cineman.ch/	1970-01-21 01:47:11	Name: __gads Value: ID=5caabc13b46c705c:T=1700735857:RT=1700735857:S=ALNI_MbjrSMMgeJA7pD2V8L18WA1k_TlUw
.cineman.ch/	1970-01-21 01:47:11	Name: __gpi Value: UID=00000cd8aeda214c:T=1700735857:RT=1700735857:S=ALNI_MaHA8MF6j7Uwlz6G8d74J5e9t82xw
.adfarm1.adition.com/	1970-01-20 18:35:11	Name: UserID1 Value: 7304604889256425614
.pubmatic.com/	1970-01-20 16:27:02	Name: KTPCACOOKIE Value: YES
.smaato.net/	1970-01-20 16:55:50	Name: SCM Value: b7370788e0
.smaato.net/	1970-01-20 16:55:50	Name: SCMu Value: b7370788e0
.acuityplatform.com/	1970-01-21 01:11:11	Name: auid Value: 855745124148
.acuityplatform.com/	1970-01-21 01:11:11	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRX54GzeemGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUV+eBs3no90aGlyZFBhcnR5VXNlcklkWkNBRVNFT09pbVVEVXNHUmFXdU15TTltUEJFNPv7hnZlcnNpb27C+w=="
.pubmatic.com/	1970-01-21 01:11:11	Name: KADUSERCOOKIE Value: 772821EE-0E19-4935-9FC7-EEBA614359A6
.yahoo.com/	1970-01-21 01:11:33	Name: A3 Value: d=AQABBHIrX2UCEGD6IwNV-NCv9fPHtIROK1cFEgEBAQF8YGVpZQAAAAAA_eMAAA&S=AQAAAlIrl7M5Y3ahreC9sWaAIPg
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNrY0NzY1MDMyMLMwNrI0NjU0MRLiM9Q1Lk8xD7A0tsyKT7EEAG67yvIlAAAA
.rfihub.com/	1970-01-21 01:47:11	Name: rud Value: H4sIAAAAAAAA_-MSNrY0NzY1MDMyMLMwNrI0NjU0MRLiM9Q1Lk8xD7A0tsyKT7EEAG67yvIlAAAA
.rfihub.com/	1970-01-21 01:47:11	Name: eud Value: H4sIAAAAAAAA_-OSMXR2dA129Qj3La00jUrKSa0odS_PdUuuLEmtCg3iNTQ3MDA3NrUwtTAxMXjFiMoHAE6buNw9AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA129Qj3La00jUrKSa0odS_PdUuuLEmtCgUAdOw4kx4AAAA
.casalemedia.com/	1970-01-21 01:11:11	Name: CMID Value: ZV8rcvpd9AsnF.tTcGRDwQAA
.casalemedia.com/	1970-01-20 18:35:11	Name: CMPS Value: 5138
.casalemedia.com/	1970-01-20 18:35:11	Name: CMPRO Value: 5138
.1rx.io/	1970-01-21 01:11:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003%22%7D
.targeting.unrulymedia.com/	1970-01-21 01:11:11	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5f0ae220-8b0a-4ada-81ed-d06538238f32-003%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	error	URL: https://imasdk.googleapis.com/pal/sdkloader/pal.js(Line 5) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://tpc.googlesyndication.com') does not match the recipient window's origin ('https://www.cineman.ch').
network	error	URL: https://www.domain.ch/... Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=300; includeSubDomains;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
aa462ce8d66dffa555cc42da2fccd60a.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ams3-ib.adnxs.com
beagle.prod.tda.link
beagleider.tamedia.link
cdn.adnxs.com
cdn.adsafeprotected.com
ch-gmtdmp.mookie1.com
cinequiz.ch
cm.g.doubleclick.net
code.createjs.com
crcdn01.adnxs-simple.com
csi.gstatic.com
d2o03xjkdzg1z6.cloudfront.net
dis.criteo.com
domain.ch
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
gbucket.ch
googleads.g.doubleclick.net
gs-goldbach.da-services.ch
ib.adnxs.com
image6.pubmatic.com
imasdk.googleapis.com
media.services.cinergy.ch
pagead2.googlesyndication.com
pexus.prod.tda.link
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
region1.analytics.google.com
s.ad.smaato.net
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
templates.da-services.ch
tpc.googlesyndication.com
ums.acuityplatform.com
video.gbads.net
weather.da-services.ch
www.cineman.ch
www.domain.ch
www.google.ch
www.google.com
www.googletagmanager.com
