www.2xweihnachten.ch Open in urlscan Pro
2a05:d014:58f:6202::64 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://2xnoel.ch/
Effective URL:
https://www.2xweihnachten.ch/fr/
Submission: On October 05 via api (October 5th 2023, 8:30:51 am UTC) from CH — Scanned from CH

Summary HTTP 105 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 105 HTTP transactions. The main IP is 2a05:d014:58f:6202::64, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.2xweihnachten.ch.
TLS certificate: Issued by R3 on September 29th 2023. Valid for: 3 months.

This is the only time www.2xweihnachten.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	76.76.21.21 76.76.21.21	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d014:58f... 2a05:d014:58f:6202::64	16509 (AMAZON-02) (AMAZON-02)
17	2600:1901:0:5... 2600:1901:0:5987::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	143.204.205.196 143.204.205.196	16509 (AMAZON-02) (AMAZON-02)
29	2600:9000:211... 2600:9000:211e:6c00:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:4... 2600:1901:0:43f8::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
6	2600:1901:0:c... 2600:1901:0:c07c::	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	23.36.163.237 23.36.163.237	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:fa43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1 2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 5	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:1... 2600:1901:0:1e38::	15169 (GOOGLE) (GOOGLE)
1	34.95.108.180 34.95.108.180	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
105	28

1 76.76.21.21 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

2xnoel.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d014:58f:6202::64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

www.2xweihnachten.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:1901:0:5987:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

privacy-proxy.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.205.196 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-196.fra53.r.cloudfront.net

d33wubrfki0l68.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:211e:6c00:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:43f8:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

logger.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:c07c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

12086158.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.36.163.237 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-237.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:fa43 (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.108.180 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 180.108.95.34.bc.googleusercontent.com

uct.service.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.96.124.156 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4078	24 MB
28	usercentrics.eu privacy-proxy.usercentrics.eu — Cisco Umbrella Rank: 35933 app.usercentrics.eu — Cisco Umbrella Rank: 10497 logger.service.usercentrics.eu api.usercentrics.eu — Cisco Umbrella Rank: 8526 consent-api.service.consent.usercentrics.eu — Cisco Umbrella Rank: 15478 uct.service.usercentrics.eu — Cisco Umbrella Rank: 16947	226 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 998 w.clarity.ms — Cisco Umbrella Rank: 7887 c.clarity.ms — Cisco Umbrella Rank: 1548	23 KB
6	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1192 syndication.twitter.com — Cisco Umbrella Rank: 1427	148 KB
5	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 116	13 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	138 KB
5	doubleclick.net 2 redirects 12086158.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	4 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	211 KB
4	google.ch www.google.ch — Cisco Umbrella Rank: 24974 adservice.google.ch — Cisco Umbrella Rank: 137998	1 KB
4	cloudfront.net d33wubrfki0l68.cloudfront.net	202 KB
3	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 118	2 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 957	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	172 KB
2	2xweihnachten.ch www.2xweihnachten.ch	12 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 257	764 B
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 4116	547 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 153	2 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1361	50 KB
1	2xnoel.ch 1 redirects 2xnoel.ch	200 B
105	19

	Domain	Requested by
29	images.ctfassets.net	www.2xweihnachten.ch
15	app.usercentrics.eu	www.2xweihnachten.ch app.usercentrics.eu
6	api.usercentrics.eu	app.usercentrics.eu
5	www.facebook.com	1 redirects www.2xweihnachten.ch connect.facebook.net
5	analytics.tiktok.com	www.2xweihnachten.ch analytics.tiktok.com privacy-proxy.usercentrics.eu
5	connect.facebook.net	www.2xweihnachten.ch connect.facebook.net
4	platform.twitter.com	www.2xweihnachten.ch platform.twitter.com
4	d33wubrfki0l68.cloudfront.net	www.2xweihnachten.ch d33wubrfki0l68.cloudfront.net
3	w.clarity.ms	www.clarity.ms
3	www.google.ch	www.2xweihnachten.ch
2	static.xx.fbcdn.net	www.facebook.com
2	c.clarity.ms	1 redirects
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
2	www.google.com	1 redirects www.2xweihnachten.ch
2	syndication.twitter.com	platform.twitter.com
2	www.clarity.ms	www.googletagmanager.com www.clarity.ms
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	12086158.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.googletagmanager.com	www.2xweihnachten.ch www.googletagmanager.com
2	logger.service.usercentrics.eu	privacy-proxy.usercentrics.eu
2	privacy-proxy.usercentrics.eu	www.2xweihnachten.ch privacy-proxy.usercentrics.eu
2	www.2xweihnachten.ch	d33wubrfki0l68.cloudfront.net
1	c.bing.com	1 redirects
1	uct.service.usercentrics.eu	www.2xweihnachten.ch
1	adservice.google.ch	adservice.google.com
1	adservice.google.com	12086158.fls.doubleclick.net
1	stats.g.doubleclick.net	privacy-proxy.usercentrics.eu
1	fast.fonts.net	www.2xweihnachten.ch
1	www.googleadservices.com	www.googletagmanager.com
1	www.googleoptimize.com	www.2xweihnachten.ch
1	2xnoel.ch	1 redirects
105	31

