switchads.com Open in urlscan Pro
52.128.23.153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e
Effective URL:
http://switchads.com/
Submission Tags: falconsandbox
Submission: On September 22 via api (September 22nd 2021, 4:18:14 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 23 HTTP transactions. The main IP is 52.128.23.153, located in United States and belongs to DOSARREST, US. The main domain is switchads.com.

This is the only time switchads.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 11	52.128.23.153 52.128.23.153	19324 (DOSARREST) (DOSARREST)
1	176.74.176.178 176.74.176.178	13768 (COGECO-PEER1) (COGECO-PEER1)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20e... 2600:9000:20eb:2e00:14:b436:55c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
23	7

11 52.128.23.153 (United States) 2 redirects

ASN19324 (DOSARREST, US)

delivery.swid.switchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
switchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.74.176.178 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
PTR: ldn1.landertest5.click

return.uk.uniregistry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:2e00:14:b436:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.uniregistry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

afs.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	switchads.com 2 redirects delivery.swid.switchads.com switchads.com	14 KB
6	google.com www.google.com	133 KB
4	uniregistry.com return.uk.uniregistry.com static.uniregistry.com	365 KB
2	googleapis.com ajax.googleapis.com	61 KB
1	googleusercontent.com afs.googleusercontent.com	824 B
1	gstatic.com www.gstatic.com	654 B
23	6

	Domain	Requested by
8	switchads.com	delivery.swid.switchads.com switchads.com
6	www.google.com	switchads.com www.google.com
3	static.uniregistry.com	switchads.com
3	delivery.swid.switchads.com	2 redirects
2	ajax.googleapis.com	switchads.com
1	afs.googleusercontent.com	www.google.com
1	www.gstatic.com	switchads.com
1	return.uk.uniregistry.com	switchads.com
23	8

This site contains no links.

Subject Issuer	Validity	Valid
*.uniregistry.com Go Daddy Secure Certificate Authority - G2	`2020-07-27` - `2022-07-27`	2 years	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://switchads.com/
Frame ID: 5D321A0DAEF5BADFF7505B579AF23028
Requests: 6 HTTP requests in this frame

Frame: http://switchads.com/tg.php?uid=switchads614aae809a1454.62664635
Frame ID: DA5C95707361A900FA162BE8CE38F602
Requests: 2 HTTP requests in this frame

Frame: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1
Frame ID: 096E3C194295FE266745AD9BBF46FCD2
Requests: 9 HTTP requests in this frame

Frame: http://switchads.com/page.php?switchads614aae809a1454.62664635
Frame ID: 04D01EB645B2A512CA9CB5172B30BBC9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/afs/ads?adsafe=low&channel=000584&hl=en&client=dp-nameadmin11_3ph_js&r=m&psid=2306733352&type=3&swp=as-drid-2539475290896488&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300769%2C17300771&format=r6&num=0&output=afd_ads&domain_name=switchads.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=0&dt=1632284289457&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1598&ish=1200&psw=1598&psh=374&frm=1&uio=sl1sr1-&cont=rs&csize=w620h0&inames=master-1&jsv=80579&rurl=http%3A%2F%2Fswitchads.com%2Fsearch_caf.php%3Fuid%3Dswitchads614aae809a1454.62664635%26src%3Dmountains%26abp%3D1&referer=http%3A%2F%2Fswitchads.com%2F
Frame ID: AB9252D03E6C8E8CF2043B2937C01112
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/js/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js
Frame ID: D742DF21D21A953386DF6473C809985C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

switchads.com

Page URL History Show full URLs

http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e Page URL
http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e HTTP 302
http://delivery.swid.switchads.com/?f HTTP 302
http://switchads.com/ Page URL
http://switchads.com/ Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

39 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

573 kB
Transfer

906 kB
Size

6
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e Page URL
http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e HTTP 302
http://delivery.swid.switchads.com/?f HTTP 302
http://switchads.com/ Page URL
http://switchads.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e HTTP 302
http://delivery.swid.switchads.com/?f HTTP 302
http://switchads.com/

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK info.php Show response
delivery.swid.switchads.com/adserver/ 2 KB
1 KB 405ms
310ms Document
text/html 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx /
Resource Hash: efbbf2f66bd37d58c232ecdcddc05379bb29066fad5df66740a8a7e5174b42cf

