Submitted URL: http://app.kultivi.com/
Effective URL: https://app.kultivi.com/
Submission: On December 06 via api from US — Scanned from DE

Summary

This website contacted 29 IPs in 5 countries across 22 domains to perform 57 HTTP transactions. The main IP is 143.204.176.35, located in United States and belongs to AMAZON-02, US. The main domain is app.kultivi.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 9th 2023. Valid for: a year.
This is the only time app.kultivi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification


Live information

Domain & IP information

IP Address AS Autonomous System
1 1 143.204.176.20 16509 (AMAZON-02)
6 143.204.176.35 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.18.83 13335 (CLOUDFLAR...)
1 34.160.152.31 396982 (GOOGLE-CL...)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
1 1 2600:9000:219... 16509 (AMAZON-02)
7 2600:9000:20a... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
2 18.239.69.6 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
3 2a00:1450:400... 15169 (GOOGLE)
4 188.40.60.215 24940 (HETZNER-AS)
1 46.4.94.81 24940 (HETZNER-AS)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20a... 16509 (AMAZON-02)
1 18.193.1.37 16509 (AMAZON-02)
3 52.182.214.99 8075 (MICROSOFT...)
1 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
57 29
Apex Domain
Subdomains
Transfer
8 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 3926
api.cmp.inmobi.com — Cisco Umbrella Rank: 12882
201 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 796
g.clarity.ms — Cisco Umbrella Rank: 49609
c.clarity.ms — Cisco Umbrella Rank: 1377
28 KB
7 google.com
apis.google.com — Cisco Umbrella Rank: 116
accounts.google.com — Cisco Umbrella Rank: 23
region1.analytics.google.com — Cisco Umbrella Rank: 2693
51 KB
7 kultivi.com
app.kultivi.com
856 KB
5 wdgtsrc.com
api.wdgtsrc.com — Cisco Umbrella Rank: 267794
geo.wdgtsrc.com — Cisco Umbrella Rank: 278854
14 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
177 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
115 KB
3 freezingbuilding.com
freezingbuilding.com — Cisco Umbrella Rank: 62596
24 KB
2 sendpulse.com
pop-ups.sendpulse.com — Cisco Umbrella Rank: 305901
108 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
157 KB
2 pub.network
a.pub.network — Cisco Umbrella Rank: 4449
d.pub.network — Cisco Umbrella Rank: 4680
50 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 228
763 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
641 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6765
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
245 B
1 webpushs.com
web.webpushs.com — Cisco Umbrella Rank: 61928
37 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
9 KB
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 602
493 B
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3555
590 B
1 iugu.com
js.iugu.com
5 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
57 22
Domain Requested by
7 cmp.inmobi.com app.kultivi.com
cmp.quantcast.com
cmp.inmobi.com
7 app.kultivi.com 1 redirects app.kultivi.com
web.webpushs.com
4 api.wdgtsrc.com pop-ups.sendpulse.com
4 connect.facebook.net app.kultivi.com
connect.facebook.net
3 g.clarity.ms www.clarity.ms
3 accounts.google.com apis.google.com
app.kultivi.com
www.gstatic.com
3 freezingbuilding.com a.pub.network
freezingbuilding.com
2 c.clarity.ms 1 redirects
2 region1.analytics.google.com www.googletagmanager.com
2 www.clarity.ms www.googletagmanager.com
www.clarity.ms
2 apis.google.com app.kultivi.com
apis.google.com
2 fonts.gstatic.com fonts.googleapis.com
2 pop-ups.sendpulse.com app.kultivi.com
pop-ups.sendpulse.com
2 www.googletagmanager.com app.kultivi.com
www.googletagmanager.com
1 c.bing.com 1 redirects
1 www.gstatic.com accounts.google.com
1 www.facebook.com app.kultivi.com
1 api.cmp.inmobi.com cmp.inmobi.com
1 rules.quantcount.com secure.quantserve.com
1 www.google.de app.kultivi.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 geo.wdgtsrc.com pop-ups.sendpulse.com
1 web.webpushs.com app.kultivi.com
1 secure.quantserve.com www.googletagmanager.com
1 static.adsafeprotected.com app.kultivi.com
1 cmp.quantcast.com 1 redirects
1 d.pub.network app.kultivi.com
1 js.iugu.com app.kultivi.com
1 a.pub.network app.kultivi.com
1 fonts.googleapis.com app.kultivi.com
57 30

This site contains links to these domains. Also see Links.

Domain
kultivi.com
Subject Issuer Validity Valid
*.app.kultivi.com
Amazon RSA 2048 M02
2023-05-09 -
2024-06-06
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-02-26 -
2024-02-25
a year crt.sh
iugu.com
Cloudflare Inc ECC CA-3
2023-04-01 -
2024-03-31
a year crt.sh
d.pub.network
GTS CA 1D4
2023-12-03 -
2024-03-02
3 months crt.sh
freezingbuilding.com
R3
2023-10-14 -
2024-01-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-14 -
2023-12-13
3 months crt.sh
*.sendpulse.com
Amazon RSA 2048 M01
2023-09-26 -
2024-10-24
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-18 -
2024-08-17
a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-08-29 -
2024-08-29
a year crt.sh
quantserve.com
R3
2023-10-28 -
2024-01-26
3 months crt.sh
web.webpushs.com
Sectigo RSA Domain Validation Secure Server CA
2023-01-06 -
2024-01-16
a year crt.sh
accounts.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
api.wdgtsrc.com
Sectigo RSA Domain Validation Secure Server CA
2023-10-04 -
2024-10-04
a year crt.sh
geo.wdgtsrc.com
R3
2023-10-06 -
2024-01-04
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.de
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 2 frames:

Primary Page: https://app.kultivi.com/
Frame ID: 24DA1E32E281C1E65442F3B7B0605681
Requests: 52 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: F7E3F71D646E3C2C5E57EBF6D7FA72AC
Requests: 4 HTTP requests in this frame

