en.kinorium.com Open in urlscan Pro
2a05:d018:a7d:900:c091:205:622e:32c4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://en.kinorium.com/122304/
Submission: On December 14 via api (December 14th 2023, 3:14:34 pm UTC) from US — Scanned from DE

Summary HTTP 155 Redirects Links 79 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 23 domains to perform 155 HTTP transactions. The main IP is 2a05:d018:a7d:900:c091:205:622e:32c4, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is en.kinorium.com.
TLS certificate: Issued by R3 on October 13th 2023. Valid for: 3 months.

This is the only time en.kinorium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a05:d018:a7d... 2a05:d018:a7d:900:c091:205:622e:32c4	16509 (AMAZON-02) (AMAZON-02)
50	2600:9000:214... 2600:9000:214f:400:a:a5bc:5040:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:209... 2600:9000:2090:3000:1:8c83:66c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:20a... 2600:9000:20ab:4a00:10:531f:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2016	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
4	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
3	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	2a0b:4d07:101::1 2a0b:4d07:101::1	44239 (PROINITY ...) (PROINITY PROINITY)
1	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.9.151.155 3.9.151.155	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	18.65.39.86 18.65.39.86	16509 (AMAZON-02) (AMAZON-02)
1	18.239.50.21 18.239.50.21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
155	39

4 2a05:d018:a7d:900:c091:205:622e:32c4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

en.kinorium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2600:9000:214f:400:a:a5bc:5040:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.kinorium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2090:3000:1:8c83:66c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

en-images.kinorium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:20ab:4a00:10:531f:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.kinorium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.121.248.44 (France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.151.155 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-86.ams1.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-21.ams58.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	kinorium.com en.kinorium.com static.kinorium.com en-images.kinorium.com images.kinorium.com — Cisco Umbrella Rank: 847045	909 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	315 KB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	141 KB
15	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 98422	47 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37721 hal900017.redintelligence.net — Cisco Umbrella Rank: 196694	227 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
3	medialead.de pv.medialead.de — Cisco Umbrella Rank: 47317	1013 B
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16316	57 KB
3	gstatic.com fonts.gstatic.com	34 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	247 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 61264	3 KB
1	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 24395	19 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49821	2 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 13930	704 B
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 128498	923 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11353	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 89	16 KB
155	23

	Domain	Requested by
50	static.kinorium.com	en.kinorium.com static.kinorium.com
13	images.kinorium.com	en.kinorium.com static.kinorium.com
12	pagead2.googlesyndication.com	static.kinorium.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	static.criteo.net	ads.eu.criteo.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	hal900017.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900017.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900017.redintelligence.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	en.kinorium.com	en.kinorium.com static.kinorium.com
3	pv.medialead.de	hal900017.redintelligence.net
3	fonts.gstatic.com	static.kinorium.com fonts.googleapis.com
3	www.googletagmanager.com	en.kinorium.com adv.office-partner.de www.googletagmanager.com
2	5994599.fls.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	region1.analytics.google.com	www.googletagmanager.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	fonts.googleapis.com	hal900017.redintelligence.net
1	track.webgains.com	googleads.g.doubleclick.net
1	www.awin1.com	hal900017.redintelligence.net
1	adv.office-partner.de	hal900017.redintelligence.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	ad.doubleclick.net	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	m.exactag.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.google.de	en.kinorium.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	i.ytimg.com	en.kinorium.com
1	en-images.kinorium.com	en.kinorium.com
155	38

This site contains links to these domains. Also see Links.

Domain
variety.com
www.nme.com
faroutmagazine.co.uk
itunes.apple.com
tv.apple.com
play.google.com
www.amazon.com
www.hulu.com
www.microsoft.com
www.vudu.com
avclub.com
ew.com
articles.philly.com
theaustralian.com.au
newspapers.com
slantmagazine.com
nytimes.com
articles.latimes.com
content.time.com
sfgate.com
theguardian.com
articles.orlandosentinel.com
newyorker.com
hollywoodchicago.com
boston.com
salon.com
nydailynews.com
usatoday30.usatoday.com
newsday.com
nymag.com
empireonline.com
hollywoodreporter.com
www.facebook.com
twitter.com
www.instagram.com
t.me
apps.apple.com

Subject Issuer	Validity	Valid
kinorium.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
adv.office-partner.de R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://en.kinorium.com/122304/
Frame ID: E8E84F4A509427A956FD6535DC0CEEE4
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 8B1DEA7FB23E52546CC020022FBCB2E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&adk=1812271804&adf=3025194257&lmt=1702566871&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871309&bpp=2&bdt=1624&idt=214&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4836837393750&frm=20&pv=2&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244
Frame ID: F7482089026913FE8D4B580AD1772909
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Frame ID: A52A4DB058CEA21307723E7D38B5A7CD
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=200&slotname=4384361045&adk=3477776749&adf=1316994944&pi=t.ma~as.4384361045&w=830&fwrn=4&lmt=1702566871&rafmt=11&format=830x200&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871312&bpp=1&bdt=1627&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=256
Frame ID: CAC4F40DC0F53D9AED0C11646D6A781E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FB39DA05B02613480AA7AB97073B8A8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0769C762846BB1719C073F6CF25EB82D
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXsb1wAKLRUKYr0IAAz_DwnEY43e4dcD5ZrAgQ&u=%7C%2B7ClG%2FX9ovdsTqyNsg%2BL4oXMZdCuPcskWKbFWhcgWTk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69FtpYrSKk1dGCG0vcuPWnULQll243SDy2gm58wO5MDsojOdIHbUFCTdajDmHqj7G9oz7fSlNxFwImen5jFMB0f0ODosvonXUwBpi1FMg3EvMplY3RFIsL03e8I6_sZz24BWdxPkBUOplLpulG-5U5WZvfXG4o6RBD6mGiwHOwyyLx9ZC1Y7uwT3EIoFvQwflF0eGjTZDIX6Lq0OKqajYIqNLkdgib0AjtUG6kjgDzcfWD0boKV_bpXBstbA0mkB7k6TLAVL5z4ybxhj_PwNP5k7YW0cT_AP92tMDkosx12yz1VtPtfxpCjVvWfR8JXxb6eejdfOddeOsQMwyYkmYk8kCUNA6r-NefAczPB3OiqGNS478dCbsUTSIGcLkcuZnyg2U3eOEjBPvRqKtMyhvYeV76i_UQT5SYZmRBXDlbI0VgKPoC9h5WtGjim2U2m0IJPPfJ4ayOieVTOcqhPB3wR8kBbFDioVxec5CAOzgbYWSZ4qjtLGlfB5mLgC2cKNV2fPwaENwBimgLm8x4kFRQ1GG2GJ0JcCB-SC39f515vtcXYlG8SgLF4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFWA81xt7ZZXaKIj6igOP_rOgCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItOTEyODAxMDkyODk5Mzg4NcgBCakCsmcvG2tJsj6oAwHIAwKqBMgBT9DG_RKPSw56GH4FlA15Nuui2iVltZZTa46SsRu4840XAMM7f0vRfhAysYzjAzo6s3pNJhSgQ-dSj8_8xu2drDDUXdk8lK5q3BTzjhrTvoAOy-o6Ll1pON6KrmTmnkYpauAl3xiiBltL3CDwI18hV9Rl-3Bt6SAdgCwfG-0nJinJZhzW2tWOps0sJHO5RcU5XqudNVUhQyunq-2bIxKlS2TcXcw8hXMay88Jgdzvz22ypkbwTLwYeC09C7Kq3WUomY8sUFLIiOSABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYt-_Z7JuPgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lKtbLx8uTi2Od2dq1_adFtrbjEQ%26client%3Dca-pub-9128010928993885%26adurl%3D
Frame ID: 26D4F3574FEB76546F0418E537C3E4B9
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUYc-r-pO1rcIfZaIGv1nquuDv2YrG0zVstrVY7QNiqoVqAnAUulF5LM89b5IPN7xsRBdJ8FmX6Zw8R5WJg9gqWrEYhcr73oPvK8Ud6BKAIMdxSFQkW9t_p_Yd0dSyRjxZfRULr-p-qsSouicizOHQiugskVfViW6KWFR07WyUIOkOg6j4
Frame ID: A895ED3EB5A2CEC82D8EF6338DBC1EEC
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A6CE9B1D4E6906627144D78C55B35F96
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46327500106537404444978012538017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: A2ACB8EC31EE007A7AB7021AF7E594B3
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 40FF05258B82B23C1FF0468522647C37
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412
Frame ID: E7482CF2405094117443D7AD982C821A
Requests: 2 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Frame ID: 4CD2774B5E90A786D14855AD6DE36B3D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Sopranos (series, 1999 – 2007)

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

Page Statistics

155
Requests

97 %
HTTPS

63 %
IPv6

23
Domains

38
Subdomains

39
IPs

9
Countries

2156 kB
Transfer

5559 kB
Size

28
Cookies

79 Outgoing links

These are links going to different origins than the main page.

URL: https://variety.com/2023/film/news/suzanne-shepherd-dead-the-sopranos-1235801264/
Title: Suzanne Shepherd, ‘The Sopranos’ and ‘Goodfellas’ Actor, Dies at 89

Search URL Search Domain Scan URL

URL: https://www.nme.com/news/tv/the-sopranos-actress-joined-onlyfans-after-anti-vaxxer-comments-cost-her-work-3498525
Title: 'The Sopranos' actress joined OnlyFans after anti-vaxxer comments cost her work

Search URL Search Domain Scan URL

URL: https://faroutmagazine.co.uk/sopranos-star-michael-imperioli-defends-ex-smiths-frontman-morrissey/
Title: ‘Sopranos’ star Michael Imperioli defends ex-Smith’s frontman Morrissey

Search URL Search Domain Scan URL

URL: https://www.nme.com/news/tv/the-sopranos-star-michael-imperioli-defends-morrissey-i-still-give-him-the-benefit-of-the-doubt-3481265
Title: 'The Sopranos' star Michael Imperioli defends Morrissey: "I still give him the benefit of the doubt"

Search URL Search Domain Scan URL

URL: https://www.nme.com/news/tv/michael-imperioli-forbids-bigots-homophobes-from-watching-the-sopranos-white-lotus-3464052
Title: Michael Imperioli "forbids bigots and homophobes" from watching 'The Sopranos' and 'The White Lotus'

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/movie/id809079649/?at=1000lGne

Search URL Search Domain Scan URL

URL: https://tv.apple.com/us/show/unknown/umc.cmc.7fvpbc4pqotnxhpx36c739tyd

Search URL Search Domain Scan URL

URL: https://play.google.com/store/tv/show/details/?id=SjW4bugoK4M&gl=US

Search URL Search Domain Scan URL

URL: https://www.amazon.com/dp/B006GLM6JA/

Search URL Search Domain Scan URL

URL: https://www.hulu.com/series/the-sopranos-4e03024d-2f23-423a-934c-23adf1e62fe9

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/p/-/8d6kgwzlcx11

Search URL Search Domain Scan URL

URL: https://www.vudu.com/content/movies/details/id/271886

Search URL Search Domain Scan URL

URL: http://avclub.com/tvclub/the-sopranos-the-sopranos-41724
Title: AV Club

Search URL Search Domain Scan URL

URL: http://ew.com/ew/article/0,,348216,00.html
Title: Entertainment Weekly

Search URL Search Domain Scan URL

URL: http://articles.philly.com/2001-03-04/entertainment/25327563_1_family-affair-mafia-family-family-life
Title: articles.philly.com

Search URL Search Domain Scan URL

URL: http://ew.com/ew/article/0,,280051,00.html
Title: Entertainment Weekly

Search URL Search Domain Scan URL

URL: https://theaustralian.com.au/arts/review/coronavirus-taking-hold-heres-some-tv-to-watch-in-isolation/news-story/4a3344332034cb679a083d516bed710d
Title: The Australian

Search URL Search Domain Scan URL

URL: http://variety.com/2000/tv/reviews/the-sopranos-6-1117775557/
Title: Variety

Search URL Search Domain Scan URL

URL: http://ew.com/ew/article/0,,595424,00.html
Title: Entertainment Weekly

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75368336/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://slantmagazine.com/dvd/review/the-sopranos-the-complete-fifth-season
Title: Slant Magazine

Search URL Search Domain Scan URL

URL: http://nytimes.com/2001/03/02/movies/tv-weekend-sopranos-blood-bullets-and-proust.html?pagewanted=all&src=pm
Title: New York Times

Search URL Search Domain Scan URL

URL: https://theaustralian.com.au/arts/review/the-ultimate-tv-binge-list/news-story/685518444fc53d5d6265414777f10cea
Title: The Australian

Search URL Search Domain Scan URL

URL: http://articles.latimes.com/2001/mar/02/entertainment/ca-32063
Title: articles.latimes.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75356777/sopranos-season-one-1/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://content.time.com/time/magazine/article/0,9171,990006,00.html
Title: content.time.com

Search URL Search Domain Scan URL

URL: http://sfgate.com/entertainment/article/It-s-back-and-ready-to-shatter-your-idea-of-what-2813425.php
Title: SFGATE

Search URL Search Domain Scan URL

URL: http://avclub.com/tvclub/the-sopranos-mr-ruggerios-neighborhood-47029
Title: AV Club

Search URL Search Domain Scan URL

URL: http://avclub.com/tvclub/the-sopranos-watching-too-much-television-55809
Title: AV Club

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75366676/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75366910/sopranos-season-one-2/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://variety.com/2004/tv/reviews/the-sopranos-10-1200534772/
Title: Variety

Search URL Search Domain Scan URL

URL: https://theguardian.com/media/2000/oct/13/tvandradio.television2
Title: The Guardian

Search URL Search Domain Scan URL

URL: http://ew.com/ew/article/0,,275166,00.html
Title: Entertainment Weekly

Search URL Search Domain Scan URL

URL: http://articles.orlandosentinel.com/2001-03-04/entertainment/0102280467_1_sopranos-livia-tony
Title: articles.orlandosentinel.com

Search URL Search Domain Scan URL

URL: http://avclub.com/tvclub/the-sopranos-guy-walks-into-a-psychiatrists-office-43261
Title: AV Club

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/71979938/the-sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://newyorker.com/magazine/1999/03/29/the-hit-mans-burden
Title: New Yorker

Search URL Search Domain Scan URL

URL: http://hollywoodchicago.com/news/9478/blu-ray-review-first-season-of-hbo-s-the-sopranos-comes-to-hd
Title: HollywoodChicago.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75368078/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://variety.com/1999/tv/reviews/the-sopranos-4-1200456522/
Title: Variety

Search URL Search Domain Scan URL

URL: https://theguardian.com/culture/1999/apr/27/artsfeatures2
Title: The Guardian

Search URL Search Domain Scan URL

URL: http://nytimes.com/2000/01/14/movies/tv-weekend-the-ziti-s-in-the-oven-and-the-matriarch-s-still-not-dead.html
Title: New York Times

Search URL Search Domain Scan URL

URL: http://boston.com/ae/tv/articles/2004/06/08/season_ends_strongly_for_sopranos/
Title: Boston.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75367855/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75369049/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://articles.latimes.com/2000/jan/14/entertainment/ca-53800
Title: articles.latimes.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75360243/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://salon.com/2002/12/10/sopranos_7/
Title: Salon.com

Search URL Search Domain Scan URL

URL: http://nydailynews.com/archives/entertainment/sopranos-ii-hail-gang-brilliant-season-opener-series-edge-article-1.870310
Title: New York Daily News

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75361105/sopranos-season-one-1/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://ew.com/ew/article/0,,274127,00.html
Title: Entertainment Weekly

Search URL Search Domain Scan URL

URL: http://usatoday30.usatoday.com/life/television/2001-03-02-sopranos-review.htm
Title: usatoday30.usatoday.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75368572/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://theguardian.com/media/1999/jul/16/tvandradio.television4
Title: The Guardian

Search URL Search Domain Scan URL

URL: https://newsday.com/entertainment/columnists/verne-gay/the-sopranos-season-1-the-best-of-the-best-1.5621509
Title: Newsday

Search URL Search Domain Scan URL

URL: http://nymag.com/nymetro/arts/tv/reviews/309/
Title: New York Magazine/Vulture

Search URL Search Domain Scan URL

URL: http://articles.latimes.com/1999/jan/08/entertainment/ca-61442
Title: articles.latimes.com

Search URL Search Domain Scan URL

URL: https://empireonline.com/tv/sopranos-series-5/
Title: Empire Magazine

Search URL Search Domain Scan URL

URL: http://variety.com/2001/tv/reviews/the-sopranos-7-1200467553/
Title: Variety

Search URL Search Domain Scan URL

URL: http://sfgate.com/entertainment/article/HIGH-DRAMA-HBO-s-Sopranos-returning-after-a-2770909.php
Title: SFGATE

Search URL Search Domain Scan URL

URL: http://avclub.com/tvclub/the-sopranos-two-tonys-61392
Title: AV Club

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75360484/sopranos-season-one-pjs-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75359468/sopranos-season-one-1/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: http://nymag.com/nymetro/arts/tv/reviews/n_9949/
Title: New York Magazine/Vulture

Search URL Search Domain Scan URL

URL: http://boston.com/ae/tv/articles/2007/06/08/postmodern_laughs_from_the_mob/
Title: Boston.com

Search URL Search Domain Scan URL

URL: http://boston.com/ae/tv/articles/2007/06/08/bada_bing/?page=full
Title: Boston.com

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/75368701/sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://newspapers.com/clip/71979615/the-sopranos-season-one/
Title: Detroit Free Press

Search URL Search Domain Scan URL

URL: https://hollywoodreporter.com/news/sopranos-first-episodes-thrs-1999-815890
Title: Hollywood Reporter

Search URL Search Domain Scan URL

URL: http://usatoday30.usatoday.com/life/television/reviews/2004-03-04-sopranos-review_x.htm
Title: usatoday30.usatoday.com

Search URL Search Domain Scan URL

URL: http://nymag.com/nymetro/arts/tv/reviews/n_7678/
Title: New York Magazine/Vulture

Search URL Search Domain Scan URL

URL: http://nytimes.com/1999/01/08/movies/tv-weekend-no-horse-heads-but-plenty-of-prozac.html
Title: New York Times

