urlscan.io logo urlscan.io
SecurityTrails logo

songsear.ch Open in urlscan Pro
52.36.180.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://songsear.ch/greatunknown
Effective URL: https://songsear.ch/greatunknown
Submission Tags: falconsandbox
Submission: On September 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 18 domains to perform 35 HTTP transactions. The main IP is 52.36.180.209, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is songsear.ch.
TLS certificate: Issued by R3 on August 1st 2022. Valid for: 3 months.
This is the only time songsear.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

6    52.36.180.209 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-180-209.us-west-2.compute.amazonaws.com
songsear.ch
1    2600:9000:2156:9800:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.thisiswaldo.com
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:206e:1000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    52.52.163.80 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-163-80.us-west-1.compute.amazonaws.com
ipfind.co
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:225e:7c00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    2600:9000:223c:ee00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2600:9000:2240:d000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    18.184.40.219 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-40-219.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    52.18.161.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-161-218.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
6 songsear.ch
songsear.ch
117 KB
5 quantcast.com
test.cmp.quantcast.com — Cisco Umbrella Rank: 11258
cmp.quantcast.com — Cisco Umbrella Rank: 3100
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12486
146 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
1 KB
4 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
161 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 confiant-integrations.net
cdn.confiant-integrations.net
98 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2302
45 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
179 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
387 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 1389
333 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
682 B
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
10 KB
1 ipfind.co
ipfind.co — Cisco Umbrella Rank: 53643
417 B
1 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 462
61 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
42 KB
1 thisiswaldo.com
cdn.thisiswaldo.com — Cisco Umbrella Rank: 44648
117 KB
0 4dex.io Failed
script.4dex.io Failed
0 rlcdn.com Failed
api.rlcdn.com Failed
35 18
Domain Requested by
6 songsear.ch 1 redirects songsear.ch
3 cmp.quantcast.com quantcast.mgr.consensu.org
3 securepubads.g.doubleclick.net cdn.thisiswaldo.com
securepubads.g.doubleclick.net
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.confiant-integrations.net cdn.thisiswaldo.com
cdn.confiant-integrations.net
2 quantcast.mgr.consensu.org cdn.thisiswaldo.com
quantcast.mgr.consensu.org
2 pagead2.googlesyndication.com songsear.ch
pagead2.googlesyndication.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 rules.quantcount.com secure.quantserve.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 secure.quantserve.com quantcast.mgr.consensu.org
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 ipfind.co cdn.thisiswaldo.com
1 ads.pubmatic.com cdn.thisiswaldo.com
1 www.googletagmanager.com songsear.ch
1 cdn.thisiswaldo.com songsear.ch
0 script.4dex.io Failed cdn.thisiswaldo.com
0 api.rlcdn.com Failed ads.pubmatic.com
35 22

This site contains no links.

Subject Issuer Validity Valid
songsear.ch
R3		 2022-08-01 -
2022-10-30		 3 months crt.sh
cdn.thisiswaldo.com
Go Daddy Secure Certificate Authority - G2		 2022-06-01 -
2023-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-08-22 -
2022-11-20		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.confiant-integrations.net
E1		 2022-07-29 -
2022-10-27		 3 months crt.sh
ipfind.co
Amazon		 2022-01-03 -
2023-02-01		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://songsear.ch/greatunknown
Frame ID: 3719C56699770EF722532955DB54DA67
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: 34A664C7234AC867B05B3B61EAA38A0C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Page Not Found - Song Search

Page URL History Show full URLs

  1. http://songsear.ch/greatunknown HTTP 301
    https://songsear.ch/greatunknown Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