Screenshot

Page Title

Kultivi

Page URL History Show full URLs

  1. http://app.kultivi.com/ HTTP 301
    https://app.kultivi.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

57
Requests

96 %
HTTPS

68 %
IPv6

22
Domains

30
Subdomains

29
IPs

5
Countries

1835 kB
Transfer

7146 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://app.kultivi.com/ HTTP 301
    https://app.kultivi.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2 HTTP 301
  • https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
Request Chain 53
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&RedC=c.clarity.ms&MXFR=29A1BF9DAA9D605C1CB2AC42AE9D6E29 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&MUID=116279A05FCB61083C826A7F5E6760C4

57 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
app.kultivi.com/
Redirect Chain
  • http://app.kultivi.com/
  • https://app.kultivi.com/
6 KB
3 KB
Document
General
Full URL
https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a94a6043db65d186a700b25e01af8d5a83eaf3ace2483f12a8bcdb60a288896
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
content-encoding
gzip
content-type
text/html
date
Wed, 06 Dec 2023 14:10:23 GMT
etag
W/"9fb0854ac3b393970ba7dac7651537ff"
last-modified
Wed, 29 Nov 2023 18:53:52 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-id
_jMx569Y5vUO5C-D0o7L_dW0rQnzfsQaWUJ7a1gWZAQD_09y3SuCYw==
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 06 Dec 2023 14:10:22 GMT
Location
https://app.kultivi.com/
Server
CloudFront
Via
1.1 dea72c8cc680525871e08851ad72e26a.cloudfront.net (CloudFront)
X-Amz-Cf-Id
KMrwU0SCloz8IenebvnDS9J9Vc42iqwhUdKnzP1gLl-sfMQRtfq8Og==
X-Amz-Cf-Pop
LHR50-C1
X-Cache
Redirect from cloudfront
css2
fonts.googleapis.com/
16 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800;900&family=Raleway:wght@400;600;700;900&display=swap
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
516b7c6e8e004aef3850fdc4e6ae0face4e655d06c19ff2c5eb4bb492b2b7352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 06 Dec 2023 14:10:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 14:10:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Dec 2023 14:10:22 GMT
pubfig.min.js
a.pub.network/kultivi-com/
121 KB
43 KB
Script
General
Full URL
https://a.pub.network/kultivi-com/pubfig.min.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4049652eac795dbeb600052dd4200e920ec05f13ca346e227f72b420c9612f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:22 GMT
content-encoding
gzip
cf-cache-status
HIT
x-guploader-uploadid
ABPtcPr5csrjU3F5QK8ZbzZGb2OWbWRkJkxD13pvp4DDePANh5yDW9QQMCpLwm81pE6RJ8QMILy-uq387A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Wed, 06 Dec 2023 12:17:43 GMT
server
cloudflare
etag
W/"4562bec30586d5445f3e5e90e4d5fc77"
vary
Accept-Encoding
x-goog-generation
1701865063529759
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=pXnINA==, md5=RWK+wwWG1URfPl6Q5NX8dw==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
123686
cf-ray
83151cab785d1979-FRA
link
<https://d.pub.network/v2/sites/kultivi-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Wed, 06 Dec 2023 14:40:22 GMT
2.13c9dd37.chunk.css
app.kultivi.com/static/css/
2 KB
1 KB
Stylesheet
General
Full URL
https://app.kultivi.com/static/css/2.13c9dd37.chunk.css
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
46ade05b382e569dc90db5d5badd4612a172ae8de7472fbe149d090cd95879e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 18:53:52 GMT
server
AmazonS3
etag
W/"0c14c0cce74a032b1b0f4a9b943ea4a4"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
C0uPL7Qj8Ti8_oFxl0mKMiwnmcNOPpA6TxdeM9lkLr-LAeZTwsTJ-A==
v2
js.iugu.com/
13 KB
5 KB
Script
General
Full URL
https://js.iugu.com/v2
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4720e276506e737f3c89ce42f5ec7080fd787d0b0d160875dca2499e9c176d36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:22 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 22 Aug 2023 21:07:16 GMT
server
cloudflare
age
717236
cf-polished
origSize=12921
etag
W/"64e52384-3279"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
83151cab9b40bbda-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 06 Dec 2023 18:10:22 GMT
2.d74974db.chunk.js
app.kultivi.com/static/js/
2 MB
527 KB
Script
General
Full URL
https://app.kultivi.com/static/js/2.d74974db.chunk.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d202b5dc780020c477955ea8247259db1b4384b31a8a05725b3ca6e7ea0daa7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 18:53:52 GMT
server
AmazonS3
etag
W/"7a9ccad124c45f94499262ee06ffcb8d"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
q1VMP0nu8qdOZ46CC7UKucsnj0b9uv9kiT_LeLlkThTnj7PVPAUH7g==
main.f82a0d85.chunk.js
app.kultivi.com/static/js/
1 MB
262 KB
Script
General
Full URL
https://app.kultivi.com/static/js/main.f82a0d85.chunk.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fed3033d401bb0d8b1d78631a50a3094d2971557eb1968a5709baeeb94a3f99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 18:53:52 GMT
server
AmazonS3
etag
W/"cf884dca233448765781c1722b4a937c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
x-amz-cf-id
VezxLSPsCG0v-eBO-vpaM3b6HpkoPRu9wFtsxqf6rhG22R7aco2zKQ==
configs
d.pub.network/v2/sites/kultivi-com/
54 KB
6 KB
Other
General
Full URL
https://d.pub.network/v2/sites/kultivi-com/configs?env=PROD
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
65e29d9569891269a5360685d48008b93348bfcdb065e4e1446a0fdf6ea89107