Search URL Search Domain Scan URL

URL: http://articles.orlandosentinel.com/2000-01-16/entertainment/0001130428_1_tony-soprano-hbo-david-chase
Title: articles.orlandosentinel.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kinorium/

Search URL Search Domain Scan URL

URL: https://twitter.com/kinorium/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kinorium/

Search URL Search Domain Scan URL

URL: https://t.me/kinoriumRu/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id1093171715

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1&C=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXsb2G.ZU9LW-6WGavM5ugAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFggqoVGov6KVXCpWThmfc&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELS0-PVeO4FEgc7lf3GdmNE&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELS0-PVeO4FEgc7lf3GdmNE%26google_cver%3D1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1NDk0MzE2MTkyMjc3MzY4OA%3D%3D

Request Chain 132

https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 143

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412

155 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
en.kinorium.com/122304/ 396 KB
51 KB 229ms
139ms Document
text/html 2a05:d018:a7d:900:c091:205:622e:32c4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://en.kinorium.com/122304/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d018:a7d:900:c091:205:622e:32c4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

901a8d40374a82e48a6a2d56092573de058cd125465a2f231847fe457b2c132a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Dec 2023 15:14:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cached-getcollections: 1
x-cached-getcritics: 1
x-cached-getepisodes: 1
x-cached-getmovie: 1
x-cached-getnews: 1
x-cached-getstatuslist: 1
x-cached-longreadgetlist: 1
x-frame-options: sameorigin

GET
H2 200 style-default.css
static.kinorium.com/css/min/ 489 KB
70 KB 144ms
39ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5512cff3f512c7ea415f25ad15702cd8f6997f9e7d574d38c6d0f3230b9a47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 10:57:22 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 620228
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 07 Dec 2023 10:57:20 GMT
server: AmazonS3
etag: W/"b4910290b41a4065f31ba38f5bd0abbe"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: wpXhxeHxOZbS22Ikg9Y_TuYe0KqiSGySGsTqKEwDwBCbW_lthMfiBQ==
expires: Mon, 07 Dec 2043 10:57:19 GMT

GET
H2 200 vendor.min.js Show response
static.kinorium.com/js/min/ 239 KB
72 KB 128ms
24ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/vendor.min.js?1699411195
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f108a424fda33d712afd5a5a1fb7f570ac890da75e088b29ba673206a053b2ec

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:15:48 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 464322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 09:41:51 GMT
server: AmazonS3
etag: W/"17efdd37ad1bae661632e1a51bbe4afa"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: fUcRHdmwiURUISETcKmFOoIsOfuyMpejnZ0dUBpjB041K1fcSKHkDA==
expires: Sun, 01 Nov 2043 09:41:50 GMT

GET
H2 200 vendor.defer.min.js Show response
static.kinorium.com/js/min/ 47 KB
16 KB 165ms
60ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/vendor.defer.min.js?1699411195
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 548679803a40e0ba4797672744797e83ae45be115f9a1cfb6c8ca1e09b055a85

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 14:12:43 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 2250107
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 02:40:37 GMT
server: AmazonS3
etag: W/"bcf582ceac003d93117a299c8568da0c"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: Ww0AkqqGzKX1HyuRjvjtvQv9FhiUpkuJkYQTr2ojScRnvZtOaXzjhQ==
expires: Sun, 08 Nov 2043 02:40:36 GMT

GET
H2 200 knrm.min.js Show response
static.kinorium.com/js/min/ 131 KB
36 KB 168ms
63ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/knrm.min.js?1702065488
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d44564bdc6dba996fd900df192cce4141574f60136e7f475430faff41f61eee0

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:58:24 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 501366
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 08 Dec 2023 19:58:20 GMT
server: AmazonS3
etag: W/"11ea3ba75d0074cb0ba0aca460236902"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: F-PzvSBVGBQ33VKoo0yYq0ohyvl8aP-HwoUZpZpHSE_4DJAhjk7V2Q==
expires: Tue, 08 Dec 2043 19:58:19 GMT

GET
H2 200 knrm.defer.min.js Show response
static.kinorium.com/js/min/ 131 KB
35 KB 158ms
54ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/knrm.defer.min.js?1702465713
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6072bb32a0fc19c7a8dcebeedb13fbc04ea4595482e89308a6037424e7ef8ce

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:09:34 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 101096
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 13 Dec 2023 11:09:29 GMT
server: AmazonS3
etag: W/"44d33078ec7cd1b30f76582aed0a79c1"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: i8gnr76ZwH82Cy2bdsjNgUNgZpdLvwQt8TxCvQ5QFKSRSFyu_EKh_g==
expires: Sun, 13 Dec 2043 11:09:28 GMT

GET
H2 200 jsMessages.en.js Show response
static.kinorium.com/js/min/ 20 KB
7 KB 162ms
58ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/jsMessages.en.js?1698831683
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fecee51c93d69e7b5d299ab1a4127e9c394eda083384420e314ad0e100027603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 04:52:50 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 1074100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 30 Oct 2023 06:24:31 GMT
server: AmazonS3
etag: W/"fde5b56e01a22875b681f93aa7929433"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: gGnhNwLMsBe9lpzWxjgyWK8Onkv1dauB7xTsBA5CjgB-kQ5Q1-X0Qg==
expires: Fri, 30 Oct 2043 06:24:30 GMT

GET
H2 200 utils.checkEpisode.js Show response
static.kinorium.com/js/min/pages/ 4 KB
2 KB 152ms
48ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/pages/utils.checkEpisode.js?1701767571
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5de4adcc0b0d0f1f9cd7b89c4db40a96f8a0a4b185cc643e528f6f1312a59a0b

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 09:13:54 GMT
content-encoding: br
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 799235
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Nov 2023 09:41:57 GMT
server: AmazonS3
etag: W/"e397b0555019bceb722b07ed8df9b871"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: DmXnghNIpdnq1R0_7WY2CnyTn9rhvUhRsQSmuf34aX-kxrYotE_osg==
expires: Sun, 01 Nov 2043 09:41:56 GMT

GET
H2 200 pages.movie.js Show response
static.kinorium.com/js/min/pages/ 21 KB
7 KB 151ms
47ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/pages/pages.movie.js?1701682097
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a72ad863ce362b02a5fe37d95143cc4288af7b4ef8e1323cbdbca7b68013e94

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 09:31:21 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 884589
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 04 Dec 2023 09:31:15 GMT
server: AmazonS3
etag: W/"0ee3dfeda3048295b390a9efd2a33161"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: 6RJwTPOlYqQL5qrkNcNM-jlejEtF6k3jAPL_qkgeKYWlMx-K-QNGMw==
expires: Fri, 04 Dec 2043 09:31:14 GMT

GET
H2 200 film-default.css
static.kinorium.com/css/min/pages/film/ 124 KB
21 KB 127ms
22ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd9c8d039c49e02157156491ed45e92d76190ae8d5b551fdb48026d9515bf01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:04 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 206726
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:55 GMT
server: AmazonS3
etag: W/"db6c2ce62af5e16b69dfa34878be64c9"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: Zs4PIAcWB_1GTchHLv_Fbb83uED9H1JrqIzzDYy8s1wL240um29JMg==
expires: Sat, 12 Dec 2043 05:48:54 GMT

GET
H2 200 serial-default.css
static.kinorium.com/css/min/pages/film-serial/ 45 KB
9 KB 136ms
32ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/film-serial/serial-default.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eff3d992b335d5a733a153cd414c8de3d6a93c21b45c2c47407ba5f36eda6e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:06 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 206724
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:53 GMT
server: AmazonS3
etag: W/"594e8b28221600ad63121ea6435f3edb"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: qBYSomf4AEUBs9_L74DWPJCi3KY8ZD7aFtRDTDriWeDkYGRwd1XZHQ==
expires: Sat, 12 Dec 2043 05:48:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
93 KB 71ms
27ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VXCE1FJD6

Requested by

Host: en.kinorium.com
URL: https://en.kinorium.com/122304/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f01634856533753ab3e71b2a20ab8ec9ca62b99ef0e4f5bdd5c5eacb3376058e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 15:14:29 GMT

GET
H2 200 logo_black_en.svg
static.kinorium.com/img/svg/ 4 KB
3 KB 150ms
56ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/logo_black_en.svg?v=1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a25bc328e32e8641e66360d548e8ce46dc2ed397b78d723d9b8433c562197768

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 19:07:30 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 8366820
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a25bc328e32e8641e66360d548e8ce46dc2ed397b78d723d9b8433c562197768
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:39 GMT
server: AmazonS3
etag: W/"e3a202fdb95408d973dfabca86bd73d7"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: oqy9pNKLAfMVzucxAI9Kv4oZMp3dRr34m4u9pxQldFBLdJGCEfmFFA==
x-amz-meta-s3b-last-modified: 20230309T040714Z

GET
H2 200 pages.feed.js Show response
static.kinorium.com/js/min/pages/ 50 KB
12 KB 50ms
50ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/min/pages/pages.feed.js?1699434197
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d942927a0d60915afc0ab5dbc4306d1f8250b4ac60f681d0e6ed59f24e9cce

Request headers

Referer: https://en.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:16:40 GMT
content-encoding: gzip
via: 1.1 e0064d0a2437e206ed082e1fa1cdae60.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 536270
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 08 Nov 2023 09:04:52 GMT
server: AmazonS3
etag: W/"88b0487def8aa8fbc8e1525a649a92c6"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-id: g-xf-qkHahzmxKzw43EFwLdhBRkmMQgbHadQIuv9YNYYTIOtYwqETQ==
expires: Sun, 08 Nov 2043 09:04:51 GMT

GET
H2 200 pages.counter.js Show response
en.kinorium.com/js/ 166 B
430 B 46ms
46ms Script
application/javascript 2a05:d018:a7d:900:c091:205:622e:32c4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://en.kinorium.com/js/pages.counter.js?1702566869en

Requested by

Host: en.kinorium.com
URL: https://en.kinorium.com/122304/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d018:a7d:900:c091:205:622e:32c4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e0076b3be2b4a2e9832bc1ab2bcd60a4648d5f54c4504f2a2fb631be7ee5ee28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/122304/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: cache
date: Thu, 14 Dec 2023 15:14:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
expires: Sat, 13 Jan 2024 18:14:29 +0300

GET
H2 200 122304.jpg
en-images.kinorium.com/movie/300/ 113 KB
113 KB 308ms
203ms Image
image/jpeg 2600:9000:2090:3000:1:8c83:66c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://en-images.kinorium.com/movie/300/122304.jpg?1695786362
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2090:3000:1:8c83:66c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2394f03e05bb76c28fbfed83a240b284e5cc0ad63be65e5a5d101339f89e7e13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:30 GMT
x-amz-version-id: null
via: 1.1 a6f8e4a6d80386054febd47005eabaca.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 115298
last-modified: Wed, 27 Sep 2023 03:46:01 GMT
server: AmazonS3
etag: "8ae434bd118aec9af0d422a652d24119"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 5d1qGGWKY7kIy9JwG9JuoykAQpnME5NLs1zPt9EDaEA9h-xkCbSG3g==
expires: Sun, 27 Sep 2043 03:46:00 GMT

GET
H2 200 w700_3442886.jpg
images.kinorium.com/movie/poster/122304/ 116 KB
117 KB 125ms
30ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/poster/122304/w700_3442886.jpg
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b9e7c8a0bfc9270393f8f3e314dcf08dd30a84aede2dc569c9d98515c752aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 29948
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 119024
last-modified: Tue, 23 Nov 2021 10:50:17 GMT
server: AmazonS3
etag: "6bd0d8288d9418b935cdb00692add0ec"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: uec43QPot_JPlaVG8bk7QFZhf7zSkh8kTVvyg9Jyf2825Gvch8g5Sw==
expires: Sat, 23 Nov 2041 10:50:15 GMT

GET
H2 200 blank100.png
static.kinorium.com/img/ 975 B
1 KB 41ms
41ms Image
image/png 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/blank100.png
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cb6d3c3f8a8abe4494d58e06becd148ce6cd558cedfb5dc32f2f558865e5c25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 06:13:16 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 9709274
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 1cb6d3c3f8a8abe4494d58e06becd148ce6cd558cedfb5dc32f2f558865e5c25
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 975
last-modified: Wed, 01 Mar 2023 16:53:01 GMT
server: AmazonS3
etag: "622e3e5db2eb7e15a9dba92e7fc88c09"
content-type: image/png
cache-control: max-age=40000000
accept-ranges: bytes
x-amz-cf-id: mPjyYsCAvNVqbwinPGFTkvQt35AYGn_GjQ0-WVIRfG7IS5OTchzbKg==
x-amz-meta-s3b-last-modified: 20220126T074152Z

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/2X4UhSPA5d4/ 16 KB
16 KB 74ms
28ms Image
image/jpeg 2a00:1450:4001:831::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/2X4UhSPA5d4/hqdefault.jpg

Requested by

Host: en.kinorium.com
URL: https://en.kinorium.com/122304/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db8007192949a24b74fc94dc1d3508f5b6518451ccba850bd9f91285d5d7588

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15945
x-xss-protection: 0
server: sffe
etag: "1510777226"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 14 Dec 2023 17:14:29 GMT

GET
H2 200 h280_49239245.jpg
images.kinorium.com/movie/shot/122304/ 23 KB
24 KB 171ms
79ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49239245.jpg?21620174532
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 34eb47d75ca593868c189a5df27344b50305536934ccd19f2783cb7e9df02dd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:02:00 GMT
x-amz-version-id: null
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 79950
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 23823
last-modified: Tue, 19 Oct 2021 05:40:17 GMT
server: AmazonS3
etag: "fa1142652f56c187be5eec00f6d49597"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: 3e-roC7XUVeLXhPBFQoA9jCNlKYDE4gT9Ku6MDtskRWefozkW-7goA==
expires: Sat, 19 Oct 2041 05:40:16 GMT

GET
H2 200 h280_49236938.jpg
images.kinorium.com/movie/shot/122304/ 19 KB
19 KB 176ms
84ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49236938.jpg?21620164457
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a5dcfc2d59b02ed2153b616d609c35098fd652684c0b4e57531331ef9d360fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 29948
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 19382
last-modified: Tue, 19 Oct 2021 05:30:51 GMT
server: AmazonS3
etag: "6960caa17321240954ad53e1ea8bd9f2"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: Laq7O9R206dwCjyyQRrTkUnCMl1FWGCE60sXIhWbI4KI9erlJdiQvQ==
expires: Sat, 19 Oct 2041 05:30:50 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 76ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5VXCE1FJD6&gtm=45je3bt0v884473161&_p=1702566869907&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1812531977.1702566870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=&sid=1702566869&sct=1&seg=0&dl=https%3A%2F%2Fen.kinorium.com%2F122304%2F&dt=The%20Sopranos%20(series%2C%201999%20%E2%80%93%202007)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.locale=en_en&ep.theme=default&tfd=466
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VXCE1FJD6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.kinorium.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
245 B 105ms
28ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5VXCE1FJD6&cid=1812531977.1702566870&gtm=45je3bt0v884473161&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VXCE1FJD6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.kinorium.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 120ms
44ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-5VXCE1FJD6&cid=1812531977.1702566870&gtm=45je3bt0v884473161&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1801806136

Requested by

Host: en.kinorium.com
URL: https://en.kinorium.com/122304/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
en.kinorium.com/handlers/Counter/ 15 B
499 B 58ms
58ms XHR
application/json 2a05:d018:a7d:900:c091:205:622e:32c4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://en.kinorium.com/handlers/Counter/?obj_type=movie_all&obj_id=122304

Requested by

Host: static.kinorium.com
URL: https://static.kinorium.com/js/min/vendor.min.js?1699411195

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d018:a7d:900:c091:205:622e:32c4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ff9c534d8448cd26fb0c3076ac8e5b6fcf4d3537e8d4a5249e4bec6d56664582

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
X-Token-secret: 4db6b4f93bb90fabd643a3e0b7c25901
Referer: https://en.kinorium.com/122304/
X-Requested-With: XMLHttpRequest
X-Token-209e4a5811d6bd45ae20d01adc4b963a: 5c0cef7e5058671560a72936a7423dae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 icon_32_popup_close.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_popup_close.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b32dca558c2a6a54b7dc0c981aaa8f624e662c1af726a60249a33427514b1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Sep 2023 04:04:20 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 6693010
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4b32dca558c2a6a54b7dc0c981aaa8f624e662c1af726a60249a33427514b1e1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:27 GMT
server: AmazonS3
etag: W/"04f9b5621b7e1e0ac5632ae7cbe2d3bf"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: _Xp1MPvuO37QSvrtDP0xObsOR_iM3HJWWS-wYlUcvJpJhja_C7FQzA==
x-amz-meta-s3b-last-modified: 20230309T040705Z

GET
H2 200 logo_en_white.svg
static.kinorium.com/img/svg/theme-dark/ 4 KB
3 KB 22ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/theme-dark/logo_en_white.svg?v=7
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fda1a51991aee542908f6383668bb83e36d10cf230de582048cdd75e0d34073

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:52:01 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819749
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 0fda1a51991aee542908f6383668bb83e36d10cf230de582048cdd75e0d34073
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:26:48 GMT
server: AmazonS3
etag: W/"c689eb9f5e659dbc332841a61e6ed3ae"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 708lmPVheQDz_thKuHyia3FoCPeq8cRzwJr8bkvi2uMHNVTfkp_v2w==
x-amz-meta-s3b-last-modified: 20220305T082752Z

GET
H2 200 icon_32_search_top.svg
static.kinorium.com/img/svg/ 1 KB
1 KB 23ms
23ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_search_top.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8745f156898e699b4b6eccbf933ef11afbf43b72ececa1168217a62c6b7bbde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:26 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819904
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3d4166b82388d0f0a792d184965c955d35d4e88e02377a7b9b502da2dd90f5b1
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 511
last-modified: Wed, 01 Mar 2023 17:25:41 GMT
server: AmazonS3
etag: "d0e7b34ca28556590273577773e01151"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: -TCzXjl8_ckXQ955d7PoojJmD-RwuCOxof0quJGbQn8eQ07N8hcf3A==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 icon_50_top500_en.svg
static.kinorium.com/img/svg/ 9 KB
4 KB 26ms
26ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_50_top500_en.svg
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2b7c4399720d9aa1e237eb778f419b01ff48f21f149d958b331ab506d9f8c51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:18:00 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7869390
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: f2b7c4399720d9aa1e237eb778f419b01ff48f21f149d958b331ab506d9f8c51
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:37 GMT
server: AmazonS3
etag: W/"7393b144692c922290687fd33566ef84"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: Jt7KNOPpaVGlH8InavIutnTKXlo9O9XRcMHfGYJl6WBlJHVLM3sxVA==
x-amz-meta-s3b-last-modified: 20230309T040712Z