35
Requests

91 %
HTTPS

65 %
IPv6

18
Domains

22
Subdomains

21
IPs

4
Countries

999 kB
Transfer

3500 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://songsear.ch/greatunknown HTTP 301
    https://songsear.ch/greatunknown Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsongsear.ch%2F&domain=songsear.ch&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=tcboUHxwR0Y1aFc0RUVHWHkzRkhUNUJhUk1CY2JmU1YrK2VuVHZXT0RsVkRxejNDQnlzVzRZOTZjN3JsRXBxRlYxOEFFZzB4dWsyWlNqc2NBT21uVXV4Rkh3RUZycFZLVWY5NVN5a21GQTZiRmhMdXg4YkpEeXhhU3NFYThrVXpQcmMzc3ZsS0lxSkFXUVhXUFNiN2NCbzRtRGN0KzVVTnNxNWJEVldyOC9vSTlaVlQxNGFtWjVQZ1l0WXhaRlFTalpML24rQjdqWncydXZWYk9jYi9EYUh0N1pvZUcybkhGWm5pRWxhckMyUWRTY1dZPXw&cppv=2

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request greatunknown
songsear.ch/
Redirect Chain
  • http://songsear.ch/greatunknown
  • https://songsear.ch/greatunknown
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
2d0cb0e19e7d109dd332fc3d5fa4c82ba6fd8625d0940869493fbc66d502434d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 00:41:57 GMT
etag
W/"11c5-vkEqba8rtAv6MjsQ0j4F9g0lwkA"
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
x-powered-by
Express
x-response-time
3.480ms