This site contains links to these domains. Also see Links.

Domain
www.redcross.ch
www.srgssr.ch
zweixweihnachten.post.ch
www.coop.ch

Subject Issuer	Validity	Valid
2xweihnachten.ch R3	`2023-09-29` - `2023-12-28`	3 months	crt.sh
app.usercentrics.eu GTS CA 1D4	`2023-08-09` - `2023-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
images.ctfassets.net Amazon RSA 2048 M01	`2023-02-28` - `2024-02-16`	a year	crt.sh
logger.service.usercentrics.eu GTS CA 1D4	`2023-09-12` - `2023-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-14` - `2023-10-12`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.google.ch GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
syndication.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-19` - `2024-09-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu GTS CA 1D4	`2023-08-18` - `2023-11-16`	3 months	crt.sh
uct.service.usercentrics.eu GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.2xweihnachten.ch/fr/
Frame ID: 486CF2EA2E300CB6754C4F95223D4C23
Requests: 90 HTTP requests in this frame

Frame: https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F
Frame ID: FBF284E003E1615123FE558DD8FF9267
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.2xweihnachten.ch
Frame ID: E5B569B3ABFC9EC7F73898D3E56C33DE
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F
Frame ID: CF8F5F054526ABC0E5BA5BE7D766417C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.ch/ddm/fls/i/dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F
Frame ID: 2BF4F68E03B5A7883718A85908C7D951
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df307f7913f25c8%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Ff34d5f144045064%26relation%3Dparent.parent&container_width=54&href=https%3A%2F%2Fwww.2xweihnachten.ch%2F&layout=button&locale=fr_FR&mobile_iframe=true&sdk=joey&size=large
Frame ID: 50596C48F68854D4276B4181DC81ED97
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df38bcf3ed6e187c%2526domain%253Dwww.2xweihnachten.ch%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.2xweihnachten.ch%25252Ff34d5f144045064%2526relation%253Dparent.parent%26container_width%3D390%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2xweihnachten%26locale%3Dfr_FR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue
Frame ID: 79E6B2B6A305B329CF54DCADE5C1B009
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.34999e64cd909e9be3bbd826bafcd2c4.fr.html
Frame ID: FEDCF8C4B222D38F63EEF86F2258615D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ensemble, envoyons du bonheur – 2 x Noël

Page URL History Show full URLs

https://2xnoel.ch/ HTTP 301
https://www.2xweihnachten.ch/fr/ Page URL

Detected technologies

Contentful (CMS) Expand

Overall confidence: 100%
Detected patterns

<[^>]+(?:https?:)?//(?:assets|downloads|images|videos)\.(?:ct?fassets\.net|contentful\.com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

105
Requests

98 %
HTTPS

69 %
IPv6

19
Domains

31
Subdomains

28
IPs

4
Countries

25466 kB
Transfer

28424 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.redcross.ch/fr

Search URL Search Domain Scan URL

URL: http://www.srgssr.ch/fr

Search URL Search Domain Scan URL

URL: https://zweixweihnachten.post.ch/fr

Search URL Search Domain Scan URL

URL: http://www.coop.ch/fr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://2xnoel.ch/ HTTP 301
https://www.2xweihnachten.ch/fr/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://12086158.fls.doubleclick.net/activityi;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F HTTP 302
https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F

