www.kinopolis-workoffice.com Open in urlscan Pro
2606:4700:3035::ac43:bffd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kinopolis-workoffice.com/
Effective URL:
https://www.kinopolis-workoffice.com/
Submission: On December 03 via manual (December 3rd 2024, 2:44:50 pm UTC) from DE — Scanned from CA

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2606:4700:3035::ac43:bffd, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kinopolis-workoffice.com.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.

This is the only time www.kinopolis-workoffice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:303... 2606:4700:3035::ac43:bffd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4004:c0b::8b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2606:4700:303... 2606:4700:3035::6815:1452	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4004:c08::54	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::6815:8ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	6

14 2606:4700:3035::ac43:bffd (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.kinopolis-workoffice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c0b::8b (Washington, United States)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3035::6815:1452 (United States)

ASN13335 (CLOUDFLARENET, US)

579539658561d4af.kinopolis-workoffice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::54 (Washington, United States)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:8ba (United States)

ASN13335 (CLOUDFLARENET, US)

storage.ali123.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	kinopolis-workoffice.com 1 redirects www.kinopolis-workoffice.com 579539658561d4af.kinopolis-workoffice.com	799 KB
4	google.com apis.google.com — Cisco Umbrella Rank: 121 accounts.google.com — Cisco Umbrella Rank: 17	113 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	ali123.co storage.ali123.co	563 KB
26	4

	Domain	Requested by
14	www.kinopolis-workoffice.com	1 redirects www.kinopolis-workoffice.com
6	579539658561d4af.kinopolis-workoffice.com	www.kinopolis-workoffice.com
3	apis.google.com	www.kinopolis-workoffice.com apis.google.com
2	connect.facebook.net	www.kinopolis-workoffice.com connect.facebook.net
1	storage.ali123.co
1	accounts.google.com	apis.google.com
26	6

This site contains no links.

Subject Issuer	Validity	Valid
kinopolis-workoffice.com WE1	`2024-11-18` - `2025-02-16`	3 months	crt.sh
*.apis.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-11` - `2024-12-10`	3 months	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
accounts.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ali123.co WE1	`2024-10-15` - `2025-01-13`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://www.kinopolis-workoffice.com/
Frame ID: F661A4FCAB4123FAAAA15A88B611F332
Requests: 19 HTTP requests in this frame

Frame: https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: B4EA0D59CCE28CF97DBA4325BE6FD54A
Requests: 3 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 7660D20E7EC02C2356B876766FF6BFA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kinopolis

Page URL History Show full URLs

http://www.kinopolis-workoffice.com/ HTTP 307
https://www.kinopolis-workoffice.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

26
Requests

96 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

1550 kB
Transfer

3561 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kinopolis-workoffice.com/ HTTP 307
https://www.kinopolis-workoffice.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.kinopolis-workoffice.com/
Redirect Chain

http://www.kinopolis-workoffice.com/
https://www.kinopolis-workoffice.com/

3 KB
2 KB

1205ms
897ms

Document
text/html

2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef07b9da65bf6781cb62fe21ae6b1d73bd6a80d625f647d964a5ad71c4fc68f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ec455e218020fa7-EWR
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 03 Dec 2024 14:44:34 GMT
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fVbqCJzvdp%2FrDMbBT6q1lodmv89%2B6PnwIq6vvPkudPIWzGaXm9Fl4Ri4lv63WUV%2BF6Oc6KNHQxLVFECn0AC8%2F44P2XR8HpdVesMOs0OlYXlOTS8NFXjQW84Cr3gg4ZBmqnJ0Fcp4ZCY4CW0LTV3%2B%2FGTZ3dxEFFI4rZy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=90403&min_rtt=44568&rtt_var=85077&sent=15&recv=12&lost=0&retrans=0&sent_bytes=4314&recv_bytes=4527&delivery_rate=92&cwnd=12000&unsent_bytes=0&cid=6a69ca9458201640&ts=734&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15638400; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