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 19 Sep 2022 00:41:57 GMT
Location
https://songsear.ch/greatunknown
Server
nginx/1.18.0 (Ubuntu)
11799.js
cdn.thisiswaldo.com/static/js/ 		397 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.thisiswaldo.com/static/js/11799.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9800:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
8f7a7222e92b9aa80825c1434a416da68316fc0e6055ef9f039faa5d3e01f3d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 15:27:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 15 Sep 2022 14:26:48 GMT
server
Apache/2.4.29 (Ubuntu)
age
33311
etag
"635a2-5e8b80920f230-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
tbW92oPA6ia00dG6qZFDduXXxnNSQVoSUIjGyFFn0O3akpBO5CKLcg==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		168 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42403587d42447748b94d2de6ee0e7074f518845a831743980ed982d6a91e9b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58102
x-xss-protection
0
server
cafe
etag
14714856050536719578
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 00:41:57 GMT
js
www.googletagmanager.com/gtag/ 		106 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-84503029-1
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fd68576e75ca2f23dbf040726250fb3c14ab38efe9449550558203248281865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42361
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 00:41:58 GMT
main.c5ee93c7.chunk.css
songsear.ch/static/css/ 		121 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/css/main.c5ee93c7.chunk.css
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db78a69209865760a3b32576b8316615413b03e132d2852c44bfe86ba7cd083f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 14:07:01 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62e14685-1e362"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
2.6e18ee9f.chunk.js
songsear.ch/static/js/ 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/js/2.6e18ee9f.chunk.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7bc0ad9b5405dc04782aaf740b1985ee1792c6579ce8b8b79d10751eaf1bd3cf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 14:07:15 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62e14693-32aeb"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.866274b7.chunk.js
songsear.ch/static/js/ 		97 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://songsear.ch/static/js/main.866274b7.chunk.js
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4e4d43f788d744c3ca1ec1d1934fb29bf89c29dc4c9436029f43c06437e980a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 14:07:14 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"62e14692-1838b"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
835f597d1d032c2b53be5dac666a2382e71cfc8ca727b44f5649c5e482a895de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 00:41:59 GMT
content-encoding
br
last-modified
Tue, 29 Mar 2022 21:02:44 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
W/"4465250134d57ebb988e19f6c39abbbb"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 f39b904b3d29bdb5e473689299f6dedc.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
UCV3KyiM4UdvExqpwIl56yyoxRg0bw6wAR6P0pIh79p6MFAMJrTzlw==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160082/7676/ 		200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-201.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
92f2e7a10ee598ab334b0d16191836594aa28531ff4faaa10fafdf73c80b89e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
last-modified
Thu, 18 Aug 2022 20:39:43 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=65839
accept-ranges
bytes
content-type
application/javascript
content-length
62282
expires
Mon, 19 Sep 2022 18:59:17 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf1ed19782649a67b42b18884259d38a2d67a587f5ed40044ed1c51ea3e4bab1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27742
x-xss-protection
0
server
sffe
etag
"1338 / 700 of 1000 / last-modified: 1663366203"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 00:41:58 GMT
config.js
cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 		177 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99b9b87ef041ca572e7ab6af8253cbceb95bddc49fcf386f82cf72dd2f7639b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 18 Sep 2022 23:48:50 GMT
server
cloudflare
age
95
etag
W/"424452bccb1f67d95a4da09804e16e7b"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
74ce475b5d1c9201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
DMDG2P8FBJCQX2W2
x-amz-id-2
f1o/ITqvM1ggA5i4sRVzLUEXUhZ5iV3g801vKkBHlHCMN+zstJI+LgCRkemjsCznJJcmCFNkAvKkN5nijQmLoQ==
me
ipfind.co/ 		304 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by
Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/11799.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.52.163.80 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-163-80.us-west-1.compute.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
b00df0c803933f3a9fb13638e8102d4530798f79b52a8a84139854059eac6e7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, private
access-control-allow-credentials
true
content-length
198
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 		346 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8561605615946624&plah=songsear.ch
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee3620a6bf3240f66b2a993119038579cde4917f6f7f92bbec37d6ba1226b460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124744
x-xss-protection
0
server
cafe
etag
615883134118392604
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 19 Sep 2022 00:41:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame 34A6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://songsear.ch/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
21820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4420
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 18 Sep 2022 18:38:18 GMT
etag
9671129459699598864
expires
Sun, 02 Oct 2022 18:38:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202209061116/ 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202209061116/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 17:14:03 GMT
server
cloudflare
age
364370
etag
W/"ff03fa033abd214ac10b94ea9d102f86"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=864000
cf-ray
74ce475c38a191d5-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
GQ896GJ0S4NZ4YPE
x-amz-id-2
zXq6pQHhtmnzRkjQl+gsGS/K8RLntXOI3N23EJryRE2pnoJkf5hYceoPIxWZ0K9Gm+ZziWjJbnk=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-84503029-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5998
date
Sun, 18 Sep 2022 23:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 01:02:00 GMT
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069670
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 10:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
309226
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Sep 2023 10:48:12 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		117 B
121 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=songsear.ch
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1811bef98d3e1ce4d58576fdd614594e6c529c08917be4345d97be184bd00bc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96
x-xss-protection
0
expires
Mon, 19 Sep 2022 00:41:58 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1478113647&t=pageview&_s=1&dl=https%3A%2F%2Fsongsear.ch%2Fgreatunknown&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20-%20Song%20Search&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=427269387&gjid=1859890783&cid=799751838.1663548126&tid=UA-84503029-1&_gid=1079445928.1663548126&_r=1&gtm=2ou9e0&z=848156061
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 00:41:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
lazyload-thumbnail.png
songsear.ch/static/ 		799 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://songsear.ch/static/lazyload-thumbnail.png
Requested by
Host: songsear.ch
URL: https://songsear.ch/greatunknown
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.36.180.209 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-180-209.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fba8d84aa96f3945d94dbca496dd96eb7fb09cb44a05d33bb838d28d1f38ba41
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/greatunknown
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 27 Jul 2022 14:06:55 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"62e1467f-31f"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
strict-transport-security
max-age=63072000; includeSubdomains; preload
accept-ranges
bytes
content-length
799
x-xss-protection
1; mode=block
expires
Thu, 31 Dec 2037 23:55:55 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:58 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 26 Sep 2022 00:41:58 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/songsear.ch/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:1000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:41:40 GMT
content-encoding
br
age
19
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 18:13:49 GMT
server
AmazonS3
etag
W/"6d50b90bdafc3d438c55bd915fd5301d"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 f39b904b3d29bdb5e473689299f6dedc.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
VIE50-C1
x-amz-cf-id
R6BRMEYobjE6wCyf5l22V-u78trwRKiYID_7Ez_8joJ599yJRPJAxw==
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7c00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b607e0becc84f267b7aedc69d695decec6807a896e48ab349fe1c12e3f4f17e