Request Chain 61

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&auid=308000128.1696494644&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=M3QeZbXRMvWz9u8P9MWD0Ak&sscte=1&crd=&eitems=ChEI8L35qAYQo6ff-Ki54aqpARIdAOss8PE7QQMD73WmhAxSNDb0Av-Fd9oZIAE98_E&pscrd=Ek5DaEVJOEwzNXFBWVFtN3ZnODdHTGlhdTlBUklsQVB1NFEyd1g2Z2taVklIbUtjZ3Yxdl9LSXdNdllVWnZQeEd4Ql9CU3hOLTVOTVlzOVEaWENoRUk4TDM1cUFZUXBfblNwSldsdUtiZkFSSXRBSzdmOURZWHZGYlpsVUQwZm5GS0thX0JiLThBSmJubkkwajNsR3FXaTNGeWhENTdjaWtycVN0cmlmelYiEwj1tu-Ev96BAxX1mf0HHfTiAJo HTTP 302
https://www.google.com/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&auid=308000128.1696494644&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzNXFBWVFtN3ZnODdHTGlhdTlBUklsQVB1NFEyd1g2Z2taVklIbUtjZ3Yxdl9LSXdNdllVWnZQeEd4Ql9CU3hOLTVOTVlzOVEaWENoRUk4TDM1cUFZUXBfblNwSldsdUtiZkFSSXRBSzdmOURZWHZGYlpsVUQwZm5GS0thX0JiLThBSmJubkkwajNsR3FXaTNGeWhENTdjaWtycVN0cmlmelYiEwj1tu-Ev96BAxX1mf0HHfTiAJo&is_vtc=1&ocp_id=M3QeZbXRMvWz9u8P9MWD0Ak&eitems=ChEI8L35qAYQo6ff-Ki54aqpARIdAOss8PG_zN3nD1v3Aof9I0p1DJNA2gE7dUznCUs&random=2245096729 HTTP 302
https://www.google.ch/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&auid=308000128.1696494644&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzNXFBWVFtN3ZnODdHTGlhdTlBUklsQVB1NFEyd1g2Z2taVklIbUtjZ3Yxdl9LSXdNdllVWnZQeEd4Ql9CU3hOLTVOTVlzOVEaWENoRUk4TDM1cUFZUXBfblNwSldsdUtiZkFSSXRBSzdmOURZWHZGYlpsVUQwZm5GS0thX0JiLThBSmJubkkwajNsR3FXaTNGeWhENTdjaWtycVN0cmlmelYiEwj1tu-Ev96BAxX1mf0HHfTiAJo&is_vtc=1&ocp_id=M3QeZbXRMvWz9u8P9MWD0Ak&eitems=ChEI8L35qAYQo6ff-Ki54aqpARIdAOss8PG_zN3nD1v3Aof9I0p1DJNA2gE7dUznCUs&random=2245096729&ipr=y

Request Chain 96

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38bcf3ed6e187c%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Ff34d5f144045064%26relation%3Dparent.parent&container_width=390&hide_cover=false&hide_cta=true&href=https%3A%2F%2Fwww.facebook.com%2F2xweihnachten&locale=fr_FR&sdk=joey&show_facepile=false&small_header=true HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df38bcf3ed6e187c%2526domain%253Dwww.2xweihnachten.ch%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.2xweihnachten.ch%25252Ff34d5f144045064%2526relation%253Dparent.parent%26container_width%3D390%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2xweihnachten%26locale%3Dfr_FR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue

Request Chain 97

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&RedC=c.clarity.ms&MXFR=17601B923A5E67FD2C4B08333E5E69B1 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&MUID=1061CBFD99D463C6180CD85C98A462AC

105 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.2xweihnachten.ch/fr/
Redirect Chain

https://2xnoel.ch/
https://www.2xweihnachten.ch/fr/

44 KB
11 KB

221ms
20ms

Document
text/html

2a05:d014:58f:6202::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

22058d0653f274c9ffa819600d9cb85be3b04653dc7484c8deaa1509c9885f55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

accept-ranges: bytes
age: 19572
cache-control: public,max-age=0,must-revalidate
content-encoding: br
content-length: 11497
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 08:30:43 GMT
etag: "b871f960d4edf8403a5bad06a5ac1cd6-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HBZFBT65GXVB8HWWNBTP6YMD