GET
H2 200 icon_32_status.svg
static.kinorium.com/img/svg/ 23 KB
4 KB 27ms
26ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_status.svg?22
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36a7ebcc3a9eebdf6a753d1f944428095535389870d8cae7af48d5903e845e8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 09:30:41 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 21707029
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 083ffa709793b113e8e4c4beca6f6e08d4f1c38b99e95ae4a877c55cf98ba498
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
x-amz-meta-server-side-encryption: AES256
last-modified: Fri, 07 Apr 2023 04:14:08 GMT
server: AmazonS3
etag: W/"4a0d333e1c645067cd4c10a4330423ec"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: K6l-J3PTMe7iVhKOmzSLJzBuo-GX2bA9QIaMmuSFo00Rs2QRHTZwXA==
x-amz-meta-s3b-last-modified: 20230309T040708Z

GET
H2 200 icon_32_folders.svg
static.kinorium.com/img/svg/theme-dark/ 44 KB
7 KB 28ms
27ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/theme-dark/icon_32_folders.svg?10
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0dbc3dd01f0bb12546749246b577724240208eafe0a9411809e5af7b72684f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:44 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819885
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 317768ee6173dfb0747298eed5ab2dd04cd30e90a3d43a80f080b64466521bd8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:26:39 GMT
server: AmazonS3
etag: W/"5424b01ce055382137a8843ea0156e5c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=180000000
x-amz-meta-version-id: null
x-amz-cf-id: 9g0q8tAtQ1yoNmSerfRzdkt7aNhXOZ1bT0SCnzeQpbH-tLmPtKpYIA==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 icon_32_set2.svg
static.kinorium.com/img/svg/ 34 KB
8 KB 29ms
28ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_set2.svg?v=1
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a442681cc0509b31738c9c2a91366425732258ad6657356955ac580e968149f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:30:29 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7415041
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a442681cc0509b31738c9c2a91366425732258ad6657356955ac580e968149f8
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:31 GMT
server: AmazonS3
etag: W/"f6d0d4ad613077a5c8d2008353aa8b1f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: QZqcpJvjD5RBAAW-F-K8k01p_yDpTdEAlWraUmjvDk7CWLqlaKeRwQ==
x-amz-meta-s3b-last-modified: 20230309T040707Z

GET
H2 200 icon_60_award_2.svg
images.kinorium.com/awards/ 17 KB
7 KB 33ms
32ms Image
image/svg+xml 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/awards/icon_60_award_2.svg?v=1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6320a868c7fd7306d37f87abc74e367bff7026d9edcc092e157d9a3dbc813a91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 22:17:32 GMT
last-modified: Wed, 26 Sep 2018 10:36:26 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 61018
etag: W/"69c0bb81c8e0ef884e0e4c3e7ecb3c25"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: v1ZoRxBMcaRugIKpzb5bCYJ-8pFVj8VVdYlUj_q36-pFTMy5s0qdZQ==
x-amz-meta-s3b-last-modified: 20180926T100356Z

GET
H2 200 icon_60_award_9.svg
images.kinorium.com/awards/ 13 KB
5 KB 33ms
32ms Image
image/svg+xml 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/awards/icon_60_award_9.svg?v=1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc2a92d70ca410b542613d3ff61fcfc55db45b84c5cf232420529bd392582145

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 05:50:46 GMT
last-modified: Wed, 26 Sep 2018 10:36:27 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 35768
etag: W/"5e39ce34ccf4588d9421ae3a0ddfd9fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: sJ7VtuT16SQvVXhOkvuyrWJONUvuuBr0XI-O5AVmt_-N71R75IpGzg==
x-amz-meta-s3b-last-modified: 20180926T100356Z

GET
H2 200 icon_32_chain.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 40ms
39ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_chain.svg?v=3
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 94def55c3b37c88ab1f26da81ca8a7c7ea07601ec1786f58ff360281a32bc91e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 07 Oct 2023 08:16:13 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 5900297
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 94def55c3b37c88ab1f26da81ca8a7c7ea07601ec1786f58ff360281a32bc91e
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:20 GMT
server: AmazonS3
etag: W/"401be96444eeddc81f9a8387a358dab0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: ICfzjeSanuDTlf8zqDS4_EIWZo3qnx2eZyBCYYShss4pF7qHpDZ65w==
x-amz-meta-s3b-last-modified: 20230309T040700Z

GET
H2 200 rating.svg
static.kinorium.com/img/svg/ 18 KB
4 KB 29ms
27ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/rating.svg?3
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7c2ac19da0222f11577612ea5a4d7a15994ec806aa51751f2b50f313984e8d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:26 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819904
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 59666e89e936a8d5b617375c6fcd0465ed5fbe24ae29e22e1befcd4d0108fb4e
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3424
last-modified: Wed, 01 Mar 2023 17:26:20 GMT
server: AmazonS3
etag: "11a7ce5855c444bc851de7bdf6c43866"
content-type: image/svg+xml
cache-control: max-age=180000000
x-amz-meta-version-id: null
accept-ranges: bytes
x-amz-cf-id: pSINSFPKtB9rYrmgWwhBI9qwd5XUawfbT2E-hfc4Dt3gqX349hFiMA==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 calendar.svg
static.kinorium.com/img/svg/ 3 KB
1 KB 30ms
29ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/calendar.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c44efa7a986af8b6351c9668f9a1556f95368849ffdae211217db367f0ab8139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:27 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819903
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: d37d94ff3fc9bafc7e63b9ca21fdc933f8b710d97f37cff917adfdb5cadf8b9f
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 850
last-modified: Wed, 01 Mar 2023 17:20:54 GMT
server: AmazonS3
etag: "1ad030c3a0f012edc7af699262847f75"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: 6HQIB0jLrgMFcbGBzsaovpP03G4C-jDAGxjW_VZYB0eT4DlznzJohA==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 plus_minus.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 30ms
30ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/plus_minus.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c98567e8764a5cbc63f7ec10087d36afcba7f7259e2eb5f7c7fcabcdd4129210

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:27 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819903
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 217fe89cfda8f4b5f569073ab4cbcac173ef2095343d130c59bbb4734bb9b5aa
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 732
last-modified: Wed, 01 Mar 2023 17:26:18 GMT
server: AmazonS3
etag: "ae51dd4376152d7d9a42f545a7c5c30f"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: 7TWexMgNWVet0qUAvu7JSCSMZoeOjyPeQDR1TsvfPNdi8UXw6tlv6A==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 icon_32_social_share2.svg
static.kinorium.com/img/svg/ 39 KB
6 KB 31ms
31ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_social_share2.svg?v=3
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2ea949820658f514a45b060f1ea1164f3c4f45c82df88f66745910a726eb62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:22:05 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jun 2023 04:07:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 31954
x-amz-server-side-encryption: AES256
etag: W/"7171f46a523eda87f1008346630332c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-storage-class: STANDARD_IA
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QJ5HbjCVkg4TIt0H7qrM2TCQ15SlTcQe644ggdeGokBeS3U6MU3lFA==

GET
H2 200 vod_en.svg
static.kinorium.com/img/svg/ 34 KB
15 KB 41ms
40ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/vod_en.svg?26
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 21017baa8fb3324c3b03e620de78a425286cdfc35bff1bc1953af833ce57cef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:42:39 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 10179111
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 21017baa8fb3324c3b03e620de78a425286cdfc35bff1bc1953af833ce57cef2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:59 GMT
server: AmazonS3
etag: W/"9b71447797eb0c98e77514322579444f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: Be_U5oQHKLkwLpL8sRa2dfgVys58-lScVgiXo01jXLZ02x5P72U1Pw==
x-amz-meta-s3b-last-modified: 20230309T040721Z

GET
H2 200 icon_32_clock.svg
static.kinorium.com/img/svg/ 1 KB
1 KB 39ms
38ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_clock.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5def959d9364a3ff275790015fba671fa3ae38f76628c0692c3bcc9d3f06cf0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:40 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819890
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 881750aa9799dcc2d2f715dd3a26c97123b6ec45a74ade139aafb9916a41fcb9
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 535
last-modified: Wed, 01 Mar 2023 17:25:13 GMT
server: AmazonS3
etag: "de6c9f5080f61e992730e441f577d87a"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: l6w-QywgZLM48Tm7nvCwdXqUcTcNt9ydUA8NQ-FBF6WkGXo0o9SBZQ==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 icon_award_2.svg
images.kinorium.com/awards/ 15 KB
6 KB 33ms
33ms Image
image/svg+xml 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/awards/icon_award_2.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film-serial/serial-default.css?1702360065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f907499516b0801e55a1202a06a5df6cee4eec6ec858977ff34175d75ab4c07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 23:55:59 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Tue, 01 Oct 2019 09:52:47 GMT
server: AmazonS3
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
etag: W/"9083e379d76b1f2d7761bae635d72e76"
age: 55111
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: r6vS0ai4Q1QTRZBSdKKrYKlMp_l9fYCphKcwbYFhyLT48DsPLondng==

GET
H2 200 icon_youtube.svg
static.kinorium.com/img/svg/ 5 KB
1 KB 40ms
39ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_youtube.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33131b9c88baaa67b0533cc7390f1f02f03b00bb30ef3855cae16b2cfede048d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:26 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24819904
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 204bcedd997c97e896b21f5ff5e8c4c738837b56536129d82c3c7b0afcb0b5bd
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 942
last-modified: Wed, 01 Mar 2023 17:26:03 GMT
server: AmazonS3
etag: "abed26591584f30a75fa8d962e1848f9"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: 8tyZASSWWJL6gBSz6yr-2GP1TWr9vygfytXrJjVHikspS43HtoREYQ==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H2 200 85374.svg
images.kinorium.com/company/ 3 KB
2 KB 38ms
29ms Image
image/svg+xml 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/company/85374.svg?1702390086
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a709e1d5ad50a817916030c8c1cdbf3ffd32f8cf0327c94ace6622512ddad542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:09:08 GMT
x-amz-version-id: null
content-encoding: br
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 101122
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Mar 2023 15:44:35 GMT
server: AmazonS3
etag: W/"f2fb7971651bf45a07ffe44d981835eb"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=1800000000
x-amz-cf-id: vxycYC_RrXXGsB0SUi-njToetPoSxmynEJUtRNoELPxI__FZsgU-Iw==

GET
H2 200 27925.svg
images.kinorium.com/company/ 19 KB
7 KB 41ms
32ms Image
image/svg+xml 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/company/27925.svg?1702390086
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dfb9834d4d5cefa2ea43cabf9c8eea8dac41936601f338b19f74eeb7ccb76e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: br
via: 1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 15:14:29 GMT
last-modified: Tue, 28 Mar 2023 02:43:48 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 12180
x-amz-server-side-encryption: AES256
etag: W/"8df22ee1d7341c1f161b441722826c55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: PF3d65n06Gh-z-3VsP_A2uaMmZRlDNmgkZzw4PZFrYVcRErzpxtL6g==

GET
H2 200 vod_itunes.svg
static.kinorium.com/img/vod/ 3 KB
2 KB 34ms
26ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_itunes.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a190f929f08ddf118fa9936ec2efceae9a5d0d11abe786b311903cba51c677d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 05:45:33 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 7378137
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a190f929f08ddf118fa9936ec2efceae9a5d0d11abe786b311903cba51c677d6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:53:53 GMT
server: AmazonS3
etag: W/"69b914827039d33e2c3d5d985237e752"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: vOSYXmBbllc0MJeWu59zxlK4ca6YRsbXUw5UxMBCz8BCQXHo5lSKDw==
x-amz-meta-s3b-last-modified: 20221220T102125Z

GET
H2 200 vod_appletv.svg
static.kinorium.com/img/vod/ 1 KB
1 KB 32ms
24ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_appletv.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f096c529d6c0e3d48e801254ac98a69bfddbba56ff8cff2af4059f26b916b4f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:46:30 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24820080
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: f096c529d6c0e3d48e801254ac98a69bfddbba56ff8cff2af4059f26b916b4f9
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:53:39 GMT
server: AmazonS3
etag: W/"e5dcff69be5d5a623d9667355ea486f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: mvQ8_K77wbPn1xKNa5ivhvc4Vx7htX3b1UdD1lxVJeXxFb95K89i0w==
x-amz-meta-s3b-last-modified: 20221220T102125Z

GET
H2 200 vod_google.svg
static.kinorium.com/img/vod/ 3 KB
2 KB 29ms
21ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_google.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d489d7315162f2c2434d5c9f32bbd8932127a9a43644f869791a99a9df06d55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:47:45 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24820005
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 6d489d7315162f2c2434d5c9f32bbd8932127a9a43644f869791a99a9df06d55
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:53:50 GMT
server: AmazonS3
etag: W/"051c5be05bdf402d69e5359763d9a3c8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: RYeMcYNo8l55gM62VUUG4iStkUFQMRpgeu53egH5XiY7eoNAs21Wlw==
x-amz-meta-s3b-last-modified: 20230113T083022Z

GET
H2 200 vod_amazon.svg
static.kinorium.com/img/vod/ 7 KB
4 KB 31ms
23ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_amazon.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d38b81d5ec41de2c4e70d9d2b2601f9e809a9ae1c4a84ad7ee5bbe42a3efeffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:47:37 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24820013
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: d38b81d5ec41de2c4e70d9d2b2601f9e809a9ae1c4a84ad7ee5bbe42a3efeffa
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:53:37 GMT
server: AmazonS3
etag: W/"d628675c1752f30aaa3338da8cb330c2"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: FrJjU2K-MvP7zuEQu_YCREKqXKMUyM5bmaP5qWKTldS92Y6_21HWRg==
x-amz-meta-s3b-last-modified: 20221202T070318Z

GET
H2 200 vod_hulu.svg
static.kinorium.com/img/vod/ 686 B
1 KB 33ms
25ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_hulu.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d1e630203285d2d874fec7badc758d0835f515b42d4f1ba2f3b2d30d9c587a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 00:47:21 GMT
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24762429
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 9d1e630203285d2d874fec7badc758d0835f515b42d4f1ba2f3b2d30d9c587a7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 686
last-modified: Wed, 01 Mar 2023 17:53:53 GMT
server: AmazonS3
etag: "9514e5cd55bfaeba62cbef7aec674d39"
content-type: image/svg+xml
cache-control: max-age=40000000
accept-ranges: bytes
x-amz-cf-id: OQXySnEnUNGcHpR83KjNv9lrlA-2bj0XxFKSW1yEIy5cVcsy9jmNVg==
x-amz-meta-s3b-last-modified: 20221220T102125Z

GET
H2 200 vod_microsoft.svg
static.kinorium.com/img/vod/ 3 KB
2 KB 30ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_microsoft.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdca23b1f72ef8955a520156e736f653d9fa344d057f139fda9072b974e34635

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:47:37 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 24820013
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: cdca23b1f72ef8955a520156e736f653d9fa344d057f139fda9072b974e34635
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:53:59 GMT
server: AmazonS3
etag: W/"bf27d5211d7cb1c354f6a1ba572ee03c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 7Nqew7vAUvCTAQBQAwuA4kAw5hnjNfhgukV9aSiF1aEl3erDaXzqJA==
x-amz-meta-s3b-last-modified: 20221220T102125Z

GET
H2 200 vod_vudu.svg
static.kinorium.com/img/vod/ 2 KB
1 KB 34ms
27ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/vod/vod_vudu.svg?1
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2959f73c60a3fdf1f54dc8d3c562f800fd9a73d90b76a4165e08fd931e1ea116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 14:41:06 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 16936404
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 2959f73c60a3fdf1f54dc8d3c562f800fd9a73d90b76a4165e08fd931e1ea116
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 01 Mar 2023 17:54:21 GMT
server: AmazonS3
etag: W/"7db7dc1960388a5251cbd2e68141182e"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: SMLGAK-btE4F4Mmq-FBysbc5rm8H6nYvJEdHcbr0_MsOe1T2oykKSA==
x-amz-meta-s3b-last-modified: 20221220T102125Z

GET
H2 200 font
fonts.gstatic.com/l/ 4 KB
5 KB 70ms
18ms Font
text/html 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=BngRUXNadjH0qYEzV7ab-oWlsYCE0xOsS8nad_ODXnNeRA&skey=4fa1436033972818&v=v12

Requested by

Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9e3bdbe8e0bcd9cc8222839b4a06cc9fabd3f043fe5182de51cee21e150fe70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.kinorium.com/
Origin: https://en.kinorium.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 19:08:08 GMT
x-content-type-options: nosniff
age: 72382
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4264
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Wed, 13 Dec 2023 19:08:08 GMT

GET
H3 200 icon_32_search.svg
static.kinorium.com/img/svg/ 1 KB
940 B 32ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_search.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 202b8a8b3028eba18a82f4f4d3935d20c262ae79ed4a5c5ab8b7b9ef4f65b14e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:27 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 24819904
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 2fa799d64ba2f4fc82d2e4a3891642f2c914c34f0e806328b0726f54144dcdb7
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 512
last-modified: Wed, 01 Mar 2023 17:25:40 GMT
server: AmazonS3
etag: "4535c04f9578fcf6d0e16d0b60bd0427"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: Znk25fz_iauESo-fi8HwsZvzGUz5PHYj7b746lia3PcrVefn-yFDBg==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H3 200 icon_smiles.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 33ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_smiles.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2fd721b912ccc8f79fb87ec0b9b1fb66fd2bb652923ba959ea154f879357478