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:00:36 GMT
content-encoding
br
age
78083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 16 Sep 2022 19:52:29 GMT
server
AmazonS3
etag
W/"50fb7062a6b6a4e6efde705408cf32f0"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
oUUwrY_6WJ4t3DAGrQVvhBXnrJz9w1fe
via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P4
content-type
application/json
x-amz-cf-id
E4dO5RpKhuq6wtUu7M9l0Sx_bxaDkiLkirQfo5fqL4_6A58HQiOAdA==
rules-p-fTfJtcPmQDwZG.js
rules.quantcount.com/ 		209 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-fTfJtcPmQDwZG.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ee00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d626386b4ab2d2fdafa4c5543afba4096299fb9fc43aa379fb5bb69d906c851c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 23:44:55 GMT
via
1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
age
3425
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Mon, 22 Aug 2022 13:02:18 GMT
server
AmazonS3
etag
"e952c61f32492722211c861988c7accd"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
x-amz-cf-id
kpCvoEb41vNE4ge79sKOixGyLpIhz_gPHxA8l9_bmzWa2D8jQOHawA==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/44/ 		248 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sat, 17 Sep 2022 11:59:55 GMT
content-encoding
gzip
age
132125
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 18:13:35 GMT
server
AmazonS3
etag
W/"c26dab36f353a381230d68d0a5c0fa59"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
i280xDB8P2lFAgcPxvVsU1-XSQ7j5JQEwk-Bi9_AAuDTMrlJ6Xpy5Q==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		347 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acd2410e0e8b4793bcb2f75dfc2fd1d75a8e6589fdc27de9c307272640743fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:00:37 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
78083
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 18 Sep 2022 03:00:34 GMT
server
AmazonS3
etag
W/"e8f6486cbdf11a60d420ee29ef2df850"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
QaoGVhtdUgY8iea5rU7xSJx43GUvG5ft-cl_DFF7U6gTk2f0kAypQA==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		152 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=songsear.ch
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adadbe393066d256c1106dcfb48392634673a67b0b9ccae631cb4ac322c0ee03

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 03:01:30 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
78030
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sun, 18 Sep 2022 03:01:28 GMT
server
AmazonS3
etag
W/"98d5ec6478de68f1621180313dd2deb6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 23e8ec14db0917c91c2c733b45578890.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
sTgmjmWLnpKNcOt_jDJAYanp0QbIkZuna_hzGFDRxuYE8qqVTNFxMw==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22fTfJtcPmQDwZG%22%2C%22domain%22%3A%22songsear.ch%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22KkI%2FKU5jPenQbNeBBXEZcg%22%2C%22clientTimestamp%22%3A1663548126815%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-zhcm4po1q13lm229ld7w%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/44/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.40.219 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-40-219.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 00:41:59 GMT
content-length
2
content-type
text/plain; charset=utf-8
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsongsear.ch%2F&domain=songsear.ch&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://songsear.ch
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 00:42:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
499151
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fsongsear.ch%2F&domain=songsear.ch&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=tcboUHxwR0Y1aFc0RUVHWHkzRkhUNUJhUk1CY2JmU1YrK2VuVHZXT0RsVkRxejNDQnlzVzRZOTZjN3JsRXBxRlYxOEFFZzB4dWsyWlNqc2NBT21uVXV4Rkh3RUZycFZLVWY5NVN5a21GQTZiRmhMdXg4YkpEeXhhU3NFYT...
351 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tcboUHxwR0Y1aFc0RUVHWHkzRkhUNUJhUk1CY2JmU1YrK2VuVHZXT0RsVkRxejNDQnlzVzRZOTZjN3JsRXBxRlYxOEFFZzB4dWsyWlNqc2NBT21uVXV4Rkh3RUZycFZLVWY5NVN5a21GQTZiRmhMdXg4YkpEeXhhU3NFYThrVXpQcmMzc3ZsS0lxSkFXUVhXUFNiN2NCbzRtRGN0KzVVTnNxNWJEVldyOC9vSTlaVlQxNGFtWjVQZ1l0WXhaRlFTalpML24rQjdqWncydXZWYk9jYi9EYUh0N1pvZUcybkhGWm5pRWxhckMyUWRTY1dZPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e1b1cf4957bcab14d338b62581dc5db7ae54fc3f8c0dd959b1599205eee03b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://songsear.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 00:42:00 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1534014
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 00:42:00 GMT
server
Kestrel
location
https://mug.criteo.com/sid?cpp=tcboUHxwR0Y1aFc0RUVHWHkzRkhUNUJhUk1CY2JmU1YrK2VuVHZXT0RsVkRxejNDQnlzVzRZOTZjN3JsRXBxRlYxOEFFZzB4dWsyWlNqc2NBT21uVXV4Rkh3RUZycFZLVWY5NVN5a21GQTZiRmhMdXg4YkpEeXhhU3NFYThrVXpQcmMzc3ZsS0lxSkFXUVhXUFNiN2NCbzRtRGN0KzVVTnNxNWJEVldyOC9vSTlaVlQxNGFtWjVQZ1l0WXhaRlFTalpML24rQjdqWncydXZWYk9jYi9EYUh0N1pvZUcybkhGWm5pRWxhckMyUWRTY1dZPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
access-control-allow-origin
https://songsear.ch
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
520285
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		63 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.161.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-161-218.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
69cc3f1f7a9f5b50b810bb49dc63a57adf7eece18a59168edd084d197bf11736