Location: https://www.kinopolis-workoffice.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 app.854c395b.js Show response
www.kinopolis-workoffice.com/js/ 1 MB
450 KB 75ms
62ms Script
application/javascript 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/js/app.854c395b.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94502f171f476f5aee2690fa08c091e385e3192c883f7c0c81722d3b95be0574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67488663-169bd4"
age: 358192
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=blnraLJMtpwdJ3ovCnj7p4Gb06ZcTEjXztYZHzggbBFNT%2Bl%2By3dOO99WNNcWDk2PgJxvz3NNYVZrGQbIHy%2FSiUcKQwDPPFNhFrOVZ7LooskhgdFX%2BwStq0P6Ieql%2BJM1YZP8iXyulll8i5sm1nxRQMcu9FZootje1cv9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=184391&min_rtt=44568&rtt_var=179369&sent=23&recv=17&lost=0&retrans=0&sent_bytes=11122&recv_bytes=5289&delivery_rate=4942&cwnd=12000&unsent_bytes=0&cid=6a69ca9458201640&ts=1325&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455e8e8eb0fa7-EWR
server: cloudflare

GET
H3 200 rocket-loader.min.js Show response
www.kinopolis-workoffice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 73ms
60ms Script
application/javascript 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control: max-age=172800, public
content-encoding: gzip
etag: W/"6740aa56-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S85lXddGIC5fppLAlBLnP%2BFz7128j%2BedO%2FhuvGzt8xgztG4Po%2BocqwsrWYxLJ1UojEm3wfjGa3zxE%2BEtEmATk%2BWqV2a15vqB09xwzeLQgSvAs5IoSem5MPlGl7ftZqo13lF7aIqAH2wP9eziVrcM%2BfdvDHXhBgVbEGma"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455e8e8ee0fa7-EWR
expires: Thu, 05 Dec 2024 14:44:35 GMT
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 15:59:18 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: DENY

GET
H3 200 chunk-3e593530.7584525f.js
www.kinopolis-workoffice.com/js/ 0
226 KB 344ms
344ms Other
application/javascript 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/js/chunk-3e593530.7584525f.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67488663-d2af8"
age: 356080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2mMxFTN6F61vyhrTqEaGdk%2FPdjyGaJ15ThMK9nfADkrbXeu4sMmr3I5WuQi1SOHOLXAW2%2BJ0rMheXpyMpuXxylVfLaVfTovlnIAMKFCotFuVCXxBf%2BUWyzDP44GkFJIrRTJG8x3T9%2Bm7OcgFPa02EHMVlw%2BF2HdXpRj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=95241&min_rtt=44568&rtt_var=18139&sent=93&recv=36&lost=0&retrans=0&sent_bytes=89730&recv_bytes=6503&delivery_rate=237157&cwnd=43500&unsent_bytes=0&cid=6a69ca9458201640&ts=1535&x=1", cfHdrFlush;dur=14
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455ea2a7d0fa7-EWR
server: cloudflare

GET
H2 200 api:client.js Show response
apis.google.com/js/ 14 KB
6 KB 447ms
76ms Script
text/javascript 2607:f8b0:4004:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api:client.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9797abd25a3d63c8d5d732e2282a1c1be55ae9db7c114b8fece5cc368f304210

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-encoding: gzip
etag: "3b686f1f571bd172"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 14:44:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: text/javascript
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control: private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="gapi-team"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5776
x-xss-protection: 0
server: sffe

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_CN/ 3 KB
2 KB 387ms
49ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_CN/sdk.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a105bd65e9dbe135341a43ec4f7ababecd5cb1f71eaa5954ac4a76e137b0b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kinopolis-workoffice.com
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-md5: EzY/9UO1sCo6H8MPzSVwYg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "77b181383b03519a0f0bdc008ef7e555"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 03 Dec 2024 15:01:33 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=1
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: a57e99a43fd71715311e5ef92b47b539
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: GOOD; q=0.7, rtt=67, rtx=0, c=23, mss=1232, tbw=5792, tp=12, tpl=0, uplat=0, ullat=-1
x-fb-debug: Y3YAhA0yH6J6rKPN3EUkbIF0exqdbkLnB4BoEUR9I9Vc9dETrAAsH4AkSBjivvwmi8rER0vMf8ZLRZRU2A84bg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1688
origin-agent-cluster: ?1

GET
H3

200

main.js Show response
www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame B4EA
Redirect Chain

https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

9 KB
5 KB

68ms
67ms

Script
application/javascript

2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?