Redirect headers

age: 0
cache-control: public, max-age=0, must-revalidate
content-length: 0
date: Thu, 05 Oct 2023 08:30:43 GMT
location: https://www.2xweihnachten.ch/fr/
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /api/jump
x-vercel-cache: MISS
x-vercel-id: fra1::fra1::s8g4w-1696494643142-011f30c4ad82

GET
H2 200 uc-block.bundle.js Show response
privacy-proxy.usercentrics.eu/latest/ 104 KB
31 KB 67ms
14ms Script
application/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4f94f29ec4f6d221f6c2f8d24a5ae09ccd83c236b2b2045de4f184b737d10f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:50:07 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
x-goog-meta-version: 3.2.2
age: 2436
x-guploader-uploadid: ADPycduyQobwDJjMUBf8x-U_KfjwnvpBmim1GAq4a7PD1K5lcABJSfXz-CBRN79YI6KSutze0m0ippFrXL-rPHDLSEaWng
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30669
last-modified: Wed, 23 Aug 2023 08:25:00 GMT
server: UploadServer
etag: "527944c0f67024ced3f952fa3c6043b8"
vary: Accept-Encoding
x-goog-generation: 1692779100977114
x-goog-hash: crc32c=G+x0hQ==, md5=UnlEwPZwJM7T+VL6PGBDuA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600
x-goog-stored-content-length: 30669
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 05 Oct 2023 08:50:07 GMT

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ 59 KB
20 KB 49ms
14ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

9c78e8edf537b7fa554e6c2691b006264fc2533162fba95711ed95509d681bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 07:30:51 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 3592
x-guploader-uploadid: ADPycdsSaxGHyzfOnB9zsGWp-IsOQ0KDYYZSh699Q4vIJjP_2NoFD_ZZxT1woMAnSxCWyw8jMbaucEmoDx2xKPJVKEGSWaNS9hA7
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20316
last-modified: Thu, 14 Sep 2023 12:58:26 GMT
server: UploadServer
etag: "219e037373025f83a3a36910e07ce715"
x-goog-generation: 1694696306486795
x-goog-hash: crc32c=3ZO4bA==, md5=IZ4Dc3MCX4Ojo2kQ4HznFQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 20316
accept-ranges: bytes
content-type: text/javascript
expires: Thu, 05 Oct 2023 08:30:51 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 128 KB
50 KB 99ms
48ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-5F5TWFN

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fb9e6fd01b9a6073e84f48996d520762a37fd5c6ee47a6a24630d96027f944c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50626
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 08:30:43 GMT

GET
H2 200 main.bundle.css
d33wubrfki0l68.cloudfront.net/css/bd86b005a70dc709eb96ab2aecdccd29ac8bc51e/assets/stylesheets/ 61 KB
11 KB 90ms
24ms Stylesheet
text/css 143.204.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/css/bd86b005a70dc709eb96ab2aecdccd29ac8bc51e/assets/stylesheets/main.bundle.css

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.196 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-196.fra53.r.cloudfront.net

Software

Netlify /

Resource Hash

0a45c52b8c2d1cdbfb5df9fcdce4ebe1b77f60f450a2cbe25129fb11d7715af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBWRF9BTV7Y8XJTT9AEQC557
date: Wed, 04 Oct 2023 07:12:11 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
age: 91112
x-cache: Hit from cloudfront
server: Netlify
etag: de983f3f4afc72b6cf429b8c1a00368dd2174deb-df
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
x-amz-cf-id: DjzP7qfNswQ1V2xx_2ODCa01C3xU8WLk0gg083JsO7nrPhdyT04uvw==

GET
H2 200 main.bundle.js Show response
d33wubrfki0l68.cloudfront.net/js/12b729e6d74146f414fa428888272fc6d4781d01/assets/javascripts/ 407 KB
117 KB 29ms
29ms Script
application/javascript 143.204.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/js/12b729e6d74146f414fa428888272fc6d4781d01/assets/javascripts/main.bundle.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.196 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-196.fra53.r.cloudfront.net