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:29 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 24819902
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8ac78d07c9e2b6ad2c2cc64d7d32b1e7f48cd7de0d95e29cb5135064003d539e
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 680
last-modified: Wed, 01 Mar 2023 17:26:03 GMT
server: AmazonS3
etag: "f12d26430df84637c7a96342224fa228"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: lOwnWszff_gg646EfQXI9-rb7zdmbZgzk-ZIjE-lH9K-dwMEwWUoTw==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H3 200 icon_32_alerts2.svg
static.kinorium.com/img/svg/ 5 KB
2 KB 33ms
23ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_alerts2.svg?v=1
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 578389ed5dc47a2c27287cac6a7b34f04473537133527e5583fb165d41da95cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 08:53:33 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 17:25:10 GMT
server: AmazonS3
age: 24733258
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
etag: W/"7d8e64662bd9d0bf5f8bab183999381a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=180000000000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: m6KsN1qQItgxN3QCGK2u8T1vZHStEnO4bUzfo9SQPyUd03snYSO7eA==

GET
H3 200 icon_32_edit.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_edit.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d8e0be3164481acb1135c2ff98418b3b81a16f96a0c7a9f95f2138fa461bc04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/film/film-default.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 13 Apr 2023 04:41:22 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 21205989
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4d8e0be3164481acb1135c2ff98418b3b81a16f96a0c7a9f95f2138fa461bc04
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:22 GMT
server: AmazonS3
etag: W/"3e31847107b92697025db21cb518ccb8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: rz8ToNcauKsiROo2eEmCl6k_tdf3pgYh1wDGpQ5iTetDqKEUi26qzQ==
x-amz-meta-s3b-last-modified: 20230309T040701Z

GET
H3 200 icon_32_like.svg
static.kinorium.com/img/svg/ 3 KB
1 KB 22ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_like.svg?v=5
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18371c2f71b8f8c5352c9f55a0826735f609beca16e26d40bcb711318e712191

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 11:10:56 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 7358615
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 18371c2f71b8f8c5352c9f55a0826735f609beca16e26d40bcb711318e712191
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:24 GMT
server: AmazonS3
etag: W/"a7f6c99a30d9e1f0630703e656f85b6b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: fj2NzI1TnBp3NstEHbh-XynS3QfQ_cORJz95ZkacZdyeZ328xvzrYQ==
x-amz-meta-s3b-last-modified: 20230309T040703Z

GET
H3 200 icon_32_edit_small.svg
static.kinorium.com/img/svg/ 2 KB
1 KB 23ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_32_edit_small.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa4a2a36f8257a529f5236470a5ff6378b44c1f9eb9a37ef6c4610e016ecae54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 08:49:26 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 24819904
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8b34498e6bc8315ef5f8438c19ca9c69e3a2882bb8f3878c0ed840d525b96030
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 620
last-modified: Wed, 01 Mar 2023 17:25:19 GMT
server: AmazonS3
etag: "e37669ac9697f273f2684813abd6ab55"
content-type: image/svg+xml
cache-control: max-age=180000000
accept-ranges: bytes
x-amz-cf-id: gMV01y4aFB0co64c5oSsQdBDjwb4f3wvk58KMZZ2Yr3anAUYI9ktKA==
x-amz-meta-s3b-last-modified: 20200531T061020Z

GET
H3 200 icon_50_newSerial_en.svg
static.kinorium.com/img/svg/ 12 KB
5 KB 21ms
20ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/icon_50_newSerial_en.svg
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4429f12435d0a242eaeda7760995ba4e98d71f452611773e19cd8deab15ccb46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 08:36:46 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 7022265
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4429f12435d0a242eaeda7760995ba4e98d71f452611773e19cd8deab15ccb46
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:35 GMT
server: AmazonS3
etag: W/"662c94673883e7f6758bc11f57caafc9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 7VA5Zw7aJE9suUn-ZQb9YpQXdvFCJXHYkFeedijvQ6fBrRIu3lLD-g==
x-amz-meta-s3b-last-modified: 20230309T040710Z

GET
H3 200 stores_en.svg
static.kinorium.com/img/svg/ 24 KB
10 KB 21ms
21ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/stores_en.svg
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/style-default.css?1701946597
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 434e65956e6f9ba685dacaa9946690648b855fe65691905ae52aaec2122b1d7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/style-default.css?1701946597
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 09:56:26 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 23951885
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 434e65956e6f9ba685dacaa9946690648b855fe65691905ae52aaec2122b1d7b
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 09 Mar 2023 06:26:48 GMT
server: AmazonS3
etag: W/"9eb8ed0aa631ff287d5a77db732983e8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 8sYyeC4oBLhwBxeTjiAEQ7pvhmKGT6hnBWYcdpB4BwPwXpzy3c7Nsg==
x-amz-meta-s3b-last-modified: 20230309T040720Z

GET
H3 200 flag-icon.css
static.kinorium.com/css/min/pages/flags/ 43 KB
3 KB 21ms
21ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 351e9ccfcff02bbec5a229611d57782832e45409f73d7496733966fcc22c749d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:03 GMT
content-encoding: br
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 206728
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:55 GMT
server: AmazonS3
etag: W/"b737e6d3652437e87157c2f88b71b353"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 8bXjBviyprrw2oVL8ACN9HsWMsswCQEL6O3Jpt3CQH-ffUGjze5zxQ==
expires: Sat, 12 Dec 2043 05:48:54 GMT

GET
H3 200 popup-info-default.css
static.kinorium.com/css/min/pages/popup-info/ 13 KB
3 KB 22ms
22ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/popup-info/popup-info-default.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 082e1bb43e41412538d4f1b8dbc4a314df40ad93781bedf591a38f989dfefdad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:55 GMT
content-encoding: br
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 206676
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:58 GMT
server: AmazonS3
etag: W/"48107b4781079a5ddf518e91cdfafcb7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 29I4BCGf492_OZjDrr6ZSI-FsC6ASDat5GUuUOYBFsGkOBbjM_mzKA==
expires: Sat, 12 Dec 2043 05:48:57 GMT

GET
H3 200 h280_49239016.jpg
images.kinorium.com/movie/shot/122304/ 14 KB
14 KB 26ms
26ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49239016.jpg?21620173457
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c8c40e9dcd44793b703030bfdfd8f7ea24cc0070651b98b281d46387595ef5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
age: 29949
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14362
last-modified: Tue, 19 Oct 2021 05:39:22 GMT
server: AmazonS3
etag: "42b38faca0524a494327ae481e891b3f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: QEuBTKqt1ozuLFpbsiqiyXAzJ_qjR9H6PGlsFLScYA45KSVxFUOamA==
expires: Sat, 19 Oct 2041 05:39:21 GMT

GET
H3 200 h280_49237508.jpg
images.kinorium.com/movie/shot/122304/ 14 KB
14 KB 26ms
26ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49237508.jpg?21620166739
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9edb3fdbf7ba7ed6993c92cc1052d1ffd0eeb0f6cd43797b5beb65deb2f83b3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
age: 29949
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 14240
last-modified: Tue, 19 Oct 2021 05:33:10 GMT
server: AmazonS3
etag: "c524a36c5aa03f4109bfd3174c38aeca"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: -BRiAweSX-W8lHq7r7grGhfw6N9dSC2Z6BJE8WIAPpnkHIyvy__c_w==
expires: Sat, 19 Oct 2041 05:33:09 GMT

GET
H3 200 h280_49237302.jpg
images.kinorium.com/movie/shot/122304/ 30 KB
30 KB 29ms
29ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49237302.jpg?21620165797
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75699882e6b2f9cd16dad8febfd0eb7e07293ac50d5eddba6b30c62de4b74740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 11:29:16 GMT
x-amz-version-id: null
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
age: 99915
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 30534
last-modified: Tue, 19 Oct 2021 05:32:15 GMT
server: AmazonS3
etag: "ae83e7a0482ea8e37baea3f46237ac8b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: U3291ewQVTeHzifknouUdJW-mARldeHz4XwrMFAR41K76AiGV3ZEqQ==
expires: Sat, 19 Oct 2041 05:32:14 GMT

GET
H3 200 h280_49239425.jpg
images.kinorium.com/movie/shot/122304/ 17 KB
17 KB 29ms
29ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49239425.jpg?21620175388
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7cc0e8f5be12a34918a3f9cf9dd335a74684af783bbfdd280239063fc20b1a70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
age: 29949
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 17257
last-modified: Tue, 19 Oct 2021 05:40:58 GMT
server: AmazonS3
etag: "1e10c88bff6c6ca7d4f7d5c51dd9528a"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: cDKNhS-x2HuZGwrAn7VVOfioO8jNyjg2zU9tnbQlKkd6yUfcI5JkaQ==
expires: Sat, 19 Oct 2041 05:40:57 GMT

GET
H3 200 h280_49238938.jpg
images.kinorium.com/movie/shot/122304/ 26 KB
26 KB 27ms
27ms Image
image/jpeg 2600:9000:20ab:4a00:10:531f:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.kinorium.com/movie/shot/122304/h280_49238938.jpg?21620173053
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:20ab:4a00:10:531f:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f77bfe61190dcaae65a9bea5929150b1898fd7829bb3e6d96adef57d7cd7a6f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 06:55:22 GMT
x-amz-version-id: null
via: 1.1 8be4072f43c8c13d02688a798ea634a4.cloudfront.net (CloudFront)
age: 29949
x-amz-cf-pop: AMS58-P3
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 26112
last-modified: Tue, 19 Oct 2021 05:39:05 GMT
server: AmazonS3
etag: "afcd075963b5addc8cfd4bb2541926a4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: ev8_Pb-8hMdzKAI2rWbRVG1W8EWPVk9pmkfx88hQOC4Fr-G_iS2XTQ==
expires: Sat, 19 Oct 2041 05:39:04 GMT

GET
H3 200 Chart.min.js Show response
static.kinorium.com/js/Chart.js/2.9.4/ 169 KB
52 KB 23ms
23ms Script
application/javascript 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/js/Chart.js/2.9.4/Chart.min.js
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/js/min/vendor.min.js?1699411195
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 23:44:40 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 22001390
x-amz-cf-pop: FRA53-C1
x-amz-meta-sha256: b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 22 Nov 2021 17:46:34 GMT
server: AmazonS3
etag: W/"9b1ae20c4c7048d6e4a1b2e1aee7fb31"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=40000000
x-amz-cf-id: hCLGq8zU8anZwuqiVURouQOteSlG3Ow67uHspEh9F9KkVlo6ztlusQ==
x-amz-meta-s3b-last-modified: 20211122T174413Z

GET
H3 200 flag-icon.css
static.kinorium.com/css/min/pages/flags/ 43 KB
3 KB 22ms
22ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 351e9ccfcff02bbec5a229611d57782832e45409f73d7496733966fcc22c749d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:03 GMT
content-encoding: br
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 206728
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:55 GMT
server: AmazonS3
etag: W/"b737e6d3652437e87157c2f88b71b353"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: 6_feXfe0kYslFtxK3dBUgRd7pmS_8vIub2oIzT5B_QWVi22AE9CfBg==
expires: Sat, 12 Dec 2043 05:48:54 GMT

GET
H3 200 popup-info-default.css
static.kinorium.com/css/min/pages/popup-info/ 13 KB
3 KB 23ms
23ms Stylesheet
text/css 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.kinorium.com/css/min/pages/popup-info/popup-info-default.css?1702360065
Requested by: Host: en.kinorium.com
URL: https://en.kinorium.com/122304/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 082e1bb43e41412538d4f1b8dbc4a314df40ad93781bedf591a38f989dfefdad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 05:49:55 GMT
content-encoding: br
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 206676
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 12 Dec 2023 05:48:58 GMT
server: AmazonS3
etag: W/"48107b4781079a5ddf518e91cdfafcb7"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=2592000
x-amz-cf-id: -C28Sa7VxMqJfHUqCJ5L9wPuXY2mEogO7VumQS6VD547SbcJbPMAtw==
expires: Sat, 12 Dec 2043 05:48:57 GMT

GET
H3 200 us.svg
static.kinorium.com/img/svg/flags/4x3/ 4 KB
1 KB 24ms
23ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/flags/4x3/us.svg?2
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aefd8f7e57d11f7b0416d01d9c665ab3848b10af849f35a4d772d58d24d83329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 10:55:28 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 23084343
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: aefd8f7e57d11f7b0416d01d9c665ab3848b10af849f35a4d772d58d24d83329
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 09:50:39 GMT
server: AmazonS3
etag: W/"ecdc9c9ec8d5e3d1c02777431f03fece"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 43H7m4TJtiob-HzDprpj4lFB8pHKQ_fHA-oTcF9JcX7IIb_9zkZ3ow==
x-amz-meta-s3b-last-modified: 20230322T094605Z

GET
H3 200 flags.svg
static.kinorium.com/img/svg/ 27 KB
5 KB 22ms
22ms Image
image/svg+xml 2600:9000:214f:400:a:a5bc:5040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.kinorium.com/img/svg/flags.svg?v=34
Requested by: Host: static.kinorium.com
URL: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:214f:400:a:a5bc:5040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad2667dbadca6a0d7dd6ef45a65b9354787762765dbfcff1dcd0346df6f36cb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.kinorium.com/css/min/pages/flags/flag-icon.css?1702360065
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 04:08:29 GMT
content-encoding: gzip
via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
age: 7988762
x-amz-cf-pop: FRA53-C1
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a63222f01fec041a7a86898e8e3cbcfcc8c258535fb7c612349eb8cf63ae9684
x-cache: Hit from cloudfront
x-amz-storage-class: STANDARD_IA
alt-svc: h3=":443"; ma=86400
x-amz-meta-server-side-encryption: AES256
last-modified: Wed, 13 Sep 2023 03:48:34 GMT
server: AmazonS3
etag: W/"596b7e296ca9de24828445e1bb2f1671"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=40000000
x-amz-cf-id: 8atEygrL_3ogMizdMVfendSfWqWKNA-d8XfHw39bBsEL7qKnm42C_w==
x-amz-meta-s3b-last-modified: 20230309T040657Z

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 116ms
69ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9128010928993885

Requested by

Host: static.kinorium.com
URL: https://static.kinorium.com/js/min/vendor.min.js?1699411195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c274635df442dbacab2c165251c795062da18e02eaea357de7f6c5483eea30ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51297
x-xss-protection: 0
server: cafe
etag: 7109575911436400449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 15:14:31 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9128010928993885&plah=en.kinorium.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9128010928993885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57b5513571de95e1ec11197ab2e8843456c99270594d8735fbb1123d09ceed5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137960
x-xss-protection: 0
server: cafe
etag: 2370460234316984142
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 15:14:31 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 8B1D 9 KB
4 KB 67ms
19ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9128010928993885

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 13:49:38 GMT
etag: 5585625838579639069
expires: Thu, 28 Dec 2023 13:49:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F748 0
188 B 271ms
270ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&adk=1812271804&adf=3025194257&lmt=1702566871&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x1080_r&format=0x0&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871309&bpp=2&bdt=1624&idt=214&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4836837393750&frm=20&pv=2&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=244

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9128010928993885&plah=en.kinorium.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:31 GMT
expires: Thu, 14 Dec 2023 15:14:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 107ms
67ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12edd52f07a6146838974db5cf7fad66af4da72c3ce6e15196a4c30e3fd7bf03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12231
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A52A 25 KB
11 KB 617ms
617ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4ff5e25f85d0b4f9b3deb4b2ddce93ed5cecb65fdd643b4018bc00b650efe16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11321
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:32 GMT
expires: Thu, 14 Dec 2023 15:14:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CAC4 36 KB
15 KB 450ms
449ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=200&slotname=4384361045&adk=3477776749&adf=1316994944&pi=t.ma~as.4384361045&w=830&fwrn=4&lmt=1702566871&rafmt=11&format=830x200&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871312&bpp=1&bdt=1627&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=256

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c34fb5a0d2ff4fc8028ba43484459ab2aa3373077952d8dee7ddd26c6d20ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14670
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:31 GMT
expires: Thu, 14 Dec 2023 15:14:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 78ms
31ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 15:14:31 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FB3 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 14:22:45 GMT
expires: Fri, 13 Dec 2024 14:22:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0769 829 B
1 KB 74ms
30ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9873f176497118d31099fd34f29a5c2fdceb7dbd3c9dc7797e1be3531db14435

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H7Zu2zl10MzAbw9mpZqNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://en.kinorium.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H7Zu2zl10MzAbw9mpZqNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:31 GMT
expires: Thu, 14 Dec 2023 15:14:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6FB3 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0769 0
0 54ms
53ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2661641986028524&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6FB3 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8megqw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CAC4 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=200&slotname=4384361045&adk=3477776749&adf=1316994944&pi=t.ma~as.4384361045&w=830&fwrn=4&lmt=1702566871&rafmt=11&format=830x200&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871312&bpp=1&bdt=1627&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=256