Protocol

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4136f19fd75707c9aaefd0bda1526acab8fddbdcec5f8b86e5eea395927e6320

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HInq7yaOBlDNFQiQvKVJofX03%2Faoc50aKdh9zvb4aPjuULqnBSFUN3m2dfD2pV2Ub62%2FASIyBqGoAp5sGe1PjB6o4FepUWTD3mr37pbdi0rcUsPF%2F2Riatq8ZOkI88MEhFlolLq9Y97cEdxi4%2FBIGhvicCBCoITuaXx"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455ed7e710fa7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=59902&min_rtt=42182&rtt_var=12979&sent=636&recv=123&lost=0&retrans=0&sent_bytes=719664&recv_bytes=11212&delivery_rate=11115&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2056&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15638400; includeSubDomains
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=20D92GnSZRtcIHYlBZjG2V%2FtPrsYlUIezaHXVQDGyZ5cRXh5KwCxQg6zixf5wZNg%2BcH9AWtB%2FPRirlkzz37tj2%2F%2F%2BVuIPQIDRuZj%2FYTczThIIMgqQDafNJN3JuMysvp0xtUGkYmjz%2FTWX4KovORSGCf2S4NSm8uUmy%2Ft"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455ecbd710fa7-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=61696&min_rtt=42182&rtt_var=12523&sent=634&recv=121&lost=0&retrans=0&sent_bytes=718881&recv_bytes=10875&delivery_rate=2534846&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=1933&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:35 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 favicon.ico
www.kinopolis-workoffice.com/ 2 KB
2 KB 340ms
338ms Other
text/html 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41216e15abb9b7135120e5127c6c63b42eb934b04869b7cd76bf33d3cbf9bf0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVtiXxNHWKHZlXolbkhDK%2F9X5YdAS8Aeavwf6pCY%2FhKx9H0ZqgFU7OHZpDPGsOjCTcNEiVyiziI9aawFjdv5H3QZCotcvou64LXlxdRYxap4oFK6bTkBPIyxIawR7Lr9jpiE9cL7LRppZhnJv%2B7uhs9xwC%2FBeD6Ilv2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455ebbc310fa7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=59902&min_rtt=42182&rtt_var=12979&sent=641&recv=123&lost=0&retrans=0&sent_bytes=724651&recv_bytes=11212&delivery_rate=11115&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2058&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:36 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/ 314 KB
107 KB 61ms
59ms Script
text/javascript 2607:f8b0:4004:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f0ba04c61af50fc026908c7024d0b963f375b8b652a48a27e2833edda1bcb7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-encoding: gzip
age: 126782
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Tue, 02 Dec 2025 03:31:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 02 Dec 2024 03:31:34 GMT
last-modified: Mon, 11 Nov 2024 18:50:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108953
x-xss-protection: 0
server: sffe

GET
H3 200 chunk-3e593530.7584525f.js Show response
www.kinopolis-workoffice.com/js/ 843 KB
0 3ms
3ms Script
application/javascript 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/js/chunk-3e593530.7584525f.js

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/js/app.854c395b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa5fc7b19742b34577c94d44528755fb8e027ad7e3d055cc47a3965412adb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"67488663-d2af8"
age: 356080
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g2mMxFTN6F61vyhrTqEaGdk%2FPdjyGaJ15ThMK9nfADkrbXeu4sMmr3I5WuQi1SOHOLXAW2%2BJ0rMheXpyMpuXxylVfLaVfTovlnIAMKFCotFuVCXxBf%2BUWyzDP44GkFJIrRTJG8x3T9%2Bm7OcgFPa02EHMVlw%2BF2HdXpRj"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=95241&min_rtt=44568&rtt_var=18139&sent=93&recv=36&lost=0&retrans=0&sent_bytes=89730&recv_bytes=6503&delivery_rate=237157&cwnd=43500&unsent_bytes=0&cid=6a69ca9458201640&ts=1535&x=1", cfHdrFlush;dur=14
date: Tue, 03 Dec 2024 14:44:35 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455ea2a7d0fa7-EWR
server: cloudflare

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_CN/ 249 KB
74 KB 90ms
89ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_CN/sdk.js?hash=7e0dc11cef5b937b48cad99f71634971

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_CN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1d831ca79145f0a68a7e0fdeede62522a53ec5d9b94f9b40a5679516b10014df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.kinopolis-workoffice.com
Referer: https://www.kinopolis-workoffice.com/