Request headers

Host: delivery.swid.switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-DIS-Request-ID: 53f0cbc79fdb694913aa9df03f03272a
P3P: CP="NON DSP COR ADMa OUR IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Encoding: gzip

GET
H/1.1

200
OK

/
switchads.com/
Redirect Chain

http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e
http://delivery.swid.switchads.com/?f
http://switchads.com/

2 KB
1 KB

418ms
319ms

Document
text/html

52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/
Requested by: Host: delivery.swid.switchads.com
URL: http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Host: switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://delivery.swid.switchads.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://delivery.swid.switchads.com/adserver/info.php?action=STORE&info=MMTH%3A1c1853fb-52f7-4f9b-9667-3dfa684bdd6e

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
X-DIS-Request-ID: 8bf912a8018d8ecb88dd3a4326efc3d4
P3P: CP="NON DSP COR ADMa OUR IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:07 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.6.33-0+deb8u1
Set-Cookie: uid=delivery614aae7fefb527.54866325; expires=Fri, 22-Oct-2021 04:18:07 GMT; Max-Age=2592000
Location: http://switchads.com
X-DIS-Request-ID: cc2643e57bbc7bbc144bae6fa4f91506

GET
H/1.1 200
OK Primary Request Cookie set / Show response
switchads.com/ 2 KB
2 KB 248ms
248ms Document
text/html 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: 47e41012463b63e60e2aa0a7b8b5380e4f3acfa2dcaed01d88dea5e65e5b97aa

Request headers

Host: switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://switchads.com/
Accept-Encoding: gzip, deflate
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1003
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.6.33-0+deb8u1
Set-Cookie: uid=switchads614aae809a1454.62664635; expires=Fri, 22-Oct-2021 04:18:08 GMT; Max-Age=2592000 SRV=lander05|YUqua|YUqua; path=/
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ==_MzjxqubZavxidEHN67TdDVZeNANzfPxWvNhjNfdZC9uQXC7Eiyz+0WoAW3PFW6NisZsSPP9VvQ+wORgVt3wyhQ==
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-control: private
X-DIS-Request-ID: 14302089d86e1f80c706f107601011bf

GET
H/1.1 200
OK return_js.php Show response
return.uk.uniregistry.com/ 32 B
422 B 77ms
52ms Script
application/javascript 176.74.176.178
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: http://return.uk.uniregistry.com/return_js.php?d=switchads.com&s=1632284288
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 176.74.176.178 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: ldn1.landertest5.click
Software: Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.26
Resource Hash: 8957bf3a36255d74b598d03f3d546f5962c9ab34fbfc716f162219e1d2660e62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 04:17:12 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.3.10-1ubuntu3.26
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR NID"
Connection: close
Content-Type: application/javascript
Content-Length: 52

GET
H/1.1 200
OK Cookie set ads.js Show response
switchads.com/ 128 B
717 B 210ms
210ms Script
application/javascript 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/ads.js
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx /
Resource Hash: b32a6a07198fd0822ca245433c39b0c55662412880fdb3a0b1b5941dc59da718

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: switchads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: */*
Referer: http://switchads.com/
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqua|YUqua
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 04:18:08 GMT
Content-Encoding: gzip
NEL: {"report_to": "dis", "max_age": 3600}
Connection: keep-alive
Content-Length: 128
X-DIS-Request-ID: 8139084f745af40dcf2f7a9f624f576d
Last-Modified: Wed, 11 Oct 2017 18:50:21 GMT
Server: nginx
ETag: "80-55b49e552bb5c-gzip"
Vary: Accept-Encoding
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}
Content-Type: application/javascript
Cache-control: private
Set-Cookie: SRV=lander05|YUqub|YUqua; path=/
Accept-Ranges: bytes
Keep-Alive: timeout=20

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ 84 KB
30 KB 41ms
12ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

Requested by

Host: switchads.com
URL: http://switchads.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 11:11:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 61623
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30082
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Wed, 21 Sep 2022 11:11:05 GMT

GET
H/1.1 200
OK tg.php Show response
switchads.com/ Frame DA5C 349 B
726 B 212ms
211ms Document
text/html 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/tg.php?uid=switchads614aae809a1454.62664635
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: 307fc2d1ad0e53f7cdc7db06e29a797496219e99b2df76d5d6c0a8af76a8bc22