Request headers

Referer
https://app.kultivi.com/
Origin
https://app.kultivi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:22 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://app.kultivi.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
81fbb540dde1fadcca39bdaaf511471e289fe6.index.js
freezingbuilding.com/files/
68 KB
24 KB
Script
General
Full URL
https://freezingbuilding.com/files/81fbb540dde1fadcca39bdaaf511471e289fe6.index.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/kultivi-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
796069508903d249dbfd6f30c41aaab1b493181e8fc298d14008f3b1db2f6580
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 06 Dec 2023 14:10:22 GMT
x-datacenter
gce-europe-west1
etag
"9380ad5e72aa56cbd0416f91715b35c52509a6b255a77d8be4a21474d0da20e3"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-50n2
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
choice.js
cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
  • https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
5 KB
2 KB
Script
General
Full URL
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7529ea12833b9e6578ebeab2df87b4629a0bd9561e5f593681e0e2c56af8bfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 20:58:16 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
59
x-amz-server-side-encryption
AES256
etag
W/"f0b9cdd562376d89eff9e035339adffe"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
Gj7SZnhTLx5yZNNw4dhwMTFc3Mfqcx7k0xWBCRAlv0S7tPfBS4lGlg==

Redirect headers

x-amz-website-redirect-location
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
date
Wed, 06 Dec 2023 14:09:24 GMT
via
1.1 666ff4ad81b3b60af3d2241160893ee2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
59
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
0
last-modified
Wed, 15 Nov 2023 20:59:15 GMT
server
AmazonS3
etag
"92adce86be24ca92a7b17ba02abc3690"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location
https://cmp.inmobi.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
n9X6dgWObUrSJML8P5FheKEFV45vLZin6lkmC5RDeASIHjxu2OhliA==
gtm.js
www.googletagmanager.com/
185 KB
66 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W2RZTP9&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ad89729339c9cf2592286109ef69a7c0452bd876edc98056f8d790c587d2a75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67329
x-xss-protection
0
last-modified
Wed, 06 Dec 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 06 Dec 2023 14:10:23 GMT
fbevents.js
connect.facebook.net/en_US/
202 KB
54 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/static/js/2.d74974db.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Dec 2023 14:10:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
a02tB/BWyBndoQRGzYzsLHmbOl04cBE1p1XVwiZAV1dx6eSBU2tI3E9Y5CWURQugngk8rccwBjpYDE11qJdHXQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader.js
pop-ups.sendpulse.com/assets/
3 KB
2 KB
Script
General
Full URL
https://pop-ups.sendpulse.com/assets/loader.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/static/js/main.f82a0d85.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-6.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f228e2c1aa1ace498d7b205ab7cb830a5e7cc247cda5766d5a2c176b867d43d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 11:20:32 GMT
content-encoding
gzip
via
1.1 12d69f39c905d1c9441d392eddc25066.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 11:20:20 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
10192
etag
"f3758da745ee3a85b79dad45b2c1f3de"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1334
x-amz-cf-id
4rNBzOFE2XQm7ghRbl9bsFZ0mnAbJbNbUw61C-ztqnB6a2jT7Zz1LQ==
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/static/js/2.d74974db.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5d37997180f327bfc8cea65c3067e0b5279d1dfe1212bdde18ae583381e73280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 14:10:23 GMT
content-md5
xOl8HboMOEaLByUzvyMrzA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
reporting-endpoints
x-fb-debug
Ubpj8EPmZK3nFFsSL5BmChVYKtz/ugojRz/gw0WIz9DsTJZUJDZP/ISdpUujoIuo/AzbwR7AUM36W/DeRNPYDA==
x-fb-content-md5
8fbbff2dbf4c8b274bdac477d05fc19d
cross-origin-opener-policy
same-origin-allow-popups
etag
"4fb00951df17004a923a7858e54c5bb3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 06 Dec 2023 14:11:27 GMT
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eff8447c8bc4a6035ce81fcd37d52ddb0a4758a014a19c13f9a3ca3ffe881b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
signin_bg.23a0f41c.png
app.kultivi.com/static/media/
59 KB
60 KB
Image
General
Full URL
https://app.kultivi.com/static/media/signin_bg.23a0f41c.png
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17c7ddd920fa3b98480e1f6c0c2ba62941d5706f7730c4436074b1e45cd4edb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
60551
x-xss-protection
1; mode=block
last-modified
Wed, 29 Nov 2023 18:53:52 GMT
server
AmazonS3
etag
"23a0f41c08d6e30619b13bba20c1d0fe"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, s-maxage=2
accept-ranges
bytes
x-amz-cf-id
oMMfZ9AQ-imd515IoEpNQCJfqo9vouTfk5NfyOVk4VluiwZKRBhp5w==
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/
30 KB
30 KB
Font
General
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800;900&family=Raleway:wght@400;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.kultivi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 21:00:30 GMT
x-content-type-options
nosniff
age
407393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 21:00:30 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:wght@400;600;800;900&family=Raleway:wght@400;600;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://app.kultivi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 21:01:37 GMT
x-content-type-options
nosniff
age
580126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:01:37 GMT
api.js
apis.google.com/js/
18 KB
8 KB
Script
General
Full URL
https://apis.google.com/js/api.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/static/js/2.d74974db.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c011384b536d27cc137baaec7d792d8c04645fdde8b27a33026f030f6f2f3eea
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 14:10:23 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7114
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"fe4d94631a6eabb4"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Dec 2023 14:10:23 GMT
skeleton.gif
static.adsafeprotected.com/
43 B
493 B
Image
General
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=8267698_advertisement_
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:6600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 04:12:26 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
11959078
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
-nw6DagXUVJxJ9dPLYeAxgxDsN-TLWW8EcR9Z4ErcdDFNxyA-f8ZVw==
cmp2.js
cmp.inmobi.com/tcfv2/
158 KB
44 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/wZt3yQfgdwnz-/kultivi.com/choice.js?tag_version=V2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 13:40:55 GMT
content-encoding
gzip
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
1768
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 05 Dec 2023 16:54:14 GMT
server
AmazonS3
etag
W/"50f82c7ed55d2acc412a5ede5e7b40f6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
m66AMDP8gBfQcpoE-dgBTXtoj0OFj4_YJdlJVOqfj9x--Tjldy08Uw==
sdk.js
connect.facebook.net/en_US/
302 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=748dbd61d4379e58ed0148b2b7670f7d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5abee2147e36ee05fdb2e80d0c2efd64fa7905f2c8261b9e2b546ee540255e7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://app.kultivi.com/
Origin
https://app.kultivi.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 14:10:23 GMT
content-md5
weWYKq1fae0wZ7N8BtA37g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88292
reporting-endpoints
x-fb-debug
iWidEtYmVtxzaBu6otFEje7UYNV5ExBgQsx9UgITP6Us/pG817+f6lcZKEq98CWRRJcecCOdZ6ja9tfMRRJTAQ==
x-fb-content-md5
c335d62bb2a534bfdece64c7f935b5dc
cross-origin-opener-policy
same-origin-allow-popups
etag
"57d143fd522a0eb1e36363aac464b143"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 11:51:11 GMT
bundle.js.gz
pop-ups.sendpulse.com/
829 KB
107 KB
Script
General
Full URL
https://pop-ups.sendpulse.com/bundle.js.gz
Requested by
Host: pop-ups.sendpulse.com
URL: https://pop-ups.sendpulse.com/assets/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-6.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1ac0f51bcc2e0b043de8ba2266ee74a76166a2847f2b289918ea7624c8d3ff3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 11:20:31 GMT