Response headers

content-md5: DDYsJ+euIhAZPguH52aGOg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "daac7aafef61f9a929e8587b58c89511"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 13:21:35 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 03 Dec 2024 14:44:36 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 3d4ea7557498b22b12988a9b3a87cdb0
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=57, rtx=0, c=26, mss=1232, tbw=9696, tp=18, tpl=0, uplat=3, ullat=-1
x-fb-debug: gKOKLb5ayNCShjpZEAVBr35zu7tdVnRG+5ZIcDUs6KI6u3JI7PDDJJIRSqzv8wtH1gfEfOnYplKSLajXQL0/Rw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 75228
origin-agent-cluster: ?1

POST
H3 200 8ec455e218020fa7 Show response
www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B4EA 0
1 KB 105ms
93ms XHR
text/plain 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec455e218020fa7

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4PDyu3cBh6YhmmvGeaM23fvVGMBGfxUaP%2Fayn51NgbdqJQSU93aDZ50UjFlkYKvMjioqa%2B7QAkt0f4nfL4XJLulhBQerqhVln4nT3cft8hArrOfe%2FndHOPk5Lj1Y5rCTZeyssXd3Emmnc4LTgjJd7GoqFAzA9wu7F%2Fis"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455f089ed0fa7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=58025&min_rtt=42182&rtt_var=13490&sent=658&recv=139&lost=0&retrans=0&sent_bytes=726806&recv_bytes=28479&delivery_rate=97585&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2557&x=1", cfHdrFlush;dur=0
content-length: 0
date: Tue, 03 Dec 2024 14:44:36 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

POST
H3 200 8ec455e218020fa7 Show response
www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B4EA 0
1 KB 365ms
342ms XHR
text/plain 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ec455e218020fa7

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGELXxaWzLx1ZiSAntk9eaJgsJF3OWJqAG9kj51gM241X4a8iAcGPv9zdRQdEBdS1qSqE79GmztW8sRBB2fU6uCBxw8h9x9xnj7c2eHsYwxoqUSzqrnjsIXOQinwzsnGg1cSMKtiIYaJ2lEsiU9t0AxESgr8o0Kap2l7"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455f28c510fa7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61020&min_rtt=42182&rtt_var=16109&sent=674&recv=155&lost=0&retrans=0&sent_bytes=728397&recv_bytes=46116&delivery_rate=11261&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2882&x=1", cfHdrFlush;dur=0
content-length: 0
date: Tue, 03 Dec 2024 14:44:36 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/ 62 B
86 B 384ms
384ms Script
text/javascript 2607:f8b0:4004:c0b::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api:client.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c0b::8b Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

age: 8350
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options: nosniff
expires: Wed, 03 Dec 2025 12:25:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 12:25:26 GMT
last-modified: Mon, 11 Nov 2024 18:50:50 GMT
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges: bytes
access-control-allow-origin: *
content-length: 62
x-xss-protection: 0
server: sffe

GET
H3 200 btn_kefu.8e260f19.png
www.kinopolis-workoffice.com/img/ 7 KB
8 KB 375ms
375ms Image
image/png 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kinopolis-workoffice.com/img/btn_kefu.8e260f19.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49f9c66115847ff9385682168c022eb001f6685e22e7ca2d07300f847bd6cc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/login

Response headers

cf-cache-status: HIT
etag: "67488663-1c58"
age: 356079
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LM0o2QHFQMIH0fp%2Bj7eahKDP7tsT0oSCVxck0eJr1zhK1wKN8OskmR9wpAmXP7vfFNd3%2FzJc4%2B9R4ZThXsuXQVSnfBoElEIEFKlIkxfUZ%2FgRrnwrVuPZBpka%2BuoVR68ii8f9zTcAemzU70A%2Bh7mu8vJceaUcnE%2FzbJU3"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61020&min_rtt=42182&rtt_var=16109&sent=677&recv=156&lost=0&retrans=0&sent_bytes=729666&recv_bytes=46855&delivery_rate=11261&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2974&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:37 GMT
content-type: image/png
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455f32d3a0fa7-EWR
accept-ranges: bytes
content-length: 7256
server: cloudflare

GET
H3 200 index.ddf515a8.jpg
www.kinopolis-workoffice.com/img/ 76 KB
77 KB 365ms
364ms Image
image/jpeg 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kinopolis-workoffice.com/img/index.ddf515a8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed3b5e2c0550821b68db006d671e4d0909145d7e803ac55bc95b7d1f770e21a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/login