Request headers

Host: switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://switchads.com/
Accept-Encoding: gzip, deflate
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqub|YUqua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 269
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.6.33-0+deb8u1
Vary: Accept-Encoding
Content-Encoding: gzip
X-DIS-Request-ID: f026dc3e316259509da3b1f8d68823ad
NEL: {"report_to": "dis", "max_age": 3600}
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}

GET
H/1.1 200
OK Cookie set search_caf.php Show response
switchads.com/ Frame 096E 18 KB
6 KB 403ms
402ms Document
text/html 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: bb025db53b05cf9e751ab6be66f2d96aa88d9249a0ff9eaccf5a65a3d15fc81f

Request headers

Host: switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://switchads.com/
Accept-Encoding: gzip, deflate
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqub|YUqua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5541
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.6.33-0+deb8u1
Set-Cookie: uid=switchads614aae809a1454.62664635; expires=Fri, 22-Oct-2021 04:18:09 GMT; Max-Age=2592000
Vary: Accept-Encoding
Content-Encoding: gzip
X-DIS-Request-ID: 5d3d3438faed24d107e8dac98dd1b414
NEL: {"report_to": "dis", "max_age": 3600}
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}

GET
H/1.1 200
OK page.php Show response
switchads.com/ Frame 04D0 182 B
619 B 361ms
360ms Document
text/html 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to

Full URL: http://switchads.com/page.php?switchads614aae809a1454.62664635
Requested by: Host: switchads.com
URL: http://switchads.com/
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: 87836cb9891ec3b31a72811bc5183801a894fe29bd5e779f1e04a31cc47f536a

Request headers

Host: switchads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://switchads.com/
Accept-Encoding: gzip, deflate
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqub|YUqua
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/

Response headers

Server: nginx
Date: Wed, 22 Sep 2021 04:18:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
X-Powered-By: PHP/5.6.33-0+deb8u1
Vary: Accept-Encoding
Content-Encoding: gzip
X-DIS-Request-ID: adcd6b91d6464ad658cf28160fdc5b2e
NEL: {"report_to": "dis", "max_age": 3600}
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}

GET
H/1.1 200
OK track.php
switchads.com/ Frame DA5C 43 B
437 B 232ms
231ms Image
image/gif 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://switchads.com/track.php?uid=switchads614aae809a1454.62664635&d=switchads.com&sr=1600x1200
Requested by: Host: switchads.com
URL: http://switchads.com/tg.php?uid=switchads614aae809a1454.62664635
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: switchads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://switchads.com/tg.php?uid=switchads614aae809a1454.62664635
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqub|YUqua
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/tg.php?uid=switchads614aae809a1454.62664635
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 04:18:09 GMT
NEL: {"report_to": "dis", "max_age": 3600}
Server: nginx
X-Powered-By: PHP/5.6.33-0+deb8u1
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}
Content-Type: image/gif
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 43
X-DIS-Request-ID: 63e3f22c9f31ce163b6f8d864812f36a

GET
H/1.1 200
OK img.php
switchads.com/ Frame 04D0 43 B
437 B 220ms
220ms Image
image/gif 52.128.23.153
DOSARREST

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://switchads.com/img.php?switchads614aae809a1454.62664635
Requested by: Host: switchads.com
URL: http://switchads.com/page.php?switchads614aae809a1454.62664635
Protocol: HTTP/1.1
Server: 52.128.23.153 , United States, ASN19324 (DOSARREST, US),
Reverse DNS
Software: nginx / PHP/5.6.33-0+deb8u1
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: switchads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://switchads.com/page.php?switchads614aae809a1454.62664635
Cookie: YPF8827340282Jdskjhfiw_928937459182JAX666=136.243.198.80; uid=switchads614aae809a1454.62664635; SRV=lander05|YUqub|YUqua
Connection: keep-alive
Cache-Control: no-cache
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/page.php?switchads614aae809a1454.62664635
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 04:18:09 GMT
NEL: {"report_to": "dis", "max_age": 3600}
Server: nginx
X-Powered-By: PHP/5.6.33-0+deb8u1
Report-To: {"group": "dis", "max_age": 3600, "endpoints": [{"url": "https://nel.dosarrest.net"}]}
Content-Type: image/gif
Connection: keep-alive
Keep-Alive: timeout=20
Content-Length: 43
X-DIS-Request-ID: 424176569b974c5a3e230438ca669b62

GET
H/1.1 200
OK jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.5.2/ Frame 096E 84 KB
30 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.min.js