Software

Netlify /

Resource Hash

ce875af342820f2d1ce994f6d8b97bc633307e2c3fad072a517a37e80bf3ca20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBWN4DCYZKRPCBE99YE12EK5
date: Wed, 04 Oct 2023 06:13:49 GMT
content-encoding: gzip
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA53-C1
age: 94614
x-cache: Hit from cloudfront
server: Netlify
etag: 5f0566bea66b012433660558a68d5e09bdf566af-df
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
x-amz-cf-id: SFwlx5rku4RXQyVn2sHpQcHB1hWDeisQuu02pyxEwn-sh2AE5hE77Q==

GET
H2 200 LOGO_RGB_quer_RZ_fr.jpg
images.ctfassets.net/9nz7ww8rgw8c/1BFkFoDzbYiSO4yRQHf7uk/40f9e34545e12f8a9351ee913d2715a6/ 100 KB
100 KB 97ms
32ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/1BFkFoDzbYiSO4yRQHf7uk/40f9e34545e12f8a9351ee913d2715a6/LOGO_RGB_quer_RZ_fr.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b80b61ef39c889e91cdbff941065d0426ca43707bf51e22d4acf7ca4b88946f4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 01 Feb 2022 15:43:08 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 76842
etag: "a0ab687eb40957e79d7489fba1056ada"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 102104
x-amz-cf-id: NxME6qJnQb6tVDf8EI1pp_7_tBXZ9CCT0xpeo5hcpUsmg-s117MLqQ==

GET
H2 200 intro_img.jpg
images.ctfassets.net/9nz7ww8rgw8c/5tF5vKtAIgMGkCOM4cqI6G/67b026842495e1be53de44d2bff65b42/ 77 KB
77 KB 212ms
147ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5tF5vKtAIgMGkCOM4cqI6G/67b026842495e1be53de44d2bff65b42/intro_img.jpg?w=1440&q=75
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 63b5e0a3e1f02005bdc103269b0104ca5e9c9242473edc64d490dafcb306cccf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Wed, 20 Sep 2023 04:19:44 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "173839c986d01e42f6b383e9d25eaf47"
x-cache: Miss from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 78845
x-amz-cf-id: ooSV5ETHob_IQ20H3GQeIcBufmIEQLnoJRE42BtBDaLwjs3BYad83A==

GET
H2 200 logo.svg
images.ctfassets.net/9nz7ww8rgw8c/5BKFqLDpOEQ6yE8KuYWOQA/1c9e992c558c78b3520afdd231d78703/ 8 KB
3 KB 92ms
28ms Image
image/svg+xml 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5BKFqLDpOEQ6yE8KuYWOQA/1c9e992c558c78b3520afdd231d78703/logo.svg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 314cf03ee8b8454937666993fdd25b155d1037dcde2da0019eeb1fa5862a023f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: gzip
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2017 15:45:55 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 71984
etag: W/"2228c0596a50da5f4d657378e96bef5b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: ep2jUMYbnm34Em9J3phJl6xdNntA_WK3Gf-ayTL6F9GMIKxrtkMyEQ==

GET
H2 200 logo-fr.svg
images.ctfassets.net/9nz7ww8rgw8c/1BFSbgUZtOo8qekO4iAoWq/a6d2cff1cb7d400fa1a6b638357ba8da/ 7 KB
2 KB 498ms
434ms Image
image/svg+xml 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/1BFSbgUZtOo8qekO4iAoWq/a6d2cff1cb7d400fa1a6b638357ba8da/logo-fr.svg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2ce34c2700d9495f87cac72989beb2b0147efc4a5bb501722e9de765afd079de

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2017 12:22:27 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"7df5dbf7de9371aebbf98385c82b2c04"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: AoS21BIUE2D-2yIEkxyZWxJDGHWFXNvkG5H6a8SfERSoNOI5V3M5lA==

GET
H2 200 SRG_SSR_2011_logo.svg
images.ctfassets.net/9nz7ww8rgw8c/2hTEcqzSxaemqiu0cOaiy8/465ce36e03e5f97dfa9bee3c4012f594/ 7 KB
3 KB 343ms
279ms Image
image/svg+xml 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/2hTEcqzSxaemqiu0cOaiy8/465ce36e03e5f97dfa9bee3c4012f594/SRG_SSR_2011_logo.svg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 519536006cd07bfce7ffa9bb61618333db7e0db8b766d5448bf4962ca14ac55a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 17 Oct 2017 15:51:13 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"57454c4cb8ba206c8ce9ef4179bd284c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: iRm22Vu4IJAD4wac1Pq2N-Li_K2WfbZ4tLpqmaGarGfm0WrgqR-tTg==