Response headers

cf-cache-status: HIT
etag: "67300d58-12f6c"
age: 614977
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRdi8%2BM4%2BPiAE%2BvDDs6nFJSp4qHhZyyRh7SUJZkL6bQvTVOPDQsBjDfEQYXZJaFUwAj0NnN3mrjAeKis1qutXuAp8QhnJqL3eqKlZmp5GtCULrobqZvDFHADiu2cY1fDAYzHs6%2B4ranOnWkePAahSvZLi%2BZd0nnb4av%2F"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61020&min_rtt=42182&rtt_var=16109&sent=702&recv=158&lost=0&retrans=0&sent_bytes=756055&recv_bytes=48328&delivery_rate=11261&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=3002&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:37 GMT
content-type: image/jpeg
last-modified: Sun, 10 Nov 2024 01:33:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455f35d7e0fa7-EWR
accept-ranges: bytes
content-length: 77676
server: cloudflare

GET
H3 200 login.a62aaac2.png
www.kinopolis-workoffice.com/img/ 17 KB
17 KB 359ms
356ms Image
image/png 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kinopolis-workoffice.com/img/login.a62aaac2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4364e50f4d993c64fc95f6e30d516dbe115a68dffd397047e3f90f5fc11e480a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/login

Response headers

cf-cache-status: HIT
etag: "67300d58-42f1"
age: 449794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dhc77t02NDRJxhImE9BBjkLxr5i%2FHMBSGxFC0OphZ41mJIzHwUjQnnmRARfCm3PMul%2BdVz6nUNgJmdIh6bUQMkBqVY1fYv5mq0rHOl0KnI3VLAgp7wDyIGYPPGRa3ywpad3FwNWWO%2BK0Hx2mmxqGOIUuiRaellRZB%2FmL"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=61020&min_rtt=42182&rtt_var=16109&sent=686&recv=158&lost=0&retrans=0&sent_bytes=737834&recv_bytes=48328&delivery_rate=11261&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=2999&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:37 GMT
content-type: image/png
last-modified: Sun, 10 Nov 2024 01:33:12 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455f35d800fa7-EWR
accept-ranges: bytes
content-length: 17137
server: cloudflare

POST
H3 200 listCsConfig Show response
579539658561d4af.kinopolis-workoffice.com/hall/ 716 B
1 KB 319ms
313ms XHR
application/json 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/js/app.854c395b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3b3b84ceb6b7df48b47358ac298dc3b9ac2f6e760f08b017b8def93f7163574

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinopolis-workoffice.com/
Accept-Language: en
Accept: application/json, text/plain, */*
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-request-id: GA2x8JGzg5KeuFoENxki
access-control-expose-headers
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4sv3Kb8lNzWG%2F6spW%2FyHJzp3wIWn657WUt07vl8xoCQRihzIii0JG4FFyQfedsD7JUA4ognUt5BDv%2BGrNzE5hOKgYjhEj%2BIR3ufFqY8bChH%2F9pZxb6a7f8boAyqugwINI2kxYFUhtSOHNXzLlwEnsPwpT3lFgU1KN5%2FyTuh0%2FnU5xJ2q4yYOrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=342175&min_rtt=218098&rtt_var=133738&sent=24&recv=20&lost=0&retrans=0&sent_bytes=9272&recv_bytes=7706&delivery_rate=11398&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=1305&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:38 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: max-age=0, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8ec455fb1ab1f5f8-EWR
access-control-allow-origin: *
server: cloudflare

POST
H3 200 listCsConfig Show response
579539658561d4af.kinopolis-workoffice.com/hall/ 2 KB
2 KB 311ms
304ms XHR
application/json 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/js/app.854c395b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bed6d66ab7ccfa79df14be23d26734eaad0d247c0c001402e47bdd17af00c7bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinopolis-workoffice.com/
Accept-Language: en
Accept: application/json, text/plain, */*
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-request-id: GA2x8JEO-Q15C8YENxji
access-control-expose-headers
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FbidLGwwxihU63rA9m0AKIcWfck%2FtG0Fp%2BKgWnpeygQ57Z7cLmSdvZWnHpYV76t62EvzMzlqRfclaV5dGO2Wddir3aeBU1r3jGsnQBBeuciL2aRb93NQKkpz1mS1Jb%2BI9I3%2F7S6UOrNFJHKL9Nx5qmb47RcDPmmbSmvD%2BrNZw4sCe9sxUbl6gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=342175&min_rtt=218098&rtt_var=133738&sent=21&recv=20&lost=0&retrans=0&sent_bytes=6831&recv_bytes=7706&delivery_rate=11398&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=1295&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: max-age=0, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8ec455fb1aabf5f8-EWR
access-control-allow-origin: *
server: cloudflare