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 08:48:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame CAC4 20 KB
8 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAC4 203 KB
65 KB 115ms
69ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 15:14:32 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 26D4 185 KB
57 KB 189ms
105ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXsb1wAKLRUKYr0IAAz_DwnEY43e4dcD5ZrAgQ&u=%7C%2B7ClG%2FX9ovdsTqyNsg%2BL4oXMZdCuPcskWKbFWhcgWTk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69FtpYrSKk1dGCG0vcuPWnULQll243SDy2gm58wO5MDsojOdIHbUFCTdajDmHqj7G9oz7fSlNxFwImen5jFMB0f0ODosvonXUwBpi1FMg3EvMplY3RFIsL03e8I6_sZz24BWdxPkBUOplLpulG-5U5WZvfXG4o6RBD6mGiwHOwyyLx9ZC1Y7uwT3EIoFvQwflF0eGjTZDIX6Lq0OKqajYIqNLkdgib0AjtUG6kjgDzcfWD0boKV_bpXBstbA0mkB7k6TLAVL5z4ybxhj_PwNP5k7YW0cT_AP92tMDkosx12yz1VtPtfxpCjVvWfR8JXxb6eejdfOddeOsQMwyYkmYk8kCUNA6r-NefAczPB3OiqGNS478dCbsUTSIGcLkcuZnyg2U3eOEjBPvRqKtMyhvYeV76i_UQT5SYZmRBXDlbI0VgKPoC9h5WtGjim2U2m0IJPPfJ4ayOieVTOcqhPB3wR8kBbFDioVxec5CAOzgbYWSZ4qjtLGlfB5mLgC2cKNV2fPwaENwBimgLm8x4kFRQ1GG2GJ0JcCB-SC39f515vtcXYlG8SgLF4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFWA81xt7ZZXaKIj6igOP_rOgCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItOTEyODAxMDkyODk5Mzg4NcgBCakCsmcvG2tJsj6oAwHIAwKqBMgBT9DG_RKPSw56GH4FlA15Nuui2iVltZZTa46SsRu4840XAMM7f0vRfhAysYzjAzo6s3pNJhSgQ-dSj8_8xu2drDDUXdk8lK5q3BTzjhrTvoAOy-o6Ll1pON6KrmTmnkYpauAl3xiiBltL3CDwI18hV9Rl-3Bt6SAdgCwfG-0nJinJZhzW2tWOps0sJHO5RcU5XqudNVUhQyunq-2bIxKlS2TcXcw8hXMay88Jgdzvz22ypkbwTLwYeC09C7Kq3WUomY8sUFLIiOSABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYt-_Z7JuPgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lKtbLx8uTi2Od2dq1_adFtrbjEQ%26client%3Dca-pub-9128010928993885%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e7d517333affbc8c5b30a0ee2b4f0be964796a6a82130a5d05bed88bd4518ccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:31 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IFMDifNNTL3v4PqU87UblxGk_in5aUrq2RxzNvEU5VR-ZPo8RdGg9yqG8ooX82MAYhMIs9Ctz-K7tLVqgmrV8_nR6aAfDMBzkcIM9_kB_awUR5ILhQIVGzz1u3mMqZXNpd4FqVafpU7uoi_hRoKoA3rbmat5tzoisaLngJLk8y7k80uKzmxm4FRaiIu_kn2VfHGRwfY5a27eIWLck691LcuSb5FhbIeqoJWPeJPc8qk3mHCghhSPOYlRnrI1odCzpAAx4w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48769629
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-5VXCE1FJD6&gtm=45je3bt0v884473161&_p=1702566869907&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1812531977.1702566870&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&uid=&sid=1702566869&sct=1&seg=0&dl=https%3A%2F%2Fen.kinorium.com%2F122304%2F&dt=The%20Sopranos%20(series%2C%201999%20%E2%80%93%202007)&en=scroll&ep.locale=en_en&ep.theme=default&epn.percent_scrolled=90&_et=6&tfd=2608
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VXCE1FJD6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://en.kinorium.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame CAC4 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dd57535678d7e116b6129c9f9ad25477941faced6c71c31400fe64383a639912

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A52A 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DfAdVcleE70UBFre08KyNRJr-vIVoI0PHu5K2h4yW5zcc4KAvAKtos8j5_BTA-CCHRwAx9i9saTiV6AJQRyHGd_NmSYE8-pH3ser6oQWYH2WKngiY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame A52A 89 KB
31 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 14 Dec 2023 15:14:32 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A52A 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 08:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 08:48:30 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame A52A 20 KB
8 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 01:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48013
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 01:54:19 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A52A 203 KB
64 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Dec 2023 15:14:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A895 624 B
246 B 61ms
60ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUYc-r-pO1rcIfZaIGv1nquuDv2YrG0zVstrVY7QNiqoVqAnAUulF5LM89b5IPN7xsRBdJ8FmX6Zw8R5WJg9gqWrEYhcr73oPvK8Ud6BKAIMdxSFQkW9t_p_Yd0dSyRjxZfRULr-p-qsSouicizOHQiugskVfViW6KWFR07WyUIOkOg6j4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:32 GMT
expires: Thu, 14 Dec 2023 15:14:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 26D4 2 KB
1 KB 133ms
64ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZXsb1wAKLRUKYr0IAAz_DwnEY43e4dcD5ZrAgQ&u=%7C%2B7ClG%2FX9ovdsTqyNsg%2BL4oXMZdCuPcskWKbFWhcgWTk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi69FtpYrSKk1dGCG0vcuPWnULQll243SDy2gm58wO5MDsojOdIHbUFCTdajDmHqj7G9oz7fSlNxFwImen5jFMB0f0ODosvonXUwBpi1FMg3EvMplY3RFIsL03e8I6_sZz24BWdxPkBUOplLpulG-5U5WZvfXG4o6RBD6mGiwHOwyyLx9ZC1Y7uwT3EIoFvQwflF0eGjTZDIX6Lq0OKqajYIqNLkdgib0AjtUG6kjgDzcfWD0boKV_bpXBstbA0mkB7k6TLAVL5z4ybxhj_PwNP5k7YW0cT_AP92tMDkosx12yz1VtPtfxpCjVvWfR8JXxb6eejdfOddeOsQMwyYkmYk8kCUNA6r-NefAczPB3OiqGNS478dCbsUTSIGcLkcuZnyg2U3eOEjBPvRqKtMyhvYeV76i_UQT5SYZmRBXDlbI0VgKPoC9h5WtGjim2U2m0IJPPfJ4ayOieVTOcqhPB3wR8kBbFDioVxec5CAOzgbYWSZ4qjtLGlfB5mLgC2cKNV2fPwaENwBimgLm8x4kFRQ1GG2GJ0JcCB-SC39f515vtcXYlG8SgLF4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFWA81xt7ZZXaKIj6igOP_rOgCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItOTEyODAxMDkyODk5Mzg4NcgBCakCsmcvG2tJsj6oAwHIAwKqBMgBT9DG_RKPSw56GH4FlA15Nuui2iVltZZTa46SsRu4840XAMM7f0vRfhAysYzjAzo6s3pNJhSgQ-dSj8_8xu2drDDUXdk8lK5q3BTzjhrTvoAOy-o6Ll1pON6KrmTmnkYpauAl3xiiBltL3CDwI18hV9Rl-3Bt6SAdgCwfG-0nJinJZhzW2tWOps0sJHO5RcU5XqudNVUhQyunq-2bIxKlS2TcXcw8hXMay88Jgdzvz22ypkbwTLwYeC09C7Kq3WUomY8sUFLIiOSABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYt-_Z7JuPgwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1lKtbLx8uTi2Od2dq1_adFtrbjEQ%26client%3Dca-pub-9128010928993885%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 26D4 2 KB
1 KB 104ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 26D4 308 B
636 B 100ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 26D4 293 B
622 B 99ms
33ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 26D4 43 B
348 B 84ms
27ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=_T4q_QppRPGR_vd8Azq2od9jgll3JAgNK4CfBDQ0pOd34ciw2Sx50vKhylE-N3NFB9jMLaVxZ7lcv1q1FgiieQZq0TahV_HXZYRg7lP9JOIUwX84jDxBo4GUeLanScIfb9zxyo7sDJSPPDcFS3SixgjGzxoZrg2GCjzedVL68QnMbDF52c9M5rJEJgxHUDsYm-L3OSy9wTu1GM9TuqJploxaKIiB47CxQtpLwru6cCQAykuthpYZYQ9AuCgIMDyIve0wB3gCU1Z4P1o25_mTylzpnvOTtK9YkprdfuAuDVdkgoH6XiGO9hdp00MqY4cj7HhpuRqZtXBBjOOK39pM7uXbYNLZrlHdbAH9RmM4VeWDNEjzhyhgXyHkuw_xdfCDjcUDzhh1QdAvk3yDcO_bhNbxJCx1aSiV0k3dOKNK2g11bkgY

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1546752
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 26D4 43 B
1 KB 155ms
35ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=15&extPu=13929-criteo&extLi=264882&consent_string=&iab=1&rnd=657b1bd72b010fc595b29c83184bc5f4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Thu, 14 Dec 2023 15:14:31 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Do, 14 Dez 2023 03:14:32 GMT
X-ET-Code: 0
Accept-CH: sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://ads.eu.criteo.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1051
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff
static.criteo.net/design/dt/ Frame 26D4 31 KB
31 KB 134ms
67ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/c1d096976dd24cf8af55f5aef2a3900d_sofiapro-regular-webfont.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 08 May 2018 05:53:55 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5af13b73-7bb4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 26D4 12 KB
5 KB 89ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 596080
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd%2BMNVkVDbc0MHO0uGs3Q3xHVEhqhOC5SR8q0EcSL1fAWB%2BuL8sSqZGNhoPE7uGw%2F5%2FydJVf1mq03WN0n%2BP8GltSiSNRuw3Euytx8cPEp0E4PD0CmEOuFdoB6XUOW40zCERVZKofUBAh%2B5agvIh1ZOZT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 835765a7fe06bbda-FRA
expires: Tue, 03 Dec 2024 15:14:32 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A52A 0
20 B 56ms
56ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5058653043387&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A52A 0
20 B 54ms
54ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5058653043387&version=m202309260101&ct=77&x=1&cor=2741488787138317300

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A52A 20 KB
14 KB 189ms
188ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABwdLicUcMquKXmblycvD9gkHJGqss7hqgS4hI7J2A5hhUPoAYxWmu_MZ_6cNaBTAei69ZIIdTj2HNUXO2wKZZRVXLHvB8aHidYosRPYF7mFBpCBq1EQosTWDEa3EqWPQXaargJ2DIwjJtGOs4TKOKM1avykvYFq_2l3_cXV8aA1zAC5gt5HTrbEwlLyflupBq6cCnsc8wW5S12Zkjl0p0hlSyDA&cry=1&dbm_d=AKAmf-Dkh7IM-BMZ8XWhOFH6KPB9qzkS9lYeDT_K8F7j_qIIOdSYbcIqbh6c3Rk8TP6LOPPf0HCPQhDozlpaHiFNMPxSW-280YvAE6N9GJHqkpnsv-3b9sOjU6HKaU43ITaiekuKVA0roIyR3TBAMTdef3iadC1zu43HsYjULwUeo1mvsNHeX8R8qbSJr4ZfApKmkozGSQvqzR1o7QgQxCCCZRTYNHuDYStpB8rEO6iQXiMOkI7mfOGr7ZTz7Akv2IObdTCTXHP7G2i_UrjJTDKNgxpj1inpeldoZHrN8vzlCenQgduI1GzcdPfJw_vW-V2S6mhaDLjUizYHGA6PhHAX_rY9-ecowcVqHfZwwjxvDdxYzfM6ZzCgtQdidIBCueGuBhW5fqgDevR9qkWR-Dfr-FVhi6UurIzmXRUqrYIm4S2rAVerr3pvNKFvny9V5AbzGPes2T4Up73i_eWlGGU3Tllhyx_T2InkD15ItPFysr5x7T_AYhZk04tHU5oGGwGvEltfkiSWvixz6Ifd5i0yHh_ZAiA18Umy8marnj0TbraSuzaO0fFVXiAq-79tEgORzIHeBGVdXzLhSsCns9BScqN_KYSOE-kZ0IJUb26ubHcYU8TPFjaoN5RWOWIZKJFv8JOpvsBkxfJVQu1MNFjyfigv8PdjDYa9vgn5Iqs2AGJCTL_30Ca6pPgWgZqRXnq2_LDrVzxkQiFFCxCzDCGz-kafMhbDZbqXFQjdG1xgsWOfnRTqDkYouRzhIJdi3vINqXr116IBFy8KcZ2ZygRYbmMsVndu58DU1rDg_-JOcuA-8oIUafUL4PnfRkaJLZfZWnhZrD5C1J4DLXgbjc2j3xg2uhECuKKp2ZI6PhdexZr4DM_U8LUguiHU9xetNPHLYwRdicCkW8tRekT7LPN5KkpR0LW3np-8pAyC3qmS72vCcBvQCSD1-e3CEucvMyfxpdQ4EcKXyT179hEwjOjP8litYI3zv9ZSinIrcvbu0pLVON-nQlqn-46GiDnyrq66b6l-FXlu5qIWh4s_Xbd_jYTDRckd9dRTYJiuceTRkXQDK8U_XwDimJYwPlylXVCHflanDuFzV4O1uYiXdLRvtaSbKcu3E15rkimvhrP9N-wRAH8MpVCFmdToitSEpWx0T1Lqguu_N9T-CJ-iXOfI2n5APeckJaWGG85x9tEl9D9lyPJ6-mnDXdNWDYeJyQgA1r_B9Ats5l_DXju8J2JQGzpnpx-GNCKg4aoeNsmmXjQiYIK1IKVwr2AstHy_74gJ3Fg--F9olm0X1eVqmyadisxPEKXZIxv9AMeClBl2zAO_7_fVR3qWbpxAiuuxwKGhwqZYkhP0AddeCWwf_hH0ZZQhS9ZjaUWivqbewfKjyPZdz1KZXh_D940pQjqe5eWnP9-hgrkWG0lt41sq_eypd79i0JbZpcRVu7711JUIFvy2CICFTzt3WSwUZqsO0zT59BHAZzq9feZXrUnz5UnUqiczOiJrHSe0Lwt3YuGpHYzaB8x2uoNVPXSenX5venB1R7YOhTwYvi1zi8FXBYx2zZXMQ9Ul8PZFMYJ6ghxxi3uogkVrkJRjzXPR5neHAWTmFpsxswWgTMoq9HR8Y0n5ZToTq9wjIRO9XiURyIcDe86jZFI36j_uSGc07ERsA8uGk5JpRKKyAzKrtkDJW8xthfTMyqD6CoKP4j_6Qq1-yHTNWejYtnoeCnOwbFjFa8NcXb8WJVlDEzcIon0vetmo9kUoGMHvWW7vqpU_rBBw17Dpfcxiw5trsuq27EptbGvPC6rmyjXRGNYPNtImGEti6O6g22LT07H2hJ9qIZPXSFZlP31lKMkFqJFq8u2LBVYJR0QCL3mROsWFK9C2Zof8SfQVqeZExRGBJlAco2lgHAPdJ_Xb8vLhSwHX0_is--ZvSeUywxQJBQ6hYJdFNyt8z4BFe8TrNcq6V22yoNPKtZOjx9DXFInGwQKpKxJru2XOo13C6fJdFde-8OQngDYPYT6Rs8fgHH2IBoZiox2FOHfXthPYFg8VnP_GlLNdAB33S32y9v6qyeLDtarT12MwwKGUytE4AIHZuBYQgCU4G0zGvkM7Z-x6TjWQU51pMqklNDl1vhiBbgGs2ESio9jnuYhVjmiKEaOrs7phse3UK6c5DV5Onwmj92GV7iTYEw6RpQO6eucbVyo80YH5231aGwJLQSeUCs5IYYdfdWP-4DTK7vZHQJ5LNaX1IoTjxCShpUaLiSXdhpgeU5oyGBoYDQLJbQG0cFe0TBS4W5inPUfkZJSRhaexBmO7g-lAuF_dTwGBVwi25vV_xf4lZxyYZCfkqmlA4ucsvZWFVczlgsDBU4VDQJaDHkr0H8-wOlo5Z4u0GnBA2r6RwTZ6FfVh4yMv5XR57YJUaV_UqH9I39k_ICkI3JsYiySL5fDEbJn2nz-lDV0ptngDrgp1A7Nx8YXmvbRlT6A7wt-Q0LgogqipoUkWYuIxPyeQ8KpWhsQGYqMC4oO6uCqwRoReTPE3TZZY-s43CcccFhA9dmCWqPfJ_hJFgJe75-w9IxkdYZPvkBAtYrKVXpbcrp2xOyufdH7b0D5bdJ8eCFQiF7bAgV7-yVnfcLzxWzgGVH3y1-vKtA2ay4PoWOYmQAfptsu9USo69kHfmi5BjbymlvEcwTRUHBLOzkRUj36pW12JmP9klxVL269vBBhZneoDsFsrwem7wRr5ex1n8XPFWbvosZOHnCkv_SM06WzDqkOFrG8pSKcV2fW0zzcrcsvEDshZwly_-oSn2efMlUluHOd4S-vlCZZWiGpjbcITwg3Di2UfEsWT07wZf2GvI2H67R3REWMABZfm1_HntGygmx8t4mbH20rCVpRPD1yjoE2dmBxrTujQEMsyCB7qNjgB-T5gs9LlkcDP1xupbKKR1xtOvlJxlX5vgoVtLPlb70O-Ib7jVjxNNAUjWcOGrdGP9BQKCe94v150N_fZmlZHjMggnmgIWVhYSSgu-BE6n-4ydgVHwWdj7IziuqkqaI0dUaE9xVhUOd5ZXBoaHDUNn5QX3DFwDOFZUbmda9Kp9LLzlKBw8SlYRrbRdCvNy5cpUQLaE4tnybU7SkwyrQVCkp9R7Rr-RyUwnG0yHRIaTnQ_o-DuMJH8Du-zJFij27LS9TBHmcGYKo8G95NkLzq6_CZ01xoK3duNtZ8f_lgTuJF1A1gf5iW6DJDGWxbn_TO3QoXlBP5ecS-FucD7ojgA90wZ1getXuEWUicsMEoQukrJ6BhAmiIaLyg9MLRfxdA2r4xNSKvWx3vdDbsJfz2kZqXebyobsKK-YjBrGEUcmbwRBlwhpRQUAfpkVBemDhx-OsFI-lsPIuqW01nJOor3QDhNS0PpC1fjHD4Ic_NkOKM_uuqO1ra6op0-9m6bVs14sVojOyW7JvTiiH1dY0G_GOX8HIocOl0LVYeL40VyvpkXvyDgcowF_LW82BKH7x6i6p2S9wSnp_s_PVv-uL7JIf0RrBR9qze7p_-afobXZZExibIsndebzcfySqbmSswctxTzT4dOsydJb2B09q9-5B12UUpcPF3wZU3XYQplwTSyyEkoYrdYpacSIDGjzD0b6vs57sflJ4l5vXosxg9DI6Bxhefx-neRTbYCyrHGR3eKlnrHiFiUsxlnd_NZUVam3zS5OeK6Kyle8v17043kAb8nkdJhmYndV3TNZNyKeO8xscUk2wmqjUa3r1xEwuMZd7Yv-HQ-sVTCGwpbfCWxW9KtZDM5wpz8imi-K9MdVxJyfPS664q-C2XeiOb-eWCIed0XMHFrMB9ryln0cufs2Yt5bK8c0hPnVpZ-w8WCUBe_7BEbPtD0M-Fu40M7XbHalDsaPblMYjGj1w&cid=CAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen.kinorium.com%2F&ds=l&xdt=1&iif=1&cor=2741488787138317300&adk=2923430906&idt=80&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7463dae4128428ec6f6ccc862a5b20a5deda84fb3f123434eb0a737807e0cf1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13918
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 26D4 12 KB
6 KB 56ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A895
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1&C=1