Requested by

Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 21 Sep 2021 11:11:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 61624
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 30082
X-XSS-Protection: 0
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="hosted-libraries-pushers"
Expires: Wed, 21 Sep 2022 11:11:05 GMT

GET
H/1.1 200
OK caf.js Show response
www.google.com/adsense/domains/ Frame 096E 152 KB
56 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/adsense/domains/caf.js

Requested by

Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e03660c7ed89d6f53e0dc9be770cdba6073a746067899837067061fc0c68515e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 22 Sep 2021 04:18:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Server: sffe
ETag: "1268730865053951191"
Vary: Accept-Encoding
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=3600
Transfer-Encoding: chunked
Accept-Ranges: bytes
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="ads-afs-ui"
Expires: Wed, 22 Sep 2021 04:18:09 GMT

GET
H2 200 ur-logo-white.png
static.uniregistry.com/assets/img/ Frame 096E 3 KB
4 KB 69ms
6ms Image
image/png 2600:9000:20eb:2e00:14:b436:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uniregistry.com/assets/img/ur-logo-white.png
Requested by: Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2e00:14:b436:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fba0e94400c61f945747763a6148d7f86f099bb99e195986a39e5bc0cf6972ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:34:12 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Feb 2019 17:05:35 GMT
server: AmazonS3
age: 85438
etag: "675bb51e4b3da04a4b718ece9cbc1ddb"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
content-length: 3578
x-amz-cf-id: B--ERMQPlkasLY44HpC7EnqjFKO9sFjBq1tJ5lTQGxSAOMjPtwf3Fw==

GET
H/1.1 200
OK partner.gif
www.gstatic.com/domainads/tracking/ Frame 096E 43 B
654 B 32ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.gstatic.com/domainads/tracking/partner.gif?ts=1632284289420&rid=2349909

Requested by

Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1

Protocol

HTTP/1.1

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Sep 2021 04:18:09 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:15:00 GMT
Server: sffe
Report-To: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
Content-Type: image/gif
Cache-Control: no-cache, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 43
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="static-on-bigtable"
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg-parking.jpg
static.uniregistry.com/assets/img/landing-pages/ Frame 096E 296 KB
297 KB 41ms
8ms Image
image/jpeg 2600:9000:20eb:2e00:14:b436:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.uniregistry.com/assets/img/landing-pages/bg-parking.jpg
Requested by: Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2e00:14:b436:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ab5e1ffa21ca5b51f2872a9b67784224cfc30a55f93624d620b04202f0b9e5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:12:25 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Feb 2019 17:05:33 GMT
server: AmazonS3
age: 72455
etag: "87801d06f55a3c337a4170f56f363ea2"
x-edge-origin-shield-skipped: 0
content-type: image/jpeg
cache-control: public, max-age=86400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
content-length: 303563
x-amz-cf-id: i19m5yBB7VBC8H1YSP6lIMLVgWR57OQFOKn5W5sw_SVBh0cBKiBYZw==

GET
H2 200 2191FE_4_0.woff
static.uniregistry.com/assets/fonts/proxima-nova/ Frame 096E 63 KB
64 KB 177ms
143ms Font
application/font-woff 2600:9000:20eb:2e00:14:b436:55c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.uniregistry.com/assets/fonts/proxima-nova/2191FE_4_0.woff
Requested by: Host: switchads.com
URL: http://switchads.com/search_caf.php?uid=switchads614aae809a1454.62664635&src=mountains&abp=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2e00:14:b436:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cdb25634b9f662b7407e5a4980d67f5e29bc6ceb21b4ec973043c1a7b05eb7c7

Request headers

Referer: http://switchads.com/
Origin: http://switchads.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:18:10 GMT
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b03.cloudfront.net (CloudFront)
vary: Origin
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
content-length: 64678
last-modified: Thu, 21 Feb 2019 16:49:11 GMT
server: AmazonS3
etag: "9fc5890416c33ae16e05b680c38c4ec7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/font-woff
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 9noloSHhUvMUll7QuXmimwLX4DjniGQ6sB2ssVzKhicJHOkmh4yGRA==