POST
H3 200 listCsConfig Show response
579539658561d4af.kinopolis-workoffice.com/hall/ 36 B
783 B 310ms
303ms XHR
application/json 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Requested by

Host: www.kinopolis-workoffice.com
URL: https://www.kinopolis-workoffice.com/js/app.854c395b.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5161ee18585c1c65f4cbdf4acfa1f080968722cdab66cc6364aedb9aff8f57fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kinopolis-workoffice.com/
Accept-Language: en
Accept: application/json, text/plain, */*
Content-Type: application/json
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

x-request-id: GA2x8JFdv3qGKXcENxkC
access-control-expose-headers
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YqNSvvpptqxolxfjefikVKODglwIAgNzSv14TEB82i4BWd%2Bi30qQuUAJMOZ8V4vIQhreVwMKzs8TXinds1v0GCisIIj54YgkRZJU5%2Brfk88ZGIXnoPfl%2FcF%2BiHxqHaD6rBU4hhUsXR%2FEjM1QlIlbl%2F0R9x0mgnbQseDxbCcnvnGetGEJ%2BIz3qw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=342175&min_rtt=218098&rtt_var=133738&sent=23&recv=20&lost=0&retrans=0&sent_bytes=8466&recv_bytes=7706&delivery_rate=11398&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=1299&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:38 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: max-age=0, private, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: true
cf-ray: 8ec455fb1aa8f5f8-EWR
access-control-allow-origin: *
content-length: 36
server: cloudflare

OPTIONS
H3 204 listCsConfig
579539658561d4af.kinopolis-workoffice.com/hall/ Frame 0
0 1238ms
577ms Preflight 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kinopolis-workoffice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,Content-Type,Tz
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ec455f7786df5f8-EWR
date: Tue, 03 Dec 2024 14:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TVCGub3Sjco8XW2vPklSwBzQj%2BFwEgVxkMkccqZVE1a%2BzQ815k3k9I7l9lMaOoRe1pxB0pGjFfPgu1jG4mBQCnFnlOhhgl69nuHkXwXqmT2sz6nn4nMGhCeLQK9zIfMimequQXChcLd0HSHnm64G7rKZ%2BzfEgv7D3g3x3dSZtpSTItkSuCrShA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=388749&min_rtt=339098&rtt_var=157188&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5932&recv_bytes=6310&delivery_rate=1136&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=975&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15638400; includeSubDomains
x-content-type-options: nosniff
x-request-id: GA2x8H1wsWv-H3MIrGsh

OPTIONS
H3 204 listCsConfig
579539658561d4af.kinopolis-workoffice.com/hall/ Frame 0
0 1236ms
577ms Preflight 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kinopolis-workoffice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,Content-Type,Tz
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ec455f77867f5f8-EWR
date: Tue, 03 Dec 2024 14:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fmxInMnOyi%2FRLIaKxHaU2N4nGAh7EOgDMLc1hlEDy2h0tJipgKC39VlbV%2FWzEKXWTZBOKW1HU1FwZJDPzpUdVqt9aBa6WXrobowGx%2FRgDRhKvW93bR1VPL3ZWO2R672iDyByL8kjeOMzpD4lfeod0DOwXChd%2B9m11YJbZCYeRJwO5Un%2F1l0iYw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=388749&min_rtt=339098&rtt_var=157188&sent=15&recv=12&lost=0&retrans=0&sent_bytes=5123&recv_bytes=6310&delivery_rate=1136&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=967&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15638400; includeSubDomains
x-content-type-options: nosniff
x-request-id: GA2x8H2PD1hIikMIrGtB

OPTIONS
H3 204 listCsConfig
579539658561d4af.kinopolis-workoffice.com/hall/ Frame 0
0 1235ms
575ms Preflight 2606:4700:3035::6815:1452
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://579539658561d4af.kinopolis-workoffice.com/hall/listCsConfig