content-encoding
gzip
via
1.1 12d69f39c905d1c9441d392eddc25066.cloudfront.net (CloudFront)
last-modified
Wed, 06 Dec 2023 11:20:19 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P4
age
10193
etag
"2fca1366f56003b61bbca5136edda35d"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
108607
x-amz-cf-id
z3ChnVVN6fGuc2IAi6NU0Rn7dGPwwNekC4qCTohupmiwn1sLd9yKWA==
cmp-list.json
cmp.inmobi.com/GVL-v2/
11 KB
3 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/cmp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:00:45 GMT
content-encoding
br
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
40179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 03:00:42 GMT
server
AmazonS3
etag
W/"c9e2a174394f72cf493706a018656fc5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
7GWhlmNn0NBddRRUusJfrLM3ODTiQ58jWutlCiw0ZY1JFlDkkK5MlA==
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/
119 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a251bcf90febe4190636c35ab590607d35c97d146f34e15d4820678b9ad1cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 19:33:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153411
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40776
x-xss-protection
0
last-modified
Wed, 08 Nov 2023 22:37:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Dec 2024 19:33:32 GMT
1607552665949790
connect.facebook.net/signals/config/
133 KB
35 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1607552665949790?v=2.9.138&r=stable&domain=app.kultivi.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3205b05ec73c52376d9b694cf412db46cd02059e3b3e0b635cf4a86094a31de4
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 06 Dec 2023 14:10:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
KsUQtJZJRnj9cjrDawNnY4qEZErkPaNpIa8nInbS8k0Kaa3ugpiQrk8RbHkuAdSdpNag312xNPaAVe9uO8ADIQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
282 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XQ2DB82S6L&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2RZTP9&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6d038cce8f6a50a96151c43f0b02600078620b269b22be8f903279c9276f6193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 06 Dec 2023 14:10:23 GMT
b9c8lrwcno
www.clarity.ms/tag/
650 B
1013 B
Script
General
Full URL
https://www.clarity.ms/tag/b9c8lrwcno?ref=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2RZTP9&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
866640194329e727d05676cd76d08d6ad435b60485b6e98a85ee82a542285d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires
-1
date
Wed, 06 Dec 2023 14:10:23 GMT
x-azure-ref
20231206T141023Z-w6331gza0956rch6muzgmabhq000000000ag000000016986
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
quant.js
secure.quantserve.com/
21 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W2RZTP9&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 13 Dec 2023 14:10:23 GMT
6fc0ba4dd7ff1750dae4c1f425cdf985_1.js
web.webpushs.com/js/push/
116 KB
37 KB
Script
General
Full URL
https://web.webpushs.com/js/push/6fc0ba4dd7ff1750dae4c1f425cdf985_1.js
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8f8e0da5aae9b002665d1d3c7f24758cae9e3cc34332ccffa2b89b07612fb7bb
Security Headers
Name Value
Content-Security-Policy default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Wed, 06 Dec 2023 14:10:23 GMT
content-security-policy
default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 data.sendpulse.com *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 wss://ws.binotel.com:9002 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng sendpul.se *.sendpul.se trckln.com *.loginsrc.com *.routee.net *.routee.net:444 *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com revisionme.pages.dev *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com s3.eu-central-1.amazonaws.com *.googleoptimize.com *.privatbank.ua *.cardinalcommerce.com viacep.com.br *.wdgtsrc.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
x-content-type-options
nosniff
content-encoding
gzip
x-77-cache
HIT
x-accel-date
1701559483
x-xss-protection
1; mode=block
x-77-nzt
EggBw7WvDgFBDAHUZjicAfcUxAQA
x-accel-expires
@1702164283
x-77-age
312340
x-cache-lb
MISS
x-sp-ma
sp-ma-1
last-modified
Sat, 02 Sep 2023 01:37:43 GMT
server
CDN77-Turbo
etag
W/"1d103-6045652cfc2b0"
x-77-nzt-ray
90833930233feb4ccf807065c98faa15
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,User-Agent
content-type
application/javascript
access-control-allow-origin
*
x-sp-pr
lpr-01
cache-control
max-age=604800
expires
Sat, 25 Nov 2023 23:11:53 GMT
iframe
accounts.google.com/o/oauth2/ Frame F7E3
287 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c883d43a63b2063d78ddc25a931f296abf038f7277438fcdc34dd7e4633f1be3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-n21kozFrtCfiY6cPlWrL1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.kultivi.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-n21kozFrtCfiY6cPlWrL1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 14:10:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
schema
api.wdgtsrc.com/ Frame
0
0
Preflight
General
Full URL
https://api.wdgtsrc.com/schema
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.60.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.60.40.188.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.kultivi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Authorization, X-Requested-With
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
access-control-allow-origin
*
date
Wed, 06 Dec 2023 14:10:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-sp-pr
lpr-06
/
geo.wdgtsrc.com/
189 B
322 B
Fetch
General
Full URL
https://geo.wdgtsrc.com/
Requested by
Host: pop-ups.sendpulse.com
URL: https://pop-ups.sendpulse.com/bundle.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.4.94.81 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.81.94.4.46.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
024cb62619bb2103edc2b3925d85f533356e4c64987fda400c8158f5378ce25c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 14:10:23 GMT
cache-control
no-cache
server
nginx/1.18.0 (Ubuntu)
content-length
189
content-type
application/json; charset=utf-8
schema
api.wdgtsrc.com/
298 B
1 KB
Fetch
General
Full URL
https://api.wdgtsrc.com/schema
Requested by
Host: pop-ups.sendpulse.com
URL: https://pop-ups.sendpulse.com/bundle.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.60.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.60.40.188.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c5b7201894998a1e23bbaa213579e9fd84a43ea48b7aef07d876b8c9a8443619
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
record-type
application/json; charset=utf-8
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-permitted-cross-domain-policies
none
content-length
298
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
nginx/1.18.0 (Ubuntu)
x-download-options
noopen
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-sp-pr
lpr-06
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-frame-options
sameorigin
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Authorization, X-Requested-With
cmp2ui-pt.js
cmp.inmobi.com/tcfv2/50/
298 KB
70 KB
Script
General
Full URL
https://cmp.inmobi.com/tcfv2/50/cmp2ui-pt.js
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1158339e6af32413ffc7d026d23b9df2429866f5eeb6d3b9e5c5c0583097e21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 16:54:26 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
76558
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Tue, 05 Dec 2023 16:54:06 GMT
server
AmazonS3
etag
W/"766a16c8dccfa3745b31d64da01e0501"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
__kZ03U6_kum6AifJy7zQMqnKhlQaPYsozpmG2RLr88N_YJi42A3bA==
vendor-list-trimmed-v1.json
cmp.inmobi.com/GVL-v2/
360 KB
48 KB
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 01:49:22 GMT
content-encoding
gzip
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
45014
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 30 Nov 2023 23:59:20 GMT
server
AmazonS3
etag
W/"e2bcee663677e0a88f6ed90c9cd0c496"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
-R6bZ5JlcEvnAu_-Ude4Oq3nDJH5J3vO-Gg-NOclGxTvq2Hvekg9Jg==
google-atp-list.json
cmp.inmobi.com/tcfv2/
142 KB
33 KB
XHR
General
Full URL
https://cmp.inmobi.com/tcfv2/google-atp-list.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c355b57d04caab89797b1b07bfdd2132e8042c47ce6b1fc17163992d1cbc3b47