Request headers

Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 00:42:00 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://songsear.ch
cache-control
no-cache
x-server
10.45.1.32
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
63
expires
0
rid
match.adsrvr.org/track/ 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160082/7676/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e960698bdfc8f4154c3a3c548bde5a1df344c43c47b02ea5650c545d7be56d2d

Request headers

Referer
https://songsear.ch/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 00:42:00 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://songsear.ch
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 19 Oct 2022 00:42:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=tcboUHxwR0Y1aFc0RUVHWHkzRkhUNUJhUk1CY2JmU1YrK2VuVHZXT0RsVkRxejNDQnlzVzRZOTZjN3JsRXBxRlYxOEFFZzB4dWsyWlNqc2NBT21uVXV4Rkh3RUZycFZLVWY5NVN5a21GQTZiRmhMdXg4YkpEeXhhU3NFYThrVXpQcmMzc3ZsS0lxSkFXUVhXUFNiN2NCbzRtRGN0KzVVTnNxNWJEVldyOC9vSTlaVlQxNGFtWjVQZ1l0WXhaRlFTalpML24rQjdqWncydXZWYk9jYi9EYUh0N1pvZUcybkhGWm5pRWxhckMyUWRTY1dZPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 19 Sep 2022 00:42:00 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
367030
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
localstore.js
script.4dex.io/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
script.4dex.io
URL
https://script.4dex.io/localstore.js