www.googletagservices.com
zuba2.prod.tda.link
csi.gstatic.com
104.18.36.155
104.26.15.6
108.129.52.148
13.32.27.33
142.250.185.198
151.101.129.108
151.101.65.108
154.59.122.79
172.217.16.194
172.67.41.119
178.250.1.9
18.185.252.128
18.194.125.69
18.66.112.20
18.66.122.123
18.66.122.128
185.89.210.153
193.0.160.130
198.47.127.19
2001:4860:4802:32::36
23.35.236.188
2600:1f13:800:7780:25e5:b3da:7d1d:5e73
2600:9000:211e:4200:1b:5138:8a40:93a1
2600:9000:2250:9a00:19:a7f1:4080:93a1
2600:9000:2251:d600:8:48e:53c0:93a1
2606:4700:3032::ac43:b5d6
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2006
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c09::9d
2a00:d70:0:a::150
2a02:26f0:780::210:a46b
2a05:d018:d29:3605:3b2e:d970:bb65:e6b3
3.69.66.66
34.160.111.29
46.228.174.117
52.59.96.4
85.114.159.93
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0273f406ea42907dcc773c77c2fda6bd01a175d382b56728a73e1282a2ce453d
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04e576e78916ac141efa0ac6d5f2e0d2f04a24db922e045e040f88226e49f0c5
052d48a882c74a46e0469862e9fcd84ec0923d61859dd853e6abe5ff1758e065
0564a9d9b61d4038b6ae8b8c9aab440b6f81b1e4186bd905bb064dd309971929
08ea0cc99f1c814363229eefd627e54dc8df1385f3bef48fb85d640f37f9c832
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fbc5dc1322a921c1732d1d9979da19eccfeb523ac3cb6af7b8739a950861fae
1076b1b1e1a4a8f2b70f4886c8e0ccc5e859a7814cfae60d22eb7cb65d8aed56
12b11be6b1c64a7accdc40e811cf6aafa1b7a558140f726445fe37e00eb784f7
1414661ac9ac79d37e6080678340b8b127cfeace66f9c5c9e33938cd428564d8
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
24960278392fc0529939f582635cf356da5fe5d32bbb5ba58749dd07ed68dce3
2a691d9a762c4b85a2073d7e3407ecdd1fd5f3c2a019784a5e3ef77c2be77230
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2d510de3a1d076b47340cc5f84fa93285645cb07919480ff0fc6c2cb3cc10ade
2de489d176cf76a391cc3d96ba75b01b6a1bf8969bb327d7ffb6507a21eb9ecf
30746e71d940f1d387837fd50f56e01b27765681b6c2892a0233170e69ce9082
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
37c29a5401ce2746314ada733bf6d560cdec058924113625953e42717bfa6c49
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
45f6a796db5e51c4f9bac2a4e0ca888e2013ef11bce464a065eba743472c8774
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47201280ac3d11ddb0029f1f3fc27d90bb4a554576d4e5fb91ca0e2556b434a6
47c58e41e2f38d9813c39b6641c96e12408522bf774779cb58973f67303875a7
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5008bc9e1b1af8f0aa70b2560c3938bd67c01392eb9e56a156059a113af331e7
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5c072c33b41dccc8cc969d8012454f7662c1232896bf2ebf25ed99021340e092
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ca1acf758fd7382294cd05b42369f705b8bbb9ac87053e83258806a18933d1
62d026908eacc8a8270206e175cb7e00541d78d65f7761004e6ae385420eb26e
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
631229f4e901317dcf8142a947a12c1f375e255f5fe7c83d72d1fe0faf07f80d
678f12cbea984230dc14c0ea0335a149919c34428144e2e80ff951bc49b6e5ee
6f68e63df3ac11163b1cbdeccd457b38385b47c5b6b1a0f5375c440a4d0c4fa0
70a867ab4cc38b3889fa144580850bd84a17b034f081db9cbd01e0227f74090b
7562306879b8d65be698fc417e7eba78bdc561030b8e905d825dabb819c5a04b
757180826d393f4954ac2504b7e2fde617692e237cd6091ad3b72bc41f1f2d68
795d8ddd9a15cc560f37b9513ada6faaee89a96fc664feae03c602ea6050a6a1
801dde4ed03d8ec2761d0eb4e14fd0e3931e3d42058a5b5d8318730db39f8e95