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 03:00:27 GMT
content-encoding
br
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
40197
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 06 Dec 2023 03:00:25 GMT
server
AmazonS3
etag
W/"3aa73b76b719dedbb072ac1cec2d246b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
5Y_VNGEVGcYnC_vOSxD6s2pYiaOLhX-MlWfFYsXDaL3BnMEZi0J5Lg==
collect
region1.analytics.google.com/g/
0
254 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XQ2DB82S6L&gtm=45je3bt0v870373440z8843389030&_p=1701871823069&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1209674326.1701871823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701871823&sct=1&seg=0&dl=https%3A%2F%2Fapp.kultivi.com%2F&dt=Kultivi&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1218
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQ2DB82S6L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.kultivi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
245 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XQ2DB82S6L&cid=1209674326.1701871823&gtm=45je3bt0v870373440z8843389030&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQ2DB82S6L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.kultivi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XQ2DB82S6L&cid=1209674326.1701871823&gtm=45je3bt0v870373440z8843389030&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=171358301
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
purposes-pt-pt.json
cmp.inmobi.com/GVL-v2/
243 B
651 B
XHR
General
Full URL
https://cmp.inmobi.com/GVL-v2/purposes-pt-pt.json
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=kultivi.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:ce00:1b:cadc:ef40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
10b1e69c1990cadb459b405739a8a4ca7a58d74366741e66dbde6d292bb82fac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:22 GMT
via
1.1 e71625290a8b18b90edbfcbc81303596.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
AMS58-P2
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/xml
access-control-allow-origin
*
x-cache
Error from cloudfront
cache-control
max-age=900
access-control-allow-credentials
true
vary
Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
R5pazF8hpRIxKuhFl1RuOqA_SiHDJxcrWlU9VIni6D6IFEXA_95pmQ==
rules-p-xrAManWTrSEJA.js
rules.quantcount.com/
160 B
641 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-xrAManWTrSEJA.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ab:9600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9ace1ca0d9e907369de92ff0b80228754bb5175e64e8d3b9bcb5375f903984fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 13:54:52 GMT
via
1.1 af1da25c2dddf71cac076999aa9861e6.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P3
age
932
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:51:43 GMT
server
AmazonS3
etag
"861231b6fec9995ec76113104940caf1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
NxRZGDFcDgByAv9wss-rUbuCEFD1ojxv_-kK4nmE4qn4dtZmPe5nPg==
/
api.cmp.inmobi.com/
2 B
101 B
XHR
General
Full URL
https://api.cmp.inmobi.com/?log=%7B%22accountId%22%3A%22wZt3yQfgdwnz-%22%2C%22domain%22%3A%22app.kultivi.com%22%2C%22publisher%22%3A%22kultivi.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.50%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%221dWiBENENRzBHTUONnSbNg%22%2C%22tagVersion%22%3A%22V2%22%2C%22gvlVersion%22%3A2%2C%22clientTimestamp%22%3A1701871823425%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-72zvmwlalfl8541ehobz%22%7D
Requested by
Host: cmp.inmobi.com
URL: https://cmp.inmobi.com/tcfv2/50/cmp2ui-pt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.193.1.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-1-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 06 Dec 2023 14:10:23 GMT
content-length
2
content-type
text/plain; charset=utf-8
schema
api.wdgtsrc.com/ Frame
0
0
Preflight
General
Full URL
https://api.wdgtsrc.com/schema
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.60.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.60.40.188.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://app.kultivi.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Authorization, X-Requested-With
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
access-control-allow-origin
*
date
Wed, 06 Dec 2023 14:10:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-sp-pr
lpr-06
schema
api.wdgtsrc.com/
56 KB
12 KB
Fetch
General
Full URL
https://api.wdgtsrc.com/schema
Requested by
Host: pop-ups.sendpulse.com
URL: https://pop-ups.sendpulse.com/bundle.js.gz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.60.215 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.215.60.40.188.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
78bba6f2b0af341cfdfa1da46bdfb94f85b4d3a672643cba0fac47d54ba27fdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
content-type
application/json