43 B
341 B

73ms
73ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUYc-r-pO1rcIfZaIGv1nquuDv2YrG0zVstrVY7QNiqoVqAnAUulF5LM89b5IPN7xsRBdJ8FmX6Zw8R5WJg9gqWrEYhcr73oPvK8Ud6BKAIMdxSFQkW9t_p_Yd0dSyRjxZfRULr-p-qsSouicizOHQiugskVfViW6KWFR07WyUIOkOg6j4
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUDxruCtvn3BgznphK23JMFatc3C7l4c%2FBQUGHDmMSu%2BspIcZzEjFDDY9XYa%2FZknS4sZBYGgkrAYzoBBk%2BsW%2B0IhXRwABcstwss10ZQypDk9sP%2F3gTSC5cEObbtAWdcBOkSFfVxOT9wCjg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835765a8e8a24522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrAUk5PocCThRWndNp4zJFJcvzkaje2PhOdY%2FkTiWy81Bm2AMYr4WlKs7sxmBlwn0MGnKME8OoK5N0rCpsukFyM3R8cH9aJlocvxQaTMyL%2FrRPS70k%2BhIfNLcGDZHAqeG5hqEjgOvzuyvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEOrL7DjdlgsxdYHCsYxpsl4&google_cver=1&C=1
cache-control: no-cache
cf-ray: 835765a86f944522-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A895
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXsb2G.ZU9LW-6WGavM5ugAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFggqoVGov6KVXCpWThmfc&google_cver=1&google_hm=2

43 B
768 B

143ms
143ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFggqoVGov6KVXCpWThmfc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUYc-r-pO1rcIfZaIGv1nquuDv2YrG0zVstrVY7QNiqoVqAnAUulF5LM89b5IPN7xsRBdJ8FmX6Zw8R5WJg9gqWrEYhcr73oPvK8Ud6BKAIMdxSFQkW9t_p_Yd0dSyRjxZfRULr-p-qsSouicizOHQiugskVfViW6KWFR07WyUIOkOg6j4
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwTVxAGWxp37tD4pmOdvLu4dmhIg3yyyymsG0b6X09fGZPAq%2F1462h%2Bla5QXd1a0n2LPURuOZ6%2FNjhmNEzvdNfwrq4G7FSdmhjc35L23BOpA7S6NM4rrbUqpxqbqTOjjurnGZ3V20Ero2g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 835765a9f96b44fe-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFggqoVGov6KVXCpWThmfc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame A895
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELS0-PVeO4FEgc7lf3GdmNE&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELS0-PVeO4FEgc7lf3GdmNE%26google_cver%3D1

43 B
893 B

36ms
36ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELS0-PVeO4FEgc7lf3GdmNE%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxia77vGATAB&v=APEucNUYc-r-pO1rcIfZaIGv1nquuDv2YrG0zVstrVY7QNiqoVqAnAUulF5LM89b5IPN7xsRBdJ8FmX6Zw8R5WJg9gqWrEYhcr73oPvK8Ud6BKAIMdxSFQkW9t_p_Yd0dSyRjxZfRULr-p-qsSouicizOHQiugskVfViW6KWFR07WyUIOkOg6j4

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
an-x-request-uuid: 830889cb-6bde-49bb-abb6-3ae44ea96453
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
an-x-request-uuid: 8d8b04d5-ed0d-4766-a9b4-3ca35e880ebd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELS0-PVeO4FEgc7lf3GdmNE%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A895
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1NDk0MzE2MTkyMjc3MzY4OA%3D%3D

170 B
243 B

30ms
30ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1NDk0MzE2MTkyMjc3MzY4OA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
an-x-request-uuid: dc1d45d7-34a5-4330-8b20-b08e0c0e0f38
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDE1NDk0MzE2MTkyMjc3MzY4OA%3D%3D
x-proxy-origin: 217.114.215.131; 217.114.215.131; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 9 KB
9 KB 147ms
79ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=396&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F151110%2Ff72c9b427a974b29a26231c07646f1bb_breuninger_de_all.png&v=3&w=196&rid=4&s=pp4zP38otQRC8UNw-O3oflNK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9507
expires: Mon, 25 Nov 2024 03:03:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 50 KB
50 KB 167ms
99ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F8721%2F5070249%2F6d4ef7054d5947399f835a37bf111969_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=6DD-LBaHDMvehhHES82a-kfQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b2838c013485964dd95c878559dfc6b84932e1bc3d58d7e37b32bb63c5e6e222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 51044
expires: Sat, 09 Nov 2024 13:49:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 6 KB
6 KB 150ms
83ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F6%2F100147012718500_0_1688132721574.jpg&v=3&w=400&rid=4&s=tnEGQUDy0xZ_fmijOmwqJzM_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e5caee29c63ec907d13d3007b72e0a84649fdeb1fc9564ebbea9e019b23c44a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 6288
expires: Thu, 29 Feb 2024 11:19:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 4 KB
4 KB 193ms
125ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F8%2F100148931318700_0_1692008009759.jpg&v=3&w=400&rid=4&s=FwjHNIVTcC56SaoQJ8mYa3mV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

02ace18bbca8956a92cac41c3b901c2990c89fcf25de1c1403117514e4568a07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 3820
expires: Thu, 15 Feb 2024 06:54:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 13 KB
14 KB 132ms
65ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F11%2F100155785318700_0_1699349405419.jpg&v=3&w=400&rid=4&s=nBFwCKDg1uRDvC6R4I7q3jKw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1adc9d92889bc20eebbbf26f7b96214f7b0d9e5785cb03857fb022eccc40bdc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 13738
expires: Tue, 06 Feb 2024 01:55:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 8 KB
8 KB 133ms
66ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F8%2F100119430012000_0_1693310415122.jpg&v=3&w=400&rid=4&s=4N7XuCUQmxu3cGaDDyqBL8S_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e8f816b759479cb97282b62d622795e979321d0a986fce428f0a1a20a20f2fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 7882
expires: Sun, 03 Mar 2024 09:35:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 2 KB
2 KB 105ms
105ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Fcpro%2Fmedia%2Fimages%2Fproduct%2F23%2F7%2F100146015511000_0_1690787427676.jpg&v=3&w=400&rid=4&s=QY-zzQZmNqATjwb4ONUndgXl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0142f160f0f9f10aa9fc8b4b996b9bbf0e482584e2488139c418b3bedd099536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 2104
expires: Sun, 11 Feb 2024 08:48:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 26D4 4 KB
4 KB 106ms
106ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=8721&q=80&r=0&u=https%3A%2F%2Fcms.brnstc.de%2Fproduct_images%2F1122x1536_retina%2Ftradebyte%2F02%2Fmedia%2F2463%2F522780-faed489315726.jpg&v=3&w=400&rid=4&s=OJULuXyi8aNA293T96OqiUtG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e8cb9f99b01af9cafe8c68a57e67095796a5409a3c3e532769233301486eb21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=7776000
timing-allow-origin: *
content-length: 3950
expires: Wed, 28 Feb 2024 14:45:32 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 26D4 0
128 B 106ms
35ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=IFMDifNNTL3v4PqU87UblxGk_in5aUrq2RxzNvEU5VR-ZPo8RdGg9yqG8ooX82MAYhMIs9Ctz-K7tLVqgmrV8_nR6aAfDMBzkcIM9_kB_awUR5ILhQIVGzz1u3mMqZXNpd4FqVafpU7uoi_hRoKoA3rbmat5tzoisaLngJLk8y7k80uKzmxm4FRaiIu_kn2VfHGRwfY5a27eIWLck691LcuSb5FhbIeqoJWPeJPc8qk3mHCghhSPOYlRnrI1odCzpAAx4w&sds=2&rev=89791&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 26D4 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 26D4 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 08 Dec 2024 15:14:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2661641986028524&bg=!ammlaSbNAAY3kmNgF5I7ADQBe5WfOGNcVAGobpS2fpS9BPMHxDxxmV0p-I49hbN9fObRTnZ96Uc32XB3_TSKq1b5msP5AgAAADRSAAAAAWgBB5kDABPubnEbAbMpyEuUFAlJs-DSfA17EpdF2IBIbqk0pxlLMA0QtqnoSMmPFg4lHRplKP8y0qjA_CTvCE8-gsL_lUoEDFes8M-hZu0m0bxbk4_thQyjX-edeeOiAm4NhYCUVV9vmmKlqcmLZP5f_wM0otWnP_SKWB51WkzrDB6m_Z_04jTmPa5FiuOiU9VPwmJeKVijy7V04S1P9Gefqix7XN1tv9rAhz3NThfi566I7_nAgKWzM0TxK3y5LVtFKop8NV4-6EwYxsnLkGkbZ-eCWQUCe81hZnKP7fRn-bzzTzpvvizyA_Q8e8jxZ55wD4WgmjzbmRj88dgdyDhTjqyu2ba16vFrdG034D3wNrlBmD8-17ULbZhuKZm5NVaqZto_dZCmlqo5YE-utt8yAuiJlaHxX8WhAs5X9fHfP2ueCVUR6ChihXpgbPKnvC63eWCIpaFHCx0kUUvGJTOIMK8q1Ag5S0HLtTTRzymOSOuVMgrLkbEoiERs3PpyRXzz7EHgyRpZp6nUoeY5BLqe2YD-2p27mhD-6x7q67LjkiOep2L61TQBh_7nA3GGVUOc_JybtAFfol_Xce4uVfPKUsedh-E491NYCN3E4pwTMTVm1ti7tEF8GVc9lqvTU0x5pXy2Gz50gxPLLIkO4AZM6QjoPfitG2KmfabQS_WoTlMr4fPfAY9nsZ7HhgiLikLM-91I_0b7TCDZwqz_4Q3JM4ZufkqRTW7nKMofHV7nUMLmmQRA2q8rCBZp6_pAP8mRxMPys680BEwwdegCuzKc-TAKeCldbbIyCGAC38xz6C4TMsz6JGqWo01G-1ZB5nhZTWCkbLKyMTBGR0bMmaAO5uGsAPrdAp0hgLrzbWCLwBlNdJpsXubk3sfcmr9odynLf3wYpyBV3sjiYrFYXUikEs0JF9c7bxBhxSRONVvN4laJXZMlujyjoVT_3jKbMsHnAWWEaC-b4W9LvgZizq2rLqitkCvL2TEejswbZPu-AT_FRDEg91f39cEJziGedrOuPDrgZg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://en.kinorium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame A52A 41 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABwdLicUcMquKXmblycvD9gkHJGqss7hqgS4hI7J2A5hhUPoAYxWmu_MZ_6cNaBTAei69ZIIdTj2HNUXO2wKZZRVXLHvB8aHidYosRPYF7mFBpCBq1EQosTWDEa3EqWPQXaargJ2DIwjJtGOs4TKOKM1avykvYFq_2l3_cXV8aA1zAC5gt5HTrbEwlLyflupBq6cCnsc8wW5S12Zkjl0p0hlSyDA&cry=1&dbm_d=AKAmf-Dkh7IM-BMZ8XWhOFH6KPB9qzkS9lYeDT_K8F7j_qIIOdSYbcIqbh6c3Rk8TP6LOPPf0HCPQhDozlpaHiFNMPxSW-280YvAE6N9GJHqkpnsv-3b9sOjU6HKaU43ITaiekuKVA0roIyR3TBAMTdef3iadC1zu43HsYjULwUeo1mvsNHeX8R8qbSJr4ZfApKmkozGSQvqzR1o7QgQxCCCZRTYNHuDYStpB8rEO6iQXiMOkI7mfOGr7ZTz7Akv2IObdTCTXHP7G2i_UrjJTDKNgxpj1inpeldoZHrN8vzlCenQgduI1GzcdPfJw_vW-V2S6mhaDLjUizYHGA6PhHAX_rY9-ecowcVqHfZwwjxvDdxYzfM6ZzCgtQdidIBCueGuBhW5fqgDevR9qkWR-Dfr-FVhi6UurIzmXRUqrYIm4S2rAVerr3pvNKFvny9V5AbzGPes2T4Up73i_eWlGGU3Tllhyx_T2InkD15ItPFysr5x7T_AYhZk04tHU5oGGwGvEltfkiSWvixz6Ifd5i0yHh_ZAiA18Umy8marnj0TbraSuzaO0fFVXiAq-79tEgORzIHeBGVdXzLhSsCns9BScqN_KYSOE-kZ0IJUb26ubHcYU8TPFjaoN5RWOWIZKJFv8JOpvsBkxfJVQu1MNFjyfigv8PdjDYa9vgn5Iqs2AGJCTL_30Ca6pPgWgZqRXnq2_LDrVzxkQiFFCxCzDCGz-kafMhbDZbqXFQjdG1xgsWOfnRTqDkYouRzhIJdi3vINqXr116IBFy8KcZ2ZygRYbmMsVndu58DU1rDg_-JOcuA-8oIUafUL4PnfRkaJLZfZWnhZrD5C1J4DLXgbjc2j3xg2uhECuKKp2ZI6PhdexZr4DM_U8LUguiHU9xetNPHLYwRdicCkW8tRekT7LPN5KkpR0LW3np-8pAyC3qmS72vCcBvQCSD1-e3CEucvMyfxpdQ4EcKXyT179hEwjOjP8litYI3zv9ZSinIrcvbu0pLVON-nQlqn-46GiDnyrq66b6l-FXlu5qIWh4s_Xbd_jYTDRckd9dRTYJiuceTRkXQDK8U_XwDimJYwPlylXVCHflanDuFzV4O1uYiXdLRvtaSbKcu3E15rkimvhrP9N-wRAH8MpVCFmdToitSEpWx0T1Lqguu_N9T-CJ-iXOfI2n5APeckJaWGG85x9tEl9D9lyPJ6-mnDXdNWDYeJyQgA1r_B9Ats5l_DXju8J2JQGzpnpx-GNCKg4aoeNsmmXjQiYIK1IKVwr2AstHy_74gJ3Fg--F9olm0X1eVqmyadisxPEKXZIxv9AMeClBl2zAO_7_fVR3qWbpxAiuuxwKGhwqZYkhP0AddeCWwf_hH0ZZQhS9ZjaUWivqbewfKjyPZdz1KZXh_D940pQjqe5eWnP9-hgrkWG0lt41sq_eypd79i0JbZpcRVu7711JUIFvy2CICFTzt3WSwUZqsO0zT59BHAZzq9feZXrUnz5UnUqiczOiJrHSe0Lwt3YuGpHYzaB8x2uoNVPXSenX5venB1R7YOhTwYvi1zi8FXBYx2zZXMQ9Ul8PZFMYJ6ghxxi3uogkVrkJRjzXPR5neHAWTmFpsxswWgTMoq9HR8Y0n5ZToTq9wjIRO9XiURyIcDe86jZFI36j_uSGc07ERsA8uGk5JpRKKyAzKrtkDJW8xthfTMyqD6CoKP4j_6Qq1-yHTNWejYtnoeCnOwbFjFa8NcXb8WJVlDEzcIon0vetmo9kUoGMHvWW7vqpU_rBBw17Dpfcxiw5trsuq27EptbGvPC6rmyjXRGNYPNtImGEti6O6g22LT07H2hJ9qIZPXSFZlP31lKMkFqJFq8u2LBVYJR0QCL3mROsWFK9C2Zof8SfQVqeZExRGBJlAco2lgHAPdJ_Xb8vLhSwHX0_is--ZvSeUywxQJBQ6hYJdFNyt8z4BFe8TrNcq6V22yoNPKtZOjx9DXFInGwQKpKxJru2XOo13C6fJdFde-8OQngDYPYT6Rs8fgHH2IBoZiox2FOHfXthPYFg8VnP_GlLNdAB33S32y9v6qyeLDtarT12MwwKGUytE4AIHZuBYQgCU4G0zGvkM7Z-x6TjWQU51pMqklNDl1vhiBbgGs2ESio9jnuYhVjmiKEaOrs7phse3UK6c5DV5Onwmj92GV7iTYEw6RpQO6eucbVyo80YH5231aGwJLQSeUCs5IYYdfdWP-4DTK7vZHQJ5LNaX1IoTjxCShpUaLiSXdhpgeU5oyGBoYDQLJbQG0cFe0TBS4W5inPUfkZJSRhaexBmO7g-lAuF_dTwGBVwi25vV_xf4lZxyYZCfkqmlA4ucsvZWFVczlgsDBU4VDQJaDHkr0H8-wOlo5Z4u0GnBA2r6RwTZ6FfVh4yMv5XR57YJUaV_UqH9I39k_ICkI3JsYiySL5fDEbJn2nz-lDV0ptngDrgp1A7Nx8YXmvbRlT6A7wt-Q0LgogqipoUkWYuIxPyeQ8KpWhsQGYqMC4oO6uCqwRoReTPE3TZZY-s43CcccFhA9dmCWqPfJ_hJFgJe75-w9IxkdYZPvkBAtYrKVXpbcrp2xOyufdH7b0D5bdJ8eCFQiF7bAgV7-yVnfcLzxWzgGVH3y1-vKtA2ay4PoWOYmQAfptsu9USo69kHfmi5BjbymlvEcwTRUHBLOzkRUj36pW12JmP9klxVL269vBBhZneoDsFsrwem7wRr5ex1n8XPFWbvosZOHnCkv_SM06WzDqkOFrG8pSKcV2fW0zzcrcsvEDshZwly_-oSn2efMlUluHOd4S-vlCZZWiGpjbcITwg3Di2UfEsWT07wZf2GvI2H67R3REWMABZfm1_HntGygmx8t4mbH20rCVpRPD1yjoE2dmBxrTujQEMsyCB7qNjgB-T5gs9LlkcDP1xupbKKR1xtOvlJxlX5vgoVtLPlb70O-Ib7jVjxNNAUjWcOGrdGP9BQKCe94v150N_fZmlZHjMggnmgIWVhYSSgu-BE6n-4ydgVHwWdj7IziuqkqaI0dUaE9xVhUOd5ZXBoaHDUNn5QX3DFwDOFZUbmda9Kp9LLzlKBw8SlYRrbRdCvNy5cpUQLaE4tnybU7SkwyrQVCkp9R7Rr-RyUwnG0yHRIaTnQ_o-DuMJH8Du-zJFij27LS9TBHmcGYKo8G95NkLzq6_CZ01xoK3duNtZ8f_lgTuJF1A1gf5iW6DJDGWxbn_TO3QoXlBP5ecS-FucD7ojgA90wZ1getXuEWUicsMEoQukrJ6BhAmiIaLyg9MLRfxdA2r4xNSKvWx3vdDbsJfz2kZqXebyobsKK-YjBrGEUcmbwRBlwhpRQUAfpkVBemDhx-OsFI-lsPIuqW01nJOor3QDhNS0PpC1fjHD4Ic_NkOKM_uuqO1ra6op0-9m6bVs14sVojOyW7JvTiiH1dY0G_GOX8HIocOl0LVYeL40VyvpkXvyDgcowF_LW82BKH7x6i6p2S9wSnp_s_PVv-uL7JIf0RrBR9qze7p_-afobXZZExibIsndebzcfySqbmSswctxTzT4dOsydJb2B09q9-5B12UUpcPF3wZU3XYQplwTSyyEkoYrdYpacSIDGjzD0b6vs57sflJ4l5vXosxg9DI6Bxhefx-neRTbYCyrHGR3eKlnrHiFiUsxlnd_NZUVam3zS5OeK6Kyle8v17043kAb8nkdJhmYndV3TNZNyKeO8xscUk2wmqjUa3r1xEwuMZd7Yv-HQ-sVTCGwpbfCWxW9KtZDM5wpz8imi-K9MdVxJyfPS664q-C2XeiOb-eWCIed0XMHFrMB9ryln0cufs2Yt5bK8c0hPnVpZ-w8WCUBe_7BEbPtD0M-Fu40M7XbHalDsaPblMYjGj1w&cid=CAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fen.kinorium.com%2F&ds=l&xdt=1&iif=1&cor=2741488787138317300&adk=2923430906&idt=80&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 508164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjU2Njg3MjI5NzI5NQogIHNlcnZlcl9pcDogMTI2MDYzOTM2CiAgcHJvY2Vzc19pZDogMTMyNTU5NTI4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A52A 0
867 B 119ms
59ms Image
image/png 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjU2Njg3MjI5NzI5NQogIHNlcnZlcl9pcDogMTI2MDYzOTM2CiAgcHJvY2Vzc19pZDogMTMyNTU5NTI4OQp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyNzI3MzQzNzkxMzgxNDIyNDgwCmRlYnVnX2tleTogMTc4NTIxNzUyMzk0MDkzNzMyODUKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTE0IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNjA0MTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjk4NgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vYWQtc3J2Lm5ldCIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2tsaWNrLXdlbHQuZGUiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xb70a329dd636f7600000000000000000","13":"0xaffdcaa075ba9e900000000000000000","14":"0x2cdb1bbfb5d28d560000000000000000","15":"0x10610f2ac020985a0000000000000000"},"debug_key":"17852175239409373285","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"2727343791381422480"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK jf2y0amzcvu0 Show response
hal9000.redintelligence.net/zone/ Frame A52A 12 KB
4 KB 83ms
25ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/jf2y0amzcvu0?subid=&gdpr=&gdpr_consent=&rnd=1702566871661864&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6f40be32c71b0d0cf0d8bb8d52144375b93902883e74aed864d011161b1c5578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 15:14:32 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4265
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A6CE 38 KB
13 KB 20ms
20ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 194465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Dec 2023 09:13:27 GMT
expires: Wed, 11 Dec 2024 09:13:27 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CAC4 0
19 B 65ms
65ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CNbSb1xt7ZZXaKIj6igOP_rOgCsme0rFchf6X93DAjbcBEAEgAGCVgoCAmAeCARdjYS1wdWItOTEyODAxMDkyODk5Mzg4NcgBCakCsmcvG2tJsj6oAwHIAwKqBMUBT9DG_RKPSw56GH4FlA15Nuui2iVltZZTa46SsRu4840XAMM7f0vRfhAysYzjAzo6s3pNJhSgQ-dSj8_8xu2drDDUXdk8lK5q3BTzjhrTvoAOy-o6Ll1pON6KrmTmnkYpauAl3xiiBltL3CDwI18hV9Rl-3Bt6SAdgCwfG-0nJinJZhzW2tWOps0sJHO5RcU5XqudNVUhQyunq-2bIxKlCWb9z0yvVU68G-jTDfwGa2OVrPD6YqSazOUArUAVw0kwAUW4cLuABrCan5zrkfS3swGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpYt-_Z7JuPgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItOTEyODAxMDkyODk5Mzg4NRgA&sigh=x9ygqAYc6Zs&uach_m=%5BUACH%5D&cid=CAQSTgAvHhf_JebLcgn1hpPBmVV1i9MlFR-N5bYMrBzf_hGhjJo3yi-zJCJk5Um4crjyqrH8RN76twiC5IjRm0akTRPSvd5uq_wNgKsJc830MRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=200&slotname=4384361045&adk=3477776749&adf=1316994944&pi=t.ma~as.4384361045&w=830&fwrn=4&lmt=1702566871&rafmt=11&format=830x200&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871312&bpp=1&bdt=1627&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=256
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame CAC4 0
126 B 161ms
95ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kLKVEMz6RL4GyAGdg2ICAgAAAGqIneI48lFOENcbe2UfcgPh0TsrpxOYAAASAAAKCkFRVUREd0VCRHc&wp=ZXsb1wAKLRUKYr0IAAz_DwnEY43e4dcD5ZrAgQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:31 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164848
server: Kestrel
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A6CE 39 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 10:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Dec 2024 10:34:36 GMT