82f3d140e813e8ee37611eba98f8779fe1cb88fe2d62d00f1af499e3db7eac4e
843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c
87af203f84908b12408b67c4d19ce8731c881260ac8666e5b64a641e2a90289a
87ca70e7f87fe90d65684880683390c2ebc12c143c909f924c6f31944909988a
8a3c4567a553f2725a920d42b740a283e02463c146e167ef2735b9fb10a5ad6d
8bedede02903d0840314b765d15330f1d747f42ae0af4ce4e041a4a55f1e24da
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d09fbabddccdb6691c0795487b1160d50090f9ae251f9d457d1cc8ffcba0102
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9024c6d076707260b885e5bbcf8386a97d19dfff2f5ae982ce1951e30210b98a
95733049c58658bbf06ff34c1070931d3b1e756b91fea587a758c56c09a44b9b
977cf3a9acb8235c08e10f7804a52232156a02e33a5259ff3dde72a390376a19
993478d7b0fee44fe51f463a63427e757d60b77a152b2e2184c1d4f21f16802c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca00f8ca3c2bae0ff8d24511b63287d7abae4fdeca7af8156c251a21d315f78
a2b406ff5db8934e3cde01e40ca2c64aa22d8344311efaa99582c70b54520a88
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a2fb8752c857ecaf09244956a1d84b84f04578a2627c2f2aeb6ba329c68e65cb
a3eb2d0caf3502359966882d146b1a75e34bf933cbdace1c286395ea3fd1f567
a6ae703a4d6865cd58d21e53d6396ef65a16ad2f3ca7132257d6757bb63c130f
a89b918e0f1384be97b66ef30d4a5705f7146159d84aba6a972d696af2105e35
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a120351b4229bfe985d52e9e20d5369127c7bce029210a15067378b0661c2d
b68c4cbcb74f2a22324ada36deb43c7b6c5103eb23921edc70829b36195b2026
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be09f80bb6b892b1c6650023f42912946f8cc17f55d137fcb27af165d73b7a59
bf4e5c5455750d04507c715644630248440d4cd3e2f0a513217d681a29e3e3fb
c122da7cb618c8c723e55ad12f7fd95aeaeabaa8397cfe6ab2012c24fdd7937c
c1293623eefaa86ab03bf6c8461b83e95d809b2c3fa197752c7f7ef7e4e81814
c17703913467f1c332518693b352dbd2065a8ac08f15b640c8f3864b4065f938
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5883c9170e136f0b9e1c772542db75733b326aa5791fe58f06613ad1ad91328
c5d122ceb58926c5fc3da5d1d664684af89e5dc8f6ee490449ef4e1f4f1da790
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d3da2adabcb26b0d20d5ddf91e3b608996801e6d8a99a739bb041f9c9628539c
d4b64da2687f53b4930a2c619426acab23efbc6c29bb99748f87982eb66a50b5
dcca52366c4395a41327c3e2e921a96a4428c298dbf116ec37f20b4138f29f7f
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e68d07b17c254c6f5352bae08309aa9d79e6083a881eb0096cf7ec317595109f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edb925d69948010bc96587ada59dcdd4dea5e81122c173a36787532c8fdb4c8e
ee535e7b96b3393758e932d85165876bd291bc9feda0a3447acd2b222e3c816d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0789d0a22ff0df16f2a378cc93c82711cb77aefeb87c0f38dcdb93f0b183ce8
f7ced871d2b25893b5254dbbb786ffd9d0b715aebf6c41747c8e2f00dfd20cdd
f8d4cace2aa0f69aaaa64988472fa1c8e44e53e9b487a79dfb6b577d3f7b9952
feeb104fff9eceef6a9a21a30fe647dc585f9f62d01e925ca8a4975f218407ac

www.cineman.ch Open in urlscan Pro 172.67.41.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

91 %HTTPS

47 %IPv6

34 Domains

54 Subdomains

41 IPs

9 Countries

2892 kBTransfer

7549 kBSize

31 Cookies

10 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.cineman.ch Open in urlscan Pro
172.67.41.119 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

91 %
HTTPS

47 %
IPv6

34
Domains

54
Subdomains

41
IPs

9
Countries

2892 kB
Transfer

7549 kB
Size

31
Cookies

166 HTTP transactions
5 data transactions