Response headers

date
Wed, 06 Dec 2023 14:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
record-type
application/json; charset=utf-8
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
nginx/1.18.0 (Ubuntu)
x-download-options
noopen
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, OPTIONS, DELETE
content-type
application/json
access-control-allow-origin
*
x-sp-pr
lpr-06
cache-control
no-cache, private
access-control-allow-credentials
true
permissions-policy
accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-frame-options
sameorigin
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Access-Control-Allow-Origin, Authorization, X-Requested-With
clarity.js
www.clarity.ms/s/0.7.20/
60 KB
25 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/b9c8lrwcno?ref=gtm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:23 GMT
content-encoding
br
last-modified
Mon, 04 Dec 2023 12:08:18 GMT
etag
W/"0x8DBF4C1B3818466"
vary
Accept-Encoding
x-azure-ref
20231206T141023Z-w6331gza0956rch6muzgmabhq000000000ag000000016991
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
a83e7593-d01e-0008-28ad-2634d4000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
d55c6d259e2bff8e8063c87ce8781a27e7b6689579e9ffaf
freezingbuilding.com/u/c42a5d/
303 B
330 B
Fetch
General
Full URL
https://freezingbuilding.com/u/c42a5d/d55c6d259e2bff8e8063c87ce8781a27e7b6689579e9ffaf
Requested by
Host: freezingbuilding.com
URL: https://freezingbuilding.com/files/81fbb540dde1fadcca39bdaaf511471e289fe6.index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
261c64e614a2f6a92d8e9e88de3d22cb579966f5483330671b3b5335d5641013
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 06 Dec 2023 14:10:23 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
303
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.kultivi.com
x-hostname
fen-hoothoot-europe-west1-spot-50n2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 06 Dec 2023 14:10:22 GMT
37f9650aa5587c3bf612927403e7216d518b8e28e73995ee
freezingbuilding.com/af8f91/
3 B
29 B
Fetch
General
Full URL
https://freezingbuilding.com/af8f91/37f9650aa5587c3bf612927403e7216d518b8e28e73995ee
Requested by
Host: freezingbuilding.com
URL: https://freezingbuilding.com/files/81fbb540dde1fadcca39bdaaf511471e289fe6.index.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7ec2::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 06 Dec 2023 14:10:23 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.kultivi.com
x-hostname
fen-hoothoot-europe-west1-spot-50n2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 06 Dec 2023 14:10:22 GMT
collect
g.clarity.ms/
0
295 B
XHR
General
Full URL
https://g.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.kultivi.com
Date
Wed, 06 Dec 2023 14:10:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
collect
g.clarity.ms/
0
295 B
XHR
General
Full URL
https://g.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.kultivi.com
Date
Wed, 06 Dec 2023 14:10:24 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1607552665949790&ev=PageView&dl=https%3A%2F%2Fapp.kultivi.com%2F&rl=&if=false&ts=1701871825914&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701871825913.1834139759&ler=empty&it=1701871823272&coo=false&rqm=GET
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 06 Dec 2023 14:10:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame F7E3
2 KB
911 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: app.kultivi.com
URL: https://app.kultivi.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e23823a2ebe5384867c63e3cce11225ac1a82dccfd6f48e4a2fccd7b542ccd8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/ Frame F7E3
108 KB
37 KB
Script
General
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d4da1eea9ea9ff9425fbee63e8653ea158724762a5a929dd538360c18419827b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 04:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119869
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37671
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 05:45:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Dec 2024 04:52:37 GMT
sp-push-worker-fb.js
app.kultivi.com/
6 KB
2 KB
XHR
General
Full URL
https://app.kultivi.com/sp-push-worker-fb.js
Requested by
Host: web.webpushs.com
URL: https://web.webpushs.com/js/push/6fc0ba4dd7ff1750dae4c1f425cdf985_1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.176.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-176-35.lhr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a94a6043db65d186a700b25e01af8d5a83eaf3ace2483f12a8bcdb60a288896