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame A52A
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

145ms
98ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e9273a18fc44d79a4431d80a92b099e05aac944d7700381d034ea5c58d445cb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Dec 2023 15:14:32 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 46327500106537404444978012538017
Connection: close
Content-Length: 1353
Expires: Thu, 14 Dec 2023 15:14:32 +0100

Redirect headers

Pragma: no-cache
Date: Thu, 14 Dec 2023 15:14:32 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 14 Dec 2023 15:14:32 +0100

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A6CE 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8tEZ2Bt7Zc-SEsCqjuwPmfWL-AQAAAAAOAHgBAI&bg=!fX6lfjHNAAY3kmNgF5I7ADQBe5WfOIDLESLoRRGoVrvL0TjjjXFIGjsZwSuDLwqrru_5UC-zlzwBPr69VRqgwxZQUuLRAgAAAClSAAAAAWgBB5kDH5PWWaveou82Z80IHDGcyNZ7NnvbvNjEhhXbvGGL74Qn60wLN5d-PoZJIw6baoXitc5s-ZR7eeNUyashhdoYeQB4ws_S0BAtBCBGjAcfneEu1CMmi0c4P6a4c3FybGNXO_WiVw9UDlM1Q_RMYaCLuXUg-cOoMMsLdrEldTP2py4CVPunV9DkLnyTXj3z6Ue2agKhhLR-caGPdnLYsNDju6pKE5S74AWnwYamixOMR7VxmEX9yLrNcuo-laRTiW2fjQUx-OiOftHdeKE9xNVIbQV-BG3PrXGx0nc2CjXcOfY-28NXkbDtDSOIc-18s3vL204_M9EUEe9GYnTVTGnmZ8CXjdTl77BIWtDD6L7OrugRPxufgKqeBant-i7eVJEqquP2DM27WE4O57kULbnmyNu_vAmmEEzv5JRRHPH5R7qspD2PWfahMeF7CFBPth61vtnmeosW9EOrEN_2ofSOHd_vZVbrMos43kJMlsR3dBQ9te2_PLzrGuv9lluQHcS7aWIYI8RdA42FQhn-o9Y7gPeQ-hdcYNkbbvPkY2zkH4Sn_i1Ty1MEcMh25QWUnde-OrVIyI5wn0M_eDgVTrm5oGXX8cWcEzmu2TgRL4Hy0y3c7FNvem0nR4DpNpBQ_XL-IYWjuxs977gI3Ly6OsIUyEIpHkasENoU_GoshrXuli6fiUAWxJJK3OOBamBNba0PsRQ7J3HSwX7lF3zFqcwPi0FIro23n8Rcptz36u7CK7gOjA8hNPIzcnve5FpcAX0aba-x4U-SKGdApkiI62nh847HqgHwHJ-6jf2zSgnOZ2hiXOKiWMmR4QNRl6uR45xSTYReNu-SVsRpyRDoXrY2teK5COk5PHerSk85lJlomTrGnn9JftQii2WhoZ2fJXer_qhWorUor_rIsxjcZEMUlAtqVThzClLt0MbiFc-gdx-dRjEcKQf0SjzXvRmAo-s3g5490EPsmZ3tUfEpkTr3RqzhOsgDJeULQfoMIGjqtQieRrDD1fPXZ1DERGX3bPNto_4FUIooRk3yY5RISlg2bKQclUpxPoQrBc3fRVeWt5A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A2AC 0
327 B 498ms
34ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46327500106537404444978012538017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Thu, 14 Dec 2023 15:14:33 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 / Show response
adv.office-partner.de/ Frame 40FF 930 B
923 B 100ms
23ms Document
text/html 2a0b:4d07:101::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Thu, 14 Dec 2023 15:14:32 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Thu, 21 Dec 2023 15:14:32 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e58733936cdd965d03e75 Show response
pv.medialead.de/trck/epv/ Frame A52A 0
326 B 499ms
35ms Script
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=46327500106537404444978012538017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:33 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 0
proxy-host: pv.medialead.de

GET
H2 200 e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame A52A 43 B
360 B 499ms
35ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=46327500106537404444978012538017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 , France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:33 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103984","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame A52A 43 B
704 B 221ms
98ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=46327500106537404444978012538017&pv=1

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=jf2y0amzcvu0&nw=20&renderingType=javascript&namespace=fa4e58e2d0&subid=&uid=80ea0200395452fa&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7X7G1xt7ZeiyKLXy_tMP_bKEsAmm5b2gab2YnKfJD_AuEAEgiNfglQFglYKAgJgHyAEJqQKyZy8ba0myPqgDAcgDmwSqBOYBT9AEMSsm4X3cgsRma7qfd3uJQlA_ivsIz5R_4XX0g_YTsBC2Ofz-PuF1JzFXE9JDY_MvidJU-oyos-g8Ckca-DKNRlakB52mZR1KugwEYRxWBUQupAjdDsfGhR4eq1qCCgVIV41OYVJpEG-bl8h-1UBHmxweUWUP6ZNiZx5Pinv5lKS5O-CxE1bbqT35NEPHdH4Z1oRqiAqil52d8f1Q92_DoIz_-sEqIuDK6Pe0uOqDLOBtz7qQnqyz95C5qFFZy5nmMUgJq9yF5eUlGRQt6TQ23fNXp3wTw6uDLV99w-F4v0gZixnABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpY2rLZ7JuPgwOACgGYCwHICwGADAGiDBwqGgoY5LSxAu61sQK1uLECrLqxAuS0sQLutbECqg0CREWwE4fvsRXQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_LSY1KCRlNsOSFHdtDM9LXyYp9hNMfM279BF02nHprac8Wg1ip45LthkQjh8kSHT1jlZaHz65Z-583gHpaJwUQsGQJbPfYHnn7WsYAQ%26sig%3DAOD64_2dLDAuvjip6Mxy_H3_lWjtYCwuOA%26client%3Dca-pub-9128010928993885%26dbm_c%3DAKAmf-CNLW9WStjPS5w5Y7xDIfdqOSj3oVlAs8cJ_9qm9HKSEcGOHW1Wxt7YqOTEgBhsGLJZSPA5Ou_SksMozzYoeSbpblU7VGruJb889Yz4vBaA1dUGE8ESK8HJt2DN9GuyjA7ImP0UL6zAJORk2NCiBFnHbo01Gw-0kmhbNLWhFrQx37-YbsWvC457eT9_JvTE86rhAavqquXemTcCoqGtIqdVxWswKQ%26cry%3D1%26dbm_d%3DAKAmf-ADFP1L5d8ecsdNAHNxxssPHgsXX6tL3iOMYBWwmFlnnXxC13ArmgVAVjGgT_fLso-zYFDbz6qrzhGPh-vzq-WrPTYUrtYZNUKUKK56j2ZOpuv7slQzIwF5a9eNaw8Xm9X0Gq7fLU_ZBoz4gOMMHSGj8Epdmf81p6NKKp2Z4HuaxrM8EguJA8TboXuTAdXPsbBCUxLNjH6bGBuSVIYbMkjHe4E1A0dfEBPIcrZQsrbh0PKPWvFkKss3WrDcb7hcLR9gPE0XasJvuezIeaX8TKcGwRbSTgP2y6fV1FiCJeKUeTAit_3FIjgiSeFIRXpqvr8EQ4fbDiX74ocq5Vahr-ULU4RkCyY6mQ7MXBRBOWN2rpc2xHklZ0EAPMZzxMqcGW8yNp-axlYDeho2mtSh1qegHHXtP_PWgrQFflh6rhyfxFvtjpquCkfhZLRKHqOMJIvOW9sxY5r3R_rA0hv-QuTnkbfgZKEv3T6m4M_PFKbYMurBe8-XF7L9afaeaTiUu71AUtsw5F6O3sHdTF0DChNS0N__f0WyiNmvOURMTHF9-iLvg2UlBWGtY7SlLc1GADzuiJSDUZ9k7RqcRB9yUMWqo7FGqA6LU_9C2eL-0BSN_TC7hj4%26adurl%3D&documentReferer=https%3A%2F%2Fen.kinorium.com%2F&ancestorOrigins=https%3A%2F%2Fen.kinorium.com&random=3441118075492&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Dec 2023 15:14:33 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 40FF 175 KB
63 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

893718c202716ac4c3ade4ad48e969748b0357ea6df4f63b96952d7b16cc8b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 64127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 15:14:32 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 40FF 274 KB
91 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37af32e387b48f784019a4a62019c93ee0792778af190e4ac38a9fdaf6e04ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93102
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Dec 2023 15:14:32 GMT

GET
H2 200 / Show response
en.kinorium.com/html/dialogs/authWindow/ 7 KB
1 KB 46ms
45ms XHR
text/html 2a05:d018:a7d:900:c091:205:622e:32c4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://en.kinorium.com/html/dialogs/authWindow/?1699939292en_en

Requested by

Host: static.kinorium.com
URL: https://static.kinorium.com/js/min/vendor.min.js?1699411195

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a05:d018:a7d:900:c091:205:622e:32c4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0ce9b9358e0ec89b6d34c113071cb0af7b344e8de2e1c7e9d881853746090a89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
X-Token-secret: 4db6b4f93bb90fabd643a3e0b7c25901
Referer: https://en.kinorium.com/122304/
X-Requested-With: XMLHttpRequest
X-Token-209e4a5811d6bd45ae20d01adc4b963a: 5c0cef7e5058671560a72936a7423dae
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: cache
date: Thu, 14 Dec 2023 15:14:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: max-age=10
expires: Thu, 21 Dec 2023 18:14:33 +0300

GET
H2 200 link.html Show response
track.webgains.com/ Frame A52A 2 KB
2 KB 180ms
83ms Script
text/html 3.9.151.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=46327500106537404444978012538017&nw=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.151.155 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-151-155.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: f69c9beb4c1fd904202aef813acb402e225500f71a56924eb13ab1f98eb4310a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 15:14:33 GMT
last-modified: Thu, 14 Dec 2023 15:14:33 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Thu, 14 Dec 2023 15:15:33 GMT

GET
H2

200

activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412 Show response
5994599.fls.doubleclick.net/ Frame E748
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412?