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| adDomainCheck function| waldoIsInArray function| waldoInitScripts function| waldoSetTagsOnPage function| isElementInViewport function| isElementInViewportTest function| isElementInViewport2 function| waldoInitScroll function| waldoRefreshIfViewable function| waldoSlotRenderEnded function| waldoInitGPT function| waldoInitGPTSingleSlot function| waldoAddSelectMediaCookie function| fetchHeaderBids function| waldoTriggerHB function| waldoAddCloseBtn function| waldoPassbackCheck function| waldoAdxClickFraud function| waldoAdxClickFraudRefresh function| waldoClickFraudNetworkWide function| waldoDelayAdClicks function| waldoInitTags function| hbRefreshBid function| waldoApplyBidGeoRestrictions function| hbRandomMinMaxRefreshMulti function| hbRandomMinMaxRefresh function| hbRandomMinMaxRefreshOnView function| getRandomNumber function| waldoGeoBidsCheck function| waldoGetUserData function| waldoLoadSlot function| waldoCreateCookie function| waldoReadCookie function| waldoEmailDetected function| waldoRecordImpression function| waldoAddCCPAWidget function| waldoSetPbjsUSPString number| refEn string| updateDate number| tagsInitDone object| gptAdSlots string| adDomain object| waldoBreakpoints number| domainValid number| PREBID_TIMEOUT number| interstitialDone object| waldoTimeOuts object| waldoAdRefreshes object| waldoAdXRefreshes object| allAdUnits object| blockAdsOn number| adTagsInitFlag number| siteId number| bidDivAvailable object| waldoTagsStatus object| googletag object| pbjs number| switchUserSync number| waldoImpressionDone string| blockedPageAds number| waldoGDPR object| waldoCountry object| waldoContinent object| waldoDataPointsDone number| closeBtnAdded object| unlimitedRefGeos object| waldoBlockRequestGeos object| waldoNoRefreshGeos object| waldoRefreshOnScollGeos object| waldoGPTSlots object| waldoTagsOnPage object| waldoSlotIds object| waldoDefinedSlots object| waldoAdUnitsAddedToPbjs object| waldoAdRefreshesOnView number| waldoCCPAWidgetAdded undefined| oriRenderAd object| waldoVideoSlot number| cmpVersion number| cmpFailureTimeout string| webInterstitialAdId object| waldoScrollSticky number| adTagsInitFinished number| adxOrderId number| enVariableHeightFix number| delayAdClicks number| allowAdClicks object| delayAdClickTimers number| delayAdClickSecs boolean| loadedOnAction boolean| loadOnAction number| waldoScrollRefreshEnabled boolean| waldoBlockRequests boolean| waldoNoRefresh number| waldoDisableGeoRestrictions object| countriesToExclude number| browserWidth object| adUnits object| passbackAdUnits undefined| affiliateBanners number| waldoCheckIndividualImps string| waldoOriPathName object| waldo function| __tcfapi function| __uspapi object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| webpackJsonpsongsearch-client object| confiant function| google_sa_impl object| googleToken object| googleIMState object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| regeneratorRuntime number| index object| IHPWT object| ihowpbjsChunk object| ihowpbjs string| partnerName string| key object| _qevents function| __tcfapiui function| quantserve function| __qc object| ezt object| _qoptions function| qtrack

15 Cookies

Domain/Path Name / Value
.songsear.ch/ Name: _ga
Value: GA1.2.799751838.1663548126
.songsear.ch/ Name: _gid
Value: GA1.2.1079445928.1663548126
.songsear.ch/ Name: _gat_gtag_UA_84503029_1
Value: 1
songsear.ch/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.songsear.ch/ Name: _pubcid
Value: ddeffa93-bc29-4a29-9837-551996cbc288
songsear.ch/ Name: waldo_country
Value: DE
songsear.ch/ Name: waldo_continent
Value: EU
songsear.ch/ Name: waldo_region
Value: null
songsear.ch/ Name: qcSxc
Value: 1663548126727
songsear.ch/ Name: _lr_retry_request
Value: true
songsear.ch/ Name: _lr_env_src_ats
Value: false
songsear.ch/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-19T00%3A42%3A00%22%7D
.songsear.ch/ Name: panoramaId_expiry
Value: 1663634520864
.songsear.ch/ Name: cto_bundle
Value: y-1M2F9HZWpwJTJGOVhTc2RZUThFTktzdDllRXZSc2dYNnpaRzZSQTNiS2FST3h4b3JkZHE2elRyV0VJbGdSUm5jUVJRYlFrUktBekRFNGxDc2k1blM0MElJOGlLaXRHQXVCUjRwaVNBbTBEZGNrQk9IZFltTFZ0ODY1Z3BTQ3I2V2klMkJPRm0
.songsear.ch/ Name: cto_bidid
Value: 5tAtWF9zT1N5YjVZN2VBVWtTVUxHZ0loNjZOcDlhSXFJRjNJWnJRTFpUaEoxSFNXbmFSWTk1TVFqWEhDeVBHelk1QUlMZmU0N1FoMXdnWGJUJTJCSFpLZXhaM2lRJTNEJTNE