GET
H2 200 ads Show response
www.google.com/afs/ Frame AB92 14 KB
8 KB 142ms
122ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/afs/ads?adsafe=low&channel=000584&hl=en&client=dp-nameadmin11_3ph_js&r=m&psid=2306733352&type=3&swp=as-drid-2539475290896488&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300769%2C17300771&format=r6&num=0&output=afd_ads&domain_name=switchads.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=0&dt=1632284289457&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1598&ish=1200&psw=1598&psh=374&frm=1&uio=sl1sr1-&cont=rs&csize=w620h0&inames=master-1&jsv=80579&rurl=http%3A%2F%2Fswitchads.com%2Fsearch_caf.php%3Fuid%3Dswitchads614aae809a1454.62664635%26src%3Dmountains%26abp%3D1&referer=http%3A%2F%2Fswitchads.com%2F

Requested by

Host: www.google.com
URL: http://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

3e02961608d4e5e804664dc367e93f40134817c542383655bb773f46e5a77c90

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /afs/ads?adsafe=low&channel=000584&hl=en&client=dp-nameadmin11_3ph_js&r=m&psid=2306733352&type=3&swp=as-drid-2539475290896488&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300769%2C17300771&format=r6&num=0&output=afd_ads&domain_name=switchads.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=0&dt=1632284289457&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1598&ish=1200&psw=1598&psh=374&frm=1&uio=sl1sr1-&cont=rs&csize=w620h0&inames=master-1&jsv=80579&rurl=http%3A%2F%2Fswitchads.com%2Fsearch_caf.php%3Fuid%3Dswitchads614aae809a1454.62664635%26src%3Dmountains%26abp%3D1&referer=http%3A%2F%2Fswitchads.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://switchads.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/

Response headers

content-type: text/html; charset=UTF-8
content-disposition: inline
date: Wed, 22 Sep 2021 04:18:09 GMT
expires: Wed, 22 Sep 2021 04:18:09 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 8237
x-xss-protection: 0
set-cookie: CONSENT=PENDING+705; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 caf.js Show response
www.google.com/adsense/domains/ Frame AB92 152 KB
55 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js

Requested by

Host: www.google.com
URL: https://www.google.com/afs/ads?adsafe=low&channel=000584&hl=en&client=dp-nameadmin11_3ph_js&r=m&psid=2306733352&type=3&swp=as-drid-2539475290896488&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300003%2C17300494%2C17300496%2C17300769%2C17300771&format=r6&num=0&output=afd_ads&domain_name=switchads.com&v=3&adext=as1%2Csr1&bsl=8&pac=0&u_his=2&u_tz=0&dt=1632284289457&u_w=1600&u_h=1200&biw=1600&bih=1200&isw=1598&ish=1200&psw=1598&psh=374&frm=1&uio=sl1sr1-&cont=rs&csize=w620h0&inames=master-1&jsv=80579&rurl=http%3A%2F%2Fswitchads.com%2Fsearch_caf.php%3Fuid%3Dswitchads614aae809a1454.62664635%26src%3Dmountains%26abp%3D1&referer=http%3A%2F%2Fswitchads.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5aabc05fd1d889ada7cced15fff049c25b74d1b8eed64facd054db8a713df23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:18:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: sffe
etag: "4582126210879988679"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-afs-ui"
expires: Wed, 22 Sep 2021 04:18:09 GMT

GET
H2 200 chevron.svg
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/ Frame AB92 200 B
824 B 42ms
6ms Image
image/svg+xml 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f2728b3c46b9817c807714ed006928bf5dc446c3f848d8d7d9c7d9fe81fd1f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
content-encoding: gzip
x-content-type-options: nosniff
age: 82091
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 175
x-xss-protection: 0
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
server: sffe
date: Tue, 21 Sep 2021 05:29:58 GMT
vary: Accept-Encoding
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-type: image/svg+xml
cache-control: public, max-age=82800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="afs-native-asset-managers"
expires: Wed, 22 Sep 2021 04:29:58 GMT

GET
H2 200 YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js Show response
www.google.com/js/bg/ Frame D742 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/YqSUqZI0IRdbUAy163IJKnGw-hEMSU1MpsI8iakDbOc.js

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 19:56:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 462074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13243
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 14:30:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Fri, 16 Sep 2022 19:56:55 GMT