391 B
329 B

65ms
64ms

Document
text/html

216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

ec2dd6bd8db715d8c9264e228495bfabc25fdee1928ac4922fe038a3608bb166

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 220
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:33 GMT
expires: Thu, 14 Dec 2023 15:14:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Dec 2023 15:14:33 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 4CD2 7 KB
2 KB 67ms
23ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 9e58b03df3d02471fb77acb6c118906f959bc7b90b2bdbfad36c2509ba089903

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2040
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Dec 2023 15:14:33 GMT
Expires: Thu, 14 Dec 2023 15:14:33 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame A52A 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5baa13233acbe0e75e6219009f1283f83db91cd4c9e5bb17a26673707a696301

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 4CD2 5 KB
1 KB 76ms
28ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 15:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 14:08:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 15:14:33 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4CD2 88 KB
89 KB 73ms
26ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 0c507c819eac71d9795eb65381611ad5f490a915d1b4c8d223055fad2a335966

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 15:14:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4CD2 76 KB
77 KB 72ms
25ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 17be6e99357e6cd36a739c5e61f40c19c833064ed0ad0373219e64570bc2ec28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 15:14:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 4CD2 50 KB
50 KB 77ms
27ms Image
image/png 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=300&height=150&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: c7ac8e0b81e4b67ecd1226d4e48b6305c96c3fbc72f3ba82aaa09151682d22e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 15:14:33 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 51111
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 4CD2 0
150 B 68ms
23ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=46327500106537404444978012538017&a=4d39ee8d&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=46327500106537404444978012538017&a=569994a6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 14 Dec 2023 15:14:33 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 4CD2 14 KB
15 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:12:00 GMT
x-content-type-options: nosniff
age: 252153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Dec 2024 17:12:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 4CD2 15 KB
15 KB 25ms
25ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal900017.redintelligence.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 08:54:05 GMT
x-content-type-options: nosniff
age: 195628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 08:54:05 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame A52A 53 KB
19 KB 124ms
27ms Script
application/javascript 18.65.39.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=46327500106537404444978012538017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-86.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 04:10:31 GMT
content-encoding: gzip
via: 1.1 74511018c757716e70d811d8214e45e0.cloudfront.net (CloudFront)
last-modified: Sat, 09 Dec 2023 12:01:22 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 47743
x-amz-server-side-encryption: AES256
etag: W/"1180a1bfee0aad979766ecd6180b923e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: Dt6MAsz5brE5JEdF_4TEkMD3vXRpZckdndgSj0GSWoWDe4EMrA2rMA==

GET
H2 200 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame A52A 3 KB
3 KB 101ms
27ms Image
image/png 18.239.50.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1702567173&Signature=ogxBMtIiYBaHwhHps38JFGjU~w7qML70sT7~XtLtqIZao-v3YtygHScAt3uT21womlsJQRzcmv-NAJCQkMz4FUJkJ1RoGUzW3WyuE-el1sDI9XazHK6-AUAL27~bEdgsZXTjuwLqq2RDpjbgrl1I4fJiVIIHSrnCKzP99sn~r66ynECxzOZsGZ4CDFBJHcFSCTE9Jo3Sde8JnOTc7NPYFXLiSkI8t~FV05U~zGCoo4DSCPoBVYLUGacqKb0G22xbkNBLLxs0egD9Qvib~GdLot9NPKqAl4XFdqMgp51if0tcI3MpDxojgpu4SWr8y5rSIM7mh8YbVxAGGlDenuvs2A__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=600&slotname=7038444542&adk=1341419124&adf=1273552310&pi=t.ma~as.7038444542&w=300&fwrn=4&fwrnh=100&lmt=1702566871&rafmt=1&format=300x600&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871311&bpp=1&bdt=1627&idt=245&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=210&ady=2576&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7CM%7CpeEbr%7Cp&abl=XS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=249
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-21.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 14 Dec 2023 04:03:47 GMT
via: 1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 40323
etag: "4e57de0506fbdb487ffcd53b450caee1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2808
x-amz-cf-id: TzRry-_t-MJhIJb0ku7HSYiwFuTcLRJ-fysdrJTEp640YJVXf4Dynw==

GET
H2 200 dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412
adservice.google.com/ddm/fls/z/ Frame E748 42 B
401 B 105ms
58ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CKGZye2bj4MDFRNakQUdx0cPhQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=709445767730.4412?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 15:14:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

366 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
en.kinorium.com/	1970-01-21 01:41:42	Name: first_visit Value: 2023-12-14
.kinorium.com/	1970-01-20 16:56:10	Name: autoTheme Value: 1
en.kinorium.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6kkduv667fvo2rh8uh8sv40h0l
.kinorium.com/	1970-01-21 02:32:06	Name: _ga Value: GA1.1.1812531977.1702566870
.kinorium.com/	1970-01-21 01:41:42	Name: hiddenTooltips Value: %5B%5D
en.kinorium.com/	1970-01-20 18:22:30	Name: pixr Value: 1
.kinorium.com/	1969-12-31 23:59:59	Name: session Value: qcghjsgl4bpgp1mru03mnm0ocr
en.kinorium.com/	1970-01-20 17:06:11	Name: broTheme Value:
.kinorium.com/	1970-01-20 17:06:11	Name: time_shift Value: -2
en.kinorium.com/	1970-01-20 16:56:07	Name: 4fi Value: 1
.kinorium.com/	1970-01-21 02:17:42	Name: __gads Value: ID=1d3687ab6618c556:T=1702566871:RT=1702566871:S=ALNI_MZ8e-fffycxA0wWdz1PB43z4eCm5g
.kinorium.com/	1970-01-21 02:17:42	Name: __gpi Value: UID=00000ce5b3ca7065:T=1702566871:RT=1702566871:S=ALNI_MYWflJDG384CxKr9yzo337QuS6qfw
m.exactag.com/	1970-01-20 19:05:42	Name: exactag_new_gk Value: b383edf5cc86463f8080f5502909c661%7C12.02.2024%2015%3A14%3A32
m.exactag.com/	1970-01-20 21:15:18	Name: exactag_new_uk Value: 690fcdaa564946e79a0cd14db28df4dc%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 9e926ea740f343c88e4b4f4f
.adnxs.com/	1970-01-20 19:05:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVHwNl/-!]tbPl1M>e)ZlrFUfJ+tGXxo<^cu`[AO=/rVvrBYKyxl8LZ4L8]5)dcHh]5=3If)y3KL9D3I?+ZmaR)m
.adnxs.com/	1970-01-20 19:05:42	Name: uuid2 Value: 3970011160904849180
.casalemedia.com/	1970-01-20 19:05:42	Name: CMPS Value: 1197
.doubleclick.net/	1970-01-21 02:17:42	Name: IDE Value: AHWqTUm3_ldcE3JNBkYwo0skkPGrQlsV_3oeAVWa9G7eF9ldvHBPgd0eNAL8-8puDko
.doubleclick.net/	1970-01-20 21:15:18	Name: APC Value: AfxxVi40NZGc8lXD7tO-Bf1PpFCcptlTWTDH8q6T22YWhxR9ubNeRw
.doubleclick.net/	1970-01-20 17:39:18	Name: ar_debug Value: 1
.casalemedia.com/	1970-01-21 01:41:42	Name: CMID Value: ZXsb2G.ZU9LW-6WGavM5ugAA
.casalemedia.com/	1970-01-20 19:05:42	Name: CMPRO Value: 5241
.redintelligence.net/	1970-01-20 19:05:42	Name: 8lcfmzhxc8d6_uid Value: a26e9255d7ef9bb0
.office-partner.de/	1970-01-21 02:32:06	Name: source Value: {"webgains_webgains":{"timestamp":1702566872963,"clickCookie":false}}
.awin1.com/	1970-01-20 17:06:11	Name: awpv11601 Value: 113440\|1702566872\|7c3656b0-9a93-11ee-a9f2-22382f104756
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.kinorium.com/	1970-01-21 02:32:06	Name: _ga_5VXCE1FJD6 Value: GS1.1.1702566869.1.0.1702566873.56.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9128010928993885&output=html&h=200&slotname=4384361045&adk=3477776749&adf=1316994944&pi=t.ma~as.4384361045&w=830&fwrn=4&lmt=1702566871&rafmt=11&format=830x200&url=https%3A%2F%2Fen.kinorium.com%2F122304%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702566871312&bpp=1&bdt=1627&idt=253&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=4836837393750&frm=20&pv=1&ga_vid=1812531977.1702566870&ga_sid=1702566872&ga_hid=835888494&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=560&ady=4159&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079979%2C44809531%2C95320378%2C95320885%2C95321229&oid=2&pvsid=2661641986028524&tmod=1981180443&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=2&fsb=1&dtd=256 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
analytics.webgains.io
cat.nl3.eu.criteo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
dsum-sec.casalemedia.com
en-images.kinorium.com
en.kinorium.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900017.redintelligence.net
i.ytimg.com
ib.adnxs.com
imageproxy.eu.criteo.net
images.kinorium.com
m.exactag.com
pagead2.googlesyndication.com
pv.medialead.de
region1.analytics.google.com
rtb.fr3.eu.criteo.com
static.criteo.net
static.kinorium.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
104.18.36.155
104.64.118.247
138.201.63.165
159.69.70.9
172.217.16.194
172.217.23.102
178.250.1.6
18.239.50.21
18.65.39.86
185.89.211.12
2001:4860:4802:32::36
213.202.235.8
216.58.206.38
2600:9000:2090:3000:1:8c83:66c0:93a1
2600:9000:20ab:4a00:10:531f:8a40:93a1
2600:9000:214f:400:a:a5bc:5040:93a1
2606:4700::6811:190e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:4001:831::2016
2a00:1450:400c:c00::9d
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a05:d018:a7d:900:c091:205:622e:32c4
2a0b:4d07:101::1
3.9.151.155
91.121.248.44
0142f160f0f9f10aa9fc8b4b996b9bbf0e482584e2488139c418b3bedd099536
02ace18bbca8956a92cac41c3b901c2990c89fcf25de1c1403117514e4568a07
082e1bb43e41412538d4f1b8dbc4a314df40ad93781bedf591a38f989dfefdad
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c507c819eac71d9795eb65381611ad5f490a915d1b4c8d223055fad2a335966
0ce9b9358e0ec89b6d34c113071cb0af7b344e8de2e1c7e9d881853746090a89
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0fda1a51991aee542908f6383668bb83e36d10cf230de582048cdd75e0d34073
12edd52f07a6146838974db5cf7fad66af4da72c3ce6e15196a4c30e3fd7bf03
17be6e99357e6cd36a739c5e61f40c19c833064ed0ad0373219e64570bc2ec28
18371c2f71b8f8c5352c9f55a0826735f609beca16e26d40bcb711318e712191
1adc9d92889bc20eebbbf26f7b96214f7b0d9e5785cb03857fb022eccc40bdc9
1cb6d3c3f8a8abe4494d58e06becd148ce6cd558cedfb5dc32f2f558865e5c25
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
202b8a8b3028eba18a82f4f4d3935d20c262ae79ed4a5c5ab8b7b9ef4f65b14e
21017baa8fb3324c3b03e620de78a425286cdfc35bff1bc1953af833ce57cef2
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
2394f03e05bb76c28fbfed83a240b284e5cc0ad63be65e5a5d101339f89e7e13
267037fe49ce85195ae3cfe5f7e4039076293f0b6778f6b943130c7940c8335f
2959f73c60a3fdf1f54dc8d3c562f800fd9a73d90b76a4165e08fd931e1ea116
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33131b9c88baaa67b0533cc7390f1f02f03b00bb30ef3855cae16b2cfede048d
34eb47d75ca593868c189a5df27344b50305536934ccd19f2783cb7e9df02dd3
351e9ccfcff02bbec5a229611d57782832e45409f73d7496733966fcc22c749d
353bacdd3c58907d45e2ea06973469dc44a9d416e95f698fdec7606283b5507a
36a7ebcc3a9eebdf6a753d1f944428095535389870d8cae7af48d5903e845e8f
37af32e387b48f784019a4a62019c93ee0792778af190e4ac38a9fdaf6e04ddf
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3c34fb5a0d2ff4fc8028ba43484459ab2aa3373077952d8dee7ddd26c6d20ea4
434e65956e6f9ba685dacaa9946690648b855fe65691905ae52aaec2122b1d7b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4429f12435d0a242eaeda7760995ba4e98d71f452611773e19cd8deab15ccb46
4b32dca558c2a6a54b7dc0c981aaa8f624e662c1af726a60249a33427514b1e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9e7c8a0bfc9270393f8f3e314dcf08dd30a84aede2dc569c9d98515c752aaf
4d8e0be3164481acb1135c2ff98418b3b81a16f96a0c7a9f95f2138fa461bc04
4db8007192949a24b74fc94dc1d3508f5b6518451ccba850bd9f91285d5d7588
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f907499516b0801e55a1202a06a5df6cee4eec6ec858977ff34175d75ab4c07
548679803a40e0ba4797672744797e83ae45be115f9a1cfb6c8ca1e09b055a85
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
578389ed5dc47a2c27287cac6a7b34f04473537133527e5583fb165d41da95cc
57b5513571de95e1ec11197ab2e8843456c99270594d8735fbb1123d09ceed5d
5baa13233acbe0e75e6219009f1283f83db91cd4c9e5bb17a26673707a696301
5de4adcc0b0d0f1f9cd7b89c4db40a96f8a0a4b185cc643e528f6f1312a59a0b
5def959d9364a3ff275790015fba671fa3ae38f76628c0692c3bcc9d3f06cf0a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6320a868c7fd7306d37f87abc74e367bff7026d9edcc092e157d9a3dbc813a91
6a5dcfc2d59b02ed2153b616d609c35098fd652684c0b4e57531331ef9d360fd
6c2ea949820658f514a45b060f1ea1164f3c4f45c82df88f66745910a726eb62
6d489d7315162f2c2434d5c9f32bbd8932127a9a43644f869791a99a9df06d55
6f40be32c71b0d0cf0d8bb8d52144375b93902883e74aed864d011161b1c5578
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7463dae4128428ec6f6ccc862a5b20a5deda84fb3f123434eb0a737807e0cf1c
75699882e6b2f9cd16dad8febfd0eb7e07293ac50d5eddba6b30c62de4b74740
7a72ad863ce362b02a5fe37d95143cc4288af7b4ef8e1323cbdbca7b68013e94
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7cc0e8f5be12a34918a3f9cf9dd335a74684af783bbfdd280239063fc20b1a70
893718c202716ac4c3ade4ad48e969748b0357ea6df4f63b96952d7b16cc8b9a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
901a8d40374a82e48a6a2d56092573de058cd125465a2f231847fe457b2c132a
94def55c3b37c88ab1f26da81ca8a7c7ea07601ec1786f58ff360281a32bc91e
9873f176497118d31099fd34f29a5c2fdceb7dbd3c9dc7797e1be3531db14435
9d1e630203285d2d874fec7badc758d0835f515b42d4f1ba2f3b2d30d9c587a7
9e58b03df3d02471fb77acb6c118906f959bc7b90b2bdbfad36c2509ba089903
9edb3fdbf7ba7ed6993c92cc1052d1ffd0eeb0f6cd43797b5beb65deb2f83b3d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a190f929f08ddf118fa9936ec2efceae9a5d0d11abe786b311903cba51c677d6
a25bc328e32e8641e66360d548e8ce46dc2ed397b78d723d9b8433c562197768
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2fd721b912ccc8f79fb87ec0b9b1fb66fd2bb652923ba959ea154f879357478
a442681cc0509b31738c9c2a91366425732258ad6657356955ac580e968149f8
a4ff5e25f85d0b4f9b3deb4b2ddce93ed5cecb65fdd643b4018bc00b650efe16
a709e1d5ad50a817916030c8c1cdbf3ffd32f8cf0327c94ace6622512ddad542
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad2667dbadca6a0d7dd6ef45a65b9354787762765dbfcff1dcd0346df6f36cb4
aefd8f7e57d11f7b0416d01d9c665ab3848b10af849f35a4d772d58d24d83329
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2838c013485964dd95c878559dfc6b84932e1bc3d58d7e37b32bb63c5e6e222
b6072bb32a0fc19c7a8dcebeedb13fbc04ea4595482e89308a6037424e7ef8ce
b7d5093eb11205e1b6a2329321c14b3c617b9c78b6bc473b7f90362a91ff5015
b7d942927a0d60915afc0ab5dbc4306d1f8250b4ac60f681d0e6ed59f24e9cce
b8745f156898e699b4b6eccbf933ef11afbf43b72ececa1168217a62c6b7bbde
bd9c8d039c49e02157156491ed45e92d76190ae8d5b551fdb48026d9515bf01f
c0dbc3dd01f0bb12546749246b577724240208eafe0a9411809e5af7b72684f6
c274635df442dbacab2c165251c795062da18e02eaea357de7f6c5483eea30ec
c44efa7a986af8b6351c9668f9a1556f95368849ffdae211217db367f0ab8139
c7ac8e0b81e4b67ecd1226d4e48b6305c96c3fbc72f3ba82aaa09151682d22e3
c8c40e9dcd44793b703030bfdfd8f7ea24cc0070651b98b281d46387595ef5b8
c98567e8764a5cbc63f7ec10087d36afcba7f7259e2eb5f7c7fcabcdd4129210
c9e3bdbe8e0bcd9cc8222839b4a06cc9fabd3f043fe5182de51cee21e150fe70
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cc2a92d70ca410b542613d3ff61fcfc55db45b84c5cf232420529bd392582145
cdca23b1f72ef8955a520156e736f653d9fa344d057f139fda9072b974e34635
d38b81d5ec41de2c4e70d9d2b2601f9e809a9ae1c4a84ad7ee5bbe42a3efeffa
d44564bdc6dba996fd900df192cce4141574f60136e7f475430faff41f61eee0
d5512cff3f512c7ea415f25ad15702cd8f6997f9e7d574d38c6d0f3230b9a47a
d7c2ac19da0222f11577612ea5a4d7a15994ec806aa51751f2b50f313984e8d3
dd57535678d7e116b6129c9f9ad25477941faced6c71c31400fe64383a639912
dfb9834d4d5cefa2ea43cabf9c8eea8dac41936601f338b19f74eeb7ccb76e6e
e0076b3be2b4a2e9832bc1ab2bcd60a4648d5f54c4504f2a2fb631be7ee5ee28
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e334ca19f092778f57815a534078daf8e3fce269e56f7ea374ab3a117eee92ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5caee29c63ec907d13d3007b72e0a84649fdeb1fc9564ebbea9e019b23c44a9
e7d517333affbc8c5b30a0ee2b4f0be964796a6a82130a5d05bed88bd4518ccf
e8cb9f99b01af9cafe8c68a57e67095796a5409a3c3e532769233301486eb21d
e8f816b759479cb97282b62d622795e979321d0a986fce428f0a1a20a20f2fa8
e9273a18fc44d79a4431d80a92b099e05aac944d7700381d034ea5c58d445cb7
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec2dd6bd8db715d8c9264e228495bfabc25fdee1928ac4922fe038a3608bb166
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff3d992b335d5a733a153cd414c8de3d6a93c21b45c2c47407ba5f36eda6e1c
f01634856533753ab3e71b2a20ab8ec9ca62b99ef0e4f5bdd5c5eacb3376058e
f096c529d6c0e3d48e801254ac98a69bfddbba56ff8cff2af4059f26b916b4f9
f108a424fda33d712afd5a5a1fb7f570ac890da75e088b29ba673206a053b2ec
f2b7c4399720d9aa1e237eb778f419b01ff48f21f149d958b331ab506d9f8c51
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f69c9beb4c1fd904202aef813acb402e225500f71a56924eb13ab1f98eb4310a
f77bfe61190dcaae65a9bea5929150b1898fd7829bb3e6d96adef57d7cd7a6f9
fa4a2a36f8257a529f5236470a5ff6378b44c1f9eb9a37ef6c4610e016ecae54
fbc6bed540723f219a878e5735ae8cb1c05aa9f7012bf21870cd79e41af25bcd
fecee51c93d69e7b5d299ab1a4127e9c394eda083384420e314ad0e100027603
ff9c534d8448cd26fb0c3076ac8e5b6fcf4d3537e8d4a5249e4bec6d56664582

en.kinorium.com Open in urlscan Pro 2a05:d018:a7d:900:c091:205:622e:32c4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

155 Requests

97 %HTTPS

63 %IPv6

23 Domains

38 Subdomains

39 IPs

9 Countries

2156 kBTransfer

5559 kBSize

28 Cookies

79 Outgoing links

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

en.kinorium.com Open in urlscan Pro
2a05:d018:a7d:900:c091:205:622e:32c4 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

97 %
HTTPS

63 %
IPv6

23
Domains

38
Subdomains

39
IPs

9
Countries

2156 kB
Transfer

5559 kB
Size

28
Cookies

155 HTTP transactions
2 data transactions