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 14:10:25 GMT
content-encoding
gzip
via
1.1 ad36d996c1f3caece74d54a2883d32dc.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
LHR50-C1
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
text/html
x-amz-cf-id
HqgfHrfhdIBBWrvQ6bMswH_5Xc4M-FOHvm1BqnXsRAtuXid2HfplHA==
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&RedC=c.clarity.ms&MXFR=29A1BF9DAA9D605C1CB2AC42AE9D6E29
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&MUID=116279A05FCB61083C826A7F5E6760C4
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&MUID=116279A05FCB61083C826A7F5E6760C4
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:26 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:26 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3F0BD1BA23364173BAC157B8820DABE6 Ref B: FRA31EDGE0808 Ref C: 2023-12-06T14:10:26Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=983CD0C7B3174953BE1BEE750E37EBB1&MUID=116279A05FCB61083C826A7F5E6760C4
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
iframerpc
accounts.google.com/o/oauth2/ Frame F7E3
49 B
94 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fapp.kultivi.com&client_id=463481260805-jm9036rblso0ihef8hcsknsbaf61ub7f.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.GibWXf1ccZk.es5.O/am=AAM/d=1/rs=AOaEmlELNz8Ln8fkOeHiVrSU09czQipdHA/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-_JInDzhegJHGeyRY7B_4Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-_JInDzhegJHGeyRY7B_4Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
x-content-type-options
nosniff
date
Wed, 06 Dec 2023 13:58:22 GMT
content-encoding
gzip
age
724
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Origin
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 06 Dec 2023 14:58:22 GMT
collect
g.clarity.ms/
0
295 B
XHR
General
Full URL
https://g.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://app.kultivi.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://app.kultivi.com
Date
Wed, 06 Dec 2023 14:10:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
collect
region1.analytics.google.com/g/
0
54 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XQ2DB82S6L&gtm=45je3bt0v870373440&_p=1701871823069&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&tcfd=10001&cid=1209674326.1701871823&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701871823&sct=1&seg=0&dl=https%3A%2F%2Fapp.kultivi.com%2F&dt=Kultivi&en=scroll&epn.percent_scrolled=90&_et=4&tfd=6226
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XQ2DB82S6L&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app.kultivi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Dec 2023 14:10:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://app.kultivi.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture function| isMobile object| freestar function| admiral object| googletag object| Iugu function| dispatchOnLoad function| hasOwnProperty function| generateGUID function| readwrite_db function| readwrite_local function| readwrite_index function| readwrite_session function| readwrite_global function| readwrite_cookie function| readwrite_getFromStr object| cards object| utils object| webpackJsonpfrontmaterial function| __tcfapi function| __uspapi object| fsCmpInitMessage function| 4dm1r11545242527 number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime object| CKEDITOR_TRANSLATIONS string| CKEDITOR_VERSION object| dataLayer function| fbq function| _fbq function| fbAsyncInit object| FB function| _typeof function| ownKeys function| _objectSpread function| _defineProperty function| _toPropertyKey function| _toPrimitive object| spPopupsLoadedEvent function| createScriptElement function| insert function| scriptSrc object| sp function| __tcfapiui object| gapi object| ___jsl object| google_tag_manager object| google_tag_data function| clarity object| _qevents object| head object| script object| _F_toggles object| osapi object| app object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal function| quantserve function| __qc object| ezt object| _qoptions object| oSpPOptions function| oPromptPush object| oSpP object| core object| firebase function| UAParser

24 Cookies

Domain/Path Name / Value
.pub.network/ Name: _fsuid
Value: 7ac6ed12-299b-41dd-8e7c-43512703e592
.google.com/ Name: NID
Value: 511=ZJmMI4HH_kmObRykNLbyjXyAfeCZRjTqRA82WdIedwKqLsKIMi5CoDPMTZZU1ti6I54jOdgFQiSdPAI37rrkuRfpc6OHwvoIg8qNczP0Blpf68eYsG93kOTg-iD5AMB2m3WS2em0NZrLHcMDIzW0bi3PWDhf9VMB6NfxBUti11Q
.app.kultivi.com/ Name: G_ENABLED_IDPS
Value: google
.app.kultivi.com/ Name: sbjs_migrations
Value: 1418474375998%3D1
.app.kultivi.com/ Name: sbjs_current_add
Value: fd%3D2023-12-06%2015%3A10%3A23%7C%7C%7Cep%3Dhttps%3A%2F%2Fapp.kultivi.com%2F%7C%7C%7Crf%3D%28none%29
.app.kultivi.com/ Name: sbjs_first_add
Value: fd%3D2023-12-06%2015%3A10%3A23%7C%7C%7Cep%3Dhttps%3A%2F%2Fapp.kultivi.com%2F%7C%7C%7Crf%3D%28none%29
.app.kultivi.com/ Name: sbjs_current
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.app.kultivi.com/ Name: sbjs_first
Value: typ%3Dtypein%7C%7C%7Csrc%3D%28direct%29%7C%7C%7Cmdm%3D%28none%29%7C%7C%7Ccmp%3D%28none%29%7C%7C%7Ccnt%3D%28none%29%7C%7C%7Ctrm%3D%28none%29
.app.kultivi.com/ Name: sbjs_udata
Value: vst%3D1%7C%7C%7Cuip%3D%28none%29%7C%7C%7Cuag%3DMozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.199%20Safari%2F537.36
.app.kultivi.com/ Name: sbjs_session
Value: pgs%3D1%7C%7C%7Ccpg%3Dhttps%3A%2F%2Fapp.kultivi.com%2F
.kultivi.com/ Name: _ga
Value: GA1.1.1209674326.1701871823
.kultivi.com/ Name: _ga_XQ2DB82S6L
Value: GS1.1.1701871823.1.0.1701871823.60.0.0
www.clarity.ms/ Name: CLID
Value: 6839ab7a17e140bb9a96fa6ebecd9ba4.20231206.20241205
.kultivi.com/ Name: _clck
Value: j2hd7r%7C2%7Cfhb%7C0%7C1435
.app.kultivi.com/ Name: _awl
Value: 3.1701871823.5-24bcb2c7093b424d53e9b9e1a97d4f68-6763652d6575726f70652d7765737431-0
.kultivi.com/ Name: _clsk
Value: 10gloai%7C1701871824414%7C1%7C1%7Cg.clarity.ms%2Fcollect
.kultivi.com/ Name: _fbp
Value: fb.1.1701871825913.1834139759
.bing.com/ Name: MUID
Value: 116279A05FCB61083C826A7F5E6760C4
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 116279A05FCB61083C826A7F5E6760C4
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 116279A05FCB61083C826A7F5E6760C4
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