GET
H2 204 gen_204
www.google.com/afs/ Frame 096E 0
173 B 32ms
32ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-nameadmin11_3ph_js&output=uds_ads_only&zx=dl6291cloyol&aqid=ga5KYaatIamOxdwP1-2WsAY&psid=2306733352&pbt=bs&adbx=489&adby=222&adbh=374&adbw=620&adbah=58%2C58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-dp-nameadmin11_3ph_js&errv=8057916712875826019&csadii=5&csadr=258&lle=0&llm=1000&ifv=1&usr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:18:11 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 gen_204
www.google.com/afs/ Frame 096E 0
126 B 29ms
29ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/afs/gen_204?client=dp-nameadmin11_3ph_js&output=uds_ads_only&zx=6u0j1p4h6cp&aqid=ga5KYaatIamOxdwP1-2WsAY&psid=2306733352&pbt=bv&adbx=489&adby=222&adbh=374&adbw=620&adbah=58%2C58%2C58%2C58%2C58%2C58&adbn=master-1&eawp=partner-dp-nameadmin11_3ph_js&errv=8057916712875826019&csadii=5&csadr=258&lle=0&llm=1000&ifv=1&usr=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://switchads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 04:18:11 GMT
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/html; charset=ISO-8859-1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
delivery.swid.switchads.com/	1970-01-19 21:39:08	Name: YPF8827340282Jdskjhfiw_928937459182JAX666 Value: 136.243.198.80
delivery.swid.switchads.com/	1969-12-31 23:59:59	Name: SRV Value: lander01\|YUqua\|YUqua
delivery.swid.switchads.com/	1970-01-19 22:07:56	Name: uid Value: delivery614aae7fefb527.54866325
switchads.com/	1970-01-19 21:39:08	Name: YPF8827340282Jdskjhfiw_928937459182JAX666 Value: 136.243.198.80
switchads.com/	1970-01-19 22:07:56	Name: uid Value: switchads614aae809a1454.62664635
switchads.com/	1969-12-31 23:59:59	Name: SRV Value: lander05\|YUqub\|YUqua

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afs.googleusercontent.com
ajax.googleapis.com
delivery.swid.switchads.com
return.uk.uniregistry.com
static.uniregistry.com
switchads.com
www.google.com
www.gstatic.com
176.74.176.178
2600:9000:20eb:2e00:14:b436:55c0:93a1
2a00:1450:4001:810::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:831::2004
52.128.23.153
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
307fc2d1ad0e53f7cdc7db06e29a797496219e99b2df76d5d6c0a8af76a8bc22
3e02961608d4e5e804664dc367e93f40134817c542383655bb773f46e5a77c90
47e41012463b63e60e2aa0a7b8b5380e4f3acfa2dcaed01d88dea5e65e5b97aa
5ab5e1ffa21ca5b51f2872a9b67784224cfc30a55f93624d620b04202f0b9e5b
62a494a9923421175b500cb5eb72092a71b0fa110c494d4ca6c23c89a9036ce7
87836cb9891ec3b31a72811bc5183801a894fe29bd5e779f1e04a31cc47f536a
8957bf3a36255d74b598d03f3d546f5962c9ab34fbfc716f162219e1d2660e62
8f0a19ee8c606b35a10904951e0a27da1896eafe33c6e88cb7bcbe455f05a24a
a0f2728b3c46b9817c807714ed006928bf5dc446c3f848d8d7d9c7d9fe81fd1f
a5aabc05fd1d889ada7cced15fff049c25b74d1b8eed64facd054db8a713df23
b32a6a07198fd0822ca245433c39b0c55662412880fdb3a0b1b5941dc59da718
bb025db53b05cf9e751ab6be66f2d96aa88d9249a0ff9eaccf5a65a3d15fc81f
cdb25634b9f662b7407e5a4980d67f5e29bc6ceb21b4ec973043c1a7b05eb7c7
e03660c7ed89d6f53e0dc9be770cdba6073a746067899837067061fc0c68515e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
efbbf2f66bd37d58c232ecdcddc05379bb29066fad5df66740a8a7e5174b42cf
fba0e94400c61f945747763a6148d7f86f099bb99e195986a39e5bc0cf6972ac

switchads.com Open in urlscan Pro 52.128.23.153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

39 %HTTPS

71 %IPv6

6 Domains

8 Subdomains

7 IPs

3 Countries

573 kBTransfer

906 kBSize

6 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

6 Cookies

Indicators

switchads.com Open in urlscan Pro
52.128.23.153 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

39 %
HTTPS

71 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

573 kB
Transfer

906 kB
Size

6
Cookies

23 HTTP transactions
0 data transactions