GET
H2 200 poste-fr.jpg
images.ctfassets.net/9nz7ww8rgw8c/yioKo6AkvIoUe80EmyceQ/7cad33c293c9b538047a91d2d6a0f41f/ 12 KB
12 KB 340ms
276ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/yioKo6AkvIoUe80EmyceQ/7cad33c293c9b538047a91d2d6a0f41f/poste-fr.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: ae97c68be4dbee6ebdfd4e06ab0537e85a79c103cadbac27f9bd58ba54372b22

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 07 Dec 2018 16:35:46 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "1ba2f763357b0dda533324b65e2c39d4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 11921
x-amz-cf-id: 938jwaI2W9XP3dFf5zjd0LqpyWpsIsEm9eH59_ugZuBkXCRUR6wTXA==

GET
H2 200 logo-coop.svg
images.ctfassets.net/9nz7ww8rgw8c/1YWISZ2zJK2gACk4qGKe2a/f4efdcdfaf4fd132a7c0fc0ad8d8024c/ 2 KB
1 KB 309ms
276ms Image
image/svg+xml 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/1YWISZ2zJK2gACk4qGKe2a/f4efdcdfaf4fd132a7c0fc0ad8d8024c/logo-coop.svg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 10c427773d74c0724adf14522a7a506056969e5eae68201f328707a9bef6f844

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2017 15:22:53 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: W/"6054f9ecacd8e54a403fa69f240cea53"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: YH6XDAcX0GPQ43Ufi_agdGKezrLCnzE19ENKod3oTTdC61xQ1SmEAw==

OPTIONS
H2 204 sdp-errors
logger.service.usercentrics.eu/ Frame 0
0 73ms
25ms Preflight
text/html 2600:1901:0:43f8::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.service.usercentrics.eu/sdp-errors
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:43f8:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.2xweihnachten.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 05 Oct 2023 08:30:43 GMT
server: Google Frontend
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: a8dc5c3553111e28aee4bfa429bbb6e2

POST
H2 204 sdp-errors
logger.service.usercentrics.eu/ 0
0 26ms
25ms Fetch
text/html 2600:1901:0:43f8::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://logger.service.usercentrics.eu/sdp-errors
Requested by: Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:43f8:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 025a4500d41c227dba5ba3e2c83edfe3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 355 KB
102 KB 46ms
15ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

81c41f814f2cc03b2c5b247094ffd22ef741b8d9f9f12edd03e6ad961aa20a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:59:17 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798286
x-guploader-uploadid: ADPycdtJ8zbLrKs0YBvyeySZi50JWelvh4qQL07Qf5ILHSH3docQL_uYWVFADWtpvqVh-ct3zje8Yy4ObHtfmHgK5vXMRA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104736
last-modified: Thu, 14 Sep 2023 12:57:53 GMT
server: UploadServer
etag: "32d46e5d1090b1de6b34048d81bca772"
x-goog-generation: 1694696273912828
x-goog-hash: crc32c=4tGdZg==, md5=MtRuXRCQsd5rNASNgbyncg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 104736
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 12:59:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
87 KB 93ms
45ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

08dfbd56f814d08e80f1a34c192c41b0dad2c48d440f356a12e8e47fafc1b998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88745
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Oct 2023 08:30:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/fr_FR/ 3 KB
2 KB 84ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc70c1e3edb979c1f2f1f3fff1b04997dbba800a965b525981161ebfa858da4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 08:30:43 GMT
content-md5: okeOt87sBIJ7CS2WgW37BA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: 1DyYDhQ2ZQSdW/k55bIHRCfHn6rVXJ8FKg2Hk/QfYenvTBJey35SDpOEJ6Hq1bG7Rx29c/1iLCjF1HkTH1pDQw==
x-fb-content-md5: 9a34a139dfb97e122d914ed332a096bf
cross-origin-opener-policy: same-origin-allow-popups
etag: "fd875fbc6b4701d22303b184eba4b1b0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:39:50 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 139ms
28ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 08:30:43 GMT
Content-Encoding: gzip
Age: 995
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27595
Last-Modified: Wed, 04 Oct 2023 22:07:43 GMT
Server: ECS (amb/6BBF)
Etag: "27ff44f80811006c28f51333efa93f56+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800