3 Console Messages

Source Level URL
Text
network error URL: https://songsear.ch/greatunknown
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://songsear.ch/greatunknown
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=1258' from origin 'https://songsear.ch' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
api.rlcdn.com
audit-tcfv2.cmp.quantcast.com
cdn.confiant-integrations.net
cdn.thisiswaldo.com
cmp.quantcast.com
googleads.g.doubleclick.net
gum.criteo.com
id.crwdcntrl.net
ipfind.co
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
quantcast.mgr.consensu.org
rules.quantcount.com
script.4dex.io
secure.quantserve.com
securepubads.g.doubleclick.net
songsear.ch
test.cmp.quantcast.com
www.google-analytics.com
www.googletagmanager.com
api.rlcdn.com
script.4dex.io
178.250.0.157
18.184.40.219
23.35.236.201
2600:9000:206e:1000:9:46dc:4700:93a1
2600:9000:2156:9800:f:458e:2a80:93a1
2600:9000:223c:ee00:6:44e3:f8c0:93a1
2600:9000:2240:d000:9:46dc:4700:93a1
2600:9000:225e:7c00:3:a4cd:8380:93a1
2606:4700::6812:116b
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2002
2a02:2638:1::13
3.33.220.150
52.18.161.218
52.36.180.209
52.52.163.80
18040dc7cf8a8f961919c1df6335166bf87b7cc8b193145002c7d8bdc3d14c2c
1811bef98d3e1ce4d58576fdd614594e6c529c08917be4345d97be184bd00bc0
2b607e0becc84f267b7aedc69d695decec6807a896e48ab349fe1c12e3f4f17e
2d0cb0e19e7d109dd332fc3d5fa4c82ba6fd8625d0940869493fbc66d502434d
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
42403587d42447748b94d2de6ee0e7074f518845a831743980ed982d6a91e9b6
4dd9a0a89a6f744f971d703a692ba46ac458994d236cff82a8f79a0d1980d4d6
4e4d43f788d744c3ca1ec1d1934fb29bf89c29dc4c9436029f43c06437e980a5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fd68576e75ca2f23dbf040726250fb3c14ab38efe9449550558203248281865
69cc3f1f7a9f5b50b810bb49dc63a57adf7eece18a59168edd084d197bf11736
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e1b1cf4957bcab14d338b62581dc5db7ae54fc3f8c0dd959b1599205eee03b7
7bc0ad9b5405dc04782aaf740b1985ee1792c6579ce8b8b79d10751eaf1bd3cf
835f597d1d032c2b53be5dac666a2382e71cfc8ca727b44f5649c5e482a895de
8f7a7222e92b9aa80825c1434a416da68316fc0e6055ef9f039faa5d3e01f3d7
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
92f2e7a10ee598ab334b0d16191836594aa28531ff4faaa10fafdf73c80b89e1
99b9b87ef041ca572e7ab6af8253cbceb95bddc49fcf386f82cf72dd2f7639b4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac5aac3b3876821a8dd731f14444b317ce82c031857398f4e3f2bca0b9cde20e
acd2410e0e8b4793bcb2f75dfc2fd1d75a8e6589fdc27de9c307272640743fe6
adadbe393066d256c1106dcfb48392634673a67b0b9ccae631cb4ac322c0ee03
b00df0c803933f3a9fb13638e8102d4530798f79b52a8a84139854059eac6e7b
bf1ed19782649a67b42b18884259d38a2d67a587f5ed40044ed1c51ea3e4bab1
d626386b4ab2d2fdafa4c5543afba4096299fb9fc43aa379fb5bb69d906c851c
db78a69209865760a3b32576b8316615413b03e132d2852c44bfe86ba7cd083f
e960698bdfc8f4154c3a3c548bde5a1df344c43c47b02ea5650c545d7be56d2d
ee3620a6bf3240f66b2a993119038579cde4917f6f7f92bbec37d6ba1226b460
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fba8d84aa96f3945d94dbca496dd96eb7fb09cb44a05d33bb838d28d1f38ba41