5 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.XSQ9KzmFQfs.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-9vp1YmI2-b8fDK9wsefeYrUiI8Q/cb=gapi.loaded_0?le=scs(Line 186)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cmp.inmobi.com/GVL-v2/purposes-pt-pt.json
Message:
Failed to load resource: the server responded with a status of 403 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://app.kultivi.com/sp-push-worker-fb.js
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
accounts.google.com
api.cmp.inmobi.com
api.wdgtsrc.com
apis.google.com
app.kultivi.com
c.bing.com
c.clarity.ms
cmp.inmobi.com
cmp.quantcast.com
connect.facebook.net
d.pub.network
fonts.googleapis.com
fonts.gstatic.com
freezingbuilding.com
g.clarity.ms
geo.wdgtsrc.com
js.iugu.com
pop-ups.sendpulse.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
static.adsafeprotected.com
stats.g.doubleclick.net
web.webpushs.com
www.clarity.ms
www.facebook.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.18.18.83
143.204.176.20
143.204.176.35
18.193.1.37
18.239.69.6
188.40.60.215
2001:4860:4802:34::36
2600:1901:0:7ec2::1
2600:9000:20a0:ce00:1b:cadc:ef40:93a1
2600:9000:20ab:9600:6:44e3:f8c0:93a1
2600:9000:2190:3200:9:46dc:4700:93a1
2600:9000:2190:6600:8:48e:53c0:93a1
2606:4700::6812:14ce
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a00:1450:400c:c09::54
2a02:6ea0:c700::10
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.160.152.31
46.4.94.81
52.182.214.99
68.219.88.97
024cb62619bb2103edc2b3925d85f533356e4c64987fda400c8158f5378ce25c
10b1e69c1990cadb459b405739a8a4ca7a58d74366741e66dbde6d292bb82fac
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
17c7ddd920fa3b98480e1f6c0c2ba62941d5706f7730c4436074b1e45cd4edb1
261c64e614a2f6a92d8e9e88de3d22cb579966f5483330671b3b5335d5641013
2a251bcf90febe4190636c35ab590607d35c97d146f34e15d4820678b9ad1cc3
3205b05ec73c52376d9b694cf412db46cd02059e3b3e0b635cf4a86094a31de4
3a94a6043db65d186a700b25e01af8d5a83eaf3ace2483f12a8bcdb60a288896
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
46ade05b382e569dc90db5d5badd4612a172ae8de7472fbe149d090cd95879e1
4720e276506e737f3c89ce42f5ec7080fd787d0b0d160875dca2499e9c176d36
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
4b4049652eac795dbeb600052dd4200e920ec05f13ca346e227f72b420c9612f
4e84df5c3072a47db21020cfdd0daa84c31e314ca97cb9782e5ecca1011144c4
516b7c6e8e004aef3850fdc4e6ae0face4e655d06c19ff2c5eb4bb492b2b7352
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5abee2147e36ee05fdb2e80d0c2efd64fa7905f2c8261b9e2b546ee540255e7d
5d37997180f327bfc8cea65c3067e0b5279d1dfe1212bdde18ae583381e73280
65e29d9569891269a5360685d48008b93348bfcdb065e4e1446a0fdf6ea89107
6c31b1c28a5c2eb512c04004dc1f3961a4a4e72f1faeda9cc1f18f5718c486bc
6d038cce8f6a50a96151c43f0b02600078620b269b22be8f903279c9276f6193
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
78bba6f2b0af341cfdfa1da46bdfb94f85b4d3a672643cba0fac47d54ba27fdb
796069508903d249dbfd6f30c41aaab1b493181e8fc298d14008f3b1db2f6580
866640194329e727d05676cd76d08d6ad435b60485b6e98a85ee82a542285d21
8ad89729339c9cf2592286109ef69a7c0452bd876edc98056f8d790c587d2a75
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
8f8e0da5aae9b002665d1d3c7f24758cae9e3cc34332ccffa2b89b07612fb7bb
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ace1ca0d9e907369de92ff0b80228754bb5175e64e8d3b9bcb5375f903984fd
9fed3033d401bb0d8b1d78631a50a3094d2971557eb1968a5709baeeb94a3f99
b4ccfefd002e8a40c5098e4f0d4327d5d55f7d8b6eb80cb52a5bbd190e772f33
c011384b536d27cc137baaec7d792d8c04645fdde8b27a33026f030f6f2f3eea
c1158339e6af32413ffc7d026d23b9df2429866f5eeb6d3b9e5c5c0583097e21
c355b57d04caab89797b1b07bfdd2132e8042c47ce6b1fc17163992d1cbc3b47
c5b7201894998a1e23bbaa213579e9fd84a43ea48b7aef07d876b8c9a8443619
c7529ea12833b9e6578ebeab2df87b4629a0bd9561e5f593681e0e2c56af8bfe
c883d43a63b2063d78ddc25a931f296abf038f7277438fcdc34dd7e4633f1be3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d1ac0f51bcc2e0b043de8ba2266ee74a76166a2847f2b289918ea7624c8d3ff3
d202b5dc780020c477955ea8247259db1b4384b31a8a05725b3ca6e7ea0daa7c
d4da1eea9ea9ff9425fbee63e8653ea158724762a5a929dd538360c18419827b
e23823a2ebe5384867c63e3cce11225ac1a82dccfd6f48e4a2fccd7b542ccd8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff8447c8bc4a6035ce81fcd37d52ddb0a4758a014a19c13f9a3ca3ffe881b96
f228e2c1aa1ace498d7b205ab7cb830a5e7cc247cda5766d5a2c176b867d43d7