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:1452 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.kinopolis-workoffice.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Token,Content-Type,Tz
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8ec455f7786af5f8-EWR
date: Tue, 03 Dec 2024 14:44:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FecsQIE9CRkPuMPl9e02IzTQkd%2FxV31ofQ1X%2FbFAYTHDy1kf214afY7wcWhaN46Y0EOMmXrY3RJ%2FExmXX3x0UbL1y%2FTKm9HdiR0cueaf%2ByqJuX07YsNgFFVk2jrNbfAUdMaezt7CaBfxhoUkTfzP99AMQnR8lQyy8tjlMCBLrdj0T37lTvK92g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=388749&min_rtt=339098&rtt_var=157188&sent=14&recv=12&lost=0&retrans=0&sent_bytes=4281&recv_bytes=6310&delivery_rate=1136&cwnd=12000&unsent_bytes=0&cid=d6d8d27379d4bae3&ts=954&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=15638400; includeSubDomains
x-content-type-options: nosniff
x-request-id: GA2x8Hyr12Ze23oENxjC

GET
H3 200 favicon.ico
www.kinopolis-workoffice.com/ 2 KB
2 KB 621ms
620ms Other
text/html 2606:4700:3035::ac43:bffd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kinopolis-workoffice.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:bffd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

69dc9e5e267770e0f6d9c025aea995e6cf88a2150e63df40b43b32bca487feb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/login

Response headers

strict-transport-security: max-age=15638400; includeSubDomains
cache-control: private, no-store, no-cache, max-age=0, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fqAv7SgnEATaUnVOMfRIcHlWtxz6ibMSqvN3lqw7z8hlq%2FUNRrazKiWF9qRCsLOXIT1J3YhHNf%2F4wbg5ANb8N9lADgHLT%2BSHFtWTScy%2By78FTBASYexP%2BKwb0TqeHjPHlmw6tNvV%2BXbT9P2Nj%2B1R5w%2BF%2FceO5yj2LSB8"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ec455f39dda0fa7-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=94185&min_rtt=42182&rtt_var=78411&sent=773&recv=161&lost=0&retrans=1&sent_bytes=837434&recv_bytes=49829&delivery_rate=3396&cwnd=270000&unsent_bytes=0&cid=6a69ca9458201640&ts=3312&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:37 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 28 Nov 2024 15:04:03 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 iframe
accounts.google.com/o/oauth2/ Frame 7660 0
0 1171ms
124ms Document
text/html 2607:f8b0:4004:c08::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/iframe

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/cb=gapi.loaded_0?le=scs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::54 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-SFbISHT8ytwwjv5-a1B7Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kinopolis-workoffice.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-SFbISHT8ytwwjv5-a1B7Xg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /_/IdpIFrameHttp/cspreport/fine-allowlist
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Tue, 03 Dec 2024 14:44:38 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
reporting-endpoints: default="/_/IdpIFrameHttp/web-reports?context=eJzjctDikmJw1JBikPj6kkkDiJ3SZ7AGAXHrzXOsU4E46d951iIgNlS4xOoIxKo9l1hNgbhI4gprExAL8XBc27RnF5vAg5aFrxmV1JLyC-MzU1LzSjJLKnXzE0tLMnQzSkoK4o0MjEwMjQwM9Qws4gsMAJp5LDE"
server: ESF
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1732625587267557049
storage.ali123.co/richbr/ 562 KB
563 KB 820ms
546ms Image
application/octet-stream 2606:4700:3037::6815:8ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storage.ali123.co/richbr/1732625587267557049

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:8ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b96835eb663a0c55fefd3e1eaf1106b54b9cb85d022f2f006d8c29d1be806f25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.kinopolis-workoffice.com/

Response headers

cf-cache-status: DYNAMIC
etag: "79093bc8b36c4dacf694d1787b37b43f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVWHilGbNddEejJ0PUxf25PnhyLs746ONNdBMcJz28Epe3eOk7afhQEciaWtEMqSeYWs7Bl7EpJcRQHgVuaRGAdgHFqwtnOcL6qwbBudBaF37f7z%2FgDK0346JLO%2FpIyewFMRZu1pgT2vNzy7rzqtcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=90810&min_rtt=79899&rtt_var=27916&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4291&recv_bytes=4448&delivery_rate=274&cwnd=12000&unsent_bytes=0&cid=7dff745dd4fcb777&ts=628&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 14:44:39 GMT
content-type: application/octet-stream
last-modified: Tue, 26 Nov 2024 12:53:07 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
priority: u=3,i
strict-transport-security: max-age=15638400; includeSubDomains
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ec455fefa8032dc-EWR
accept-ranges: bytes
content-length: 575846
server: cloudflare