GET
H2 200 1410c861-6f68-441e-b3b7-47d32c46fe78.woff2
d33wubrfki0l68.cloudfront.net/554077f8dd0f50569593ab110f49e1ffcb2b6643/a23d6/assets/fonts/ 36 KB
36 KB 73ms
28ms Font
font/woff2 143.204.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/554077f8dd0f50569593ab110f49e1ffcb2b6643/a23d6/assets/fonts/1410c861-6f68-441e-b3b7-47d32c46fe78.woff2

Requested by

Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/css/bd86b005a70dc709eb96ab2aecdccd29ac8bc51e/assets/stylesheets/main.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.196 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-196.fra53.r.cloudfront.net

Software

Netlify /

Resource Hash

959c295363b60bda2d7465c383e3421104a7d4af2c23c024c5abccda6a005551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBTDXPQE987SKC0PJCK5BA2T
date: Tue, 03 Oct 2023 09:29:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: FRA53-C1
age: 169283
etag: 0961b22dd74cc5a9845f138434d907c8fcd8ceb3
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 36728
x-amz-cf-id: -AoyDHlet9MB9q-uN5ZWqURA1VjDyuApzelCWc7ygwsEsTxHfv9pLA==

GET
H2 200 86213c25-c304-41be-8e81-eb0091ce7add.woff2
d33wubrfki0l68.cloudfront.net/ec3cc6bd0de5409abc0be0335c70d9f6a991b280/b8097/assets/fonts/ 38 KB
39 KB 92ms
47ms Font
font/woff2 143.204.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d33wubrfki0l68.cloudfront.net/ec3cc6bd0de5409abc0be0335c70d9f6a991b280/b8097/assets/fonts/86213c25-c304-41be-8e81-eb0091ce7add.woff2

Requested by

Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/css/bd86b005a70dc709eb96ab2aecdccd29ac8bc51e/assets/stylesheets/main.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.205.196 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-205-196.fra53.r.cloudfront.net

Software

Netlify /

Resource Hash

d559a8baea778945ca828895bf576a389bbe37048c6460e99c0038b0b02c62a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBTDXPQ6C4K9C8T29D7KR55P
date: Tue, 03 Oct 2023 09:29:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront)
server: Netlify
x-amz-cf-pop: FRA53-C1
age: 169283
etag: 4ff4cfad54ca9770e34844ea67a98c000878c722
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556926
accept-ranges: bytes
content-length: 39172
x-amz-cf-id: e5SyW8JpvJt_27Z5SYMpKzW0-RZe22tDloii0SkN6hbx0E2-oWYzgA==

GET
H2 200 mtiFontTrackingCode.js Show response
www.2xweihnachten.ch/assets/javascripts/ 671 B
787 B 136ms
136ms Script
application/javascript 2a05:d014:58f:6202::64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.2xweihnachten.ch/assets/javascripts/mtiFontTrackingCode.js

Requested by

Host: d33wubrfki0l68.cloudfront.net
URL: https://d33wubrfki0l68.cloudfront.net/js/12b729e6d74146f414fa428888272fc6d4781d01/assets/javascripts/main.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d014:58f:6202::64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Netlify /

Resource Hash

d4f287c2fb699469e5d1047900f29d8057f599b5069a4f17ad97f3f560e35785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-nf-request-id: 01HBZFBTE495DBPFVP0D4WBFCY
date: Thu, 05 Oct 2023 08:30:43 GMT
strict-transport-security: max-age=31536000
server: Netlify
age: 0
etag: "1fb38990722674940c1050650f2e903d-ssl"
content-type: application/javascript; charset=UTF-8
cache-control: public,max-age=0,must-revalidate
accept-ranges: bytes
content-length: 671

GET
H2 200 Stehlin_2.jpg
images.ctfassets.net/9nz7ww8rgw8c/7t3xCdG7TqBC8pB2QcP0CQ/bd0ff6475d623d52c1fbf83678d3a36d/ 248 KB
249 KB 241ms
236ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/7t3xCdG7TqBC8pB2QcP0CQ/bd0ff6475d623d52c1fbf83678d3a36d/Stehlin_2.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b0185885e5e8da6b489415520c5a907f5bc6319625332c448ae8c4a7f7aed4b3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 28 Dec 2021 