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kinopolis-workoffice.com/	1970-01-21 10:12:53	Name: cf_clearance Value: 8bbvDuWR26zjFR4f8TKK0nKJTaXvH9Se08c5goKhxlA-1733237076-1.2.1.1-HRqga6o1QDG9wVJKTiqSHqTSJFQ4vgIRnokPvYaZHIeY.4CmkZlam.v6UdmOLfaxjzCOBfxWymWs36j.fP8lK8XI.WkeGku1CazaiZYOCnhBgLvQ8t_pyIFERenLnDbB9GT3JEtmCvWFe15bJt05XhreV_4Ogy8JLKkXHQp38WFukpIjyNXIhVx1tk5fb4xoYqmEQZvLi0rkTsItJzmB3C0ai7KDeFbcRuGj1yc5SbY4Ve9eYtc7UqxAhN_moqRz5OU.lwD0fD71W2FgynTct4QhGteOO8L5hyW1gfK6oJsdQQCO233pHX82BR_njBk2wpnl72Rh1X5qjyoLz3gecFLaNP6zwAGH7OlHcQGOnJJ1w6wxcPCRMdFFO63CE4cm
			.www.kinopolis-workoffice.com/	1970-01-21 11:03:17	Name: G_ENABLED_IDPS Value: google

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.6zM9SN8ON8Q.O/m=client/rt=j/sv=1/d=1/ed=1/am=AAAg/rs=AHpOoo9LiInNUyZ6A99oK9HdmPXGee7Zyg/cb=gapi.loaded_0?le=scs(Line 422) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15638400; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

579539658561d4af.kinopolis-workoffice.com
accounts.google.com
apis.google.com
connect.facebook.net
storage.ali123.co
www.kinopolis-workoffice.com
2606:4700:3035::6815:1452
2606:4700:3035::ac43:bffd
2606:4700:3037::6815:8ba
2607:f8b0:4004:c08::54
2607:f8b0:4004:c0b::8b
2a03:2880:f003:c0e:face:b00c:0:3
0f0ba04c61af50fc026908c7024d0b963f375b8b652a48a27e2833edda1bcb7a
1d831ca79145f0a68a7e0fdeede62522a53ec5d9b94f9b40a5679516b10014df
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
41216e15abb9b7135120e5127c6c63b42eb934b04869b7cd76bf33d3cbf9bf0f
4136f19fd75707c9aaefd0bda1526acab8fddbdcec5f8b86e5eea395927e6320
4364e50f4d993c64fc95f6e30d516dbe115a68dffd397047e3f90f5fc11e480a
49f9c66115847ff9385682168c022eb001f6685e22e7ca2d07300f847bd6cc1c
5161ee18585c1c65f4cbdf4acfa1f080968722cdab66cc6364aedb9aff8f57fa
69dc9e5e267770e0f6d9c025aea995e6cf88a2150e63df40b43b32bca487feb1
87aa5fc7b19742b34577c94d44528755fb8e027ad7e3d055cc47a3965412adb7
94502f171f476f5aee2690fa08c091e385e3192c883f7c0c81722d3b95be0574
9797abd25a3d63c8d5d732e2282a1c1be55ae9db7c114b8fece5cc368f304210
9a105bd65e9dbe135341a43ec4f7ababecd5cb1f71eaa5954ac4a76e137b0b40
b96835eb663a0c55fefd3e1eaf1106b54b9cb85d022f2f006d8c29d1be806f25
bed3b5e2c0550821b68db006d671e4d0909145d7e803ac55bc95b7d1f770e21a
bed6d66ab7ccfa79df14be23d26734eaad0d247c0c001402e47bdd17af00c7bb
c3b3b84ceb6b7df48b47358ac298dc3b9ac2f6e760f08b017b8def93f7163574
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef07b9da65bf6781cb62fe21ae6b1d73bd6a80d625f647d964a5ad71c4fc68f8

www.kinopolis-workoffice.com Open in urlscan Pro 2606:4700:3035::ac43:bffd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

100 %IPv6

4 Domains

6 Subdomains

6 IPs

1 Countries

1550 kBTransfer

3561 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

2 Cookies

www.kinopolis-workoffice.com Open in urlscan Pro
2606:4700:3035::ac43:bffd Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

100 %
IPv6

4
Domains

6
Subdomains

6
IPs

1
Countries

1550 kB
Transfer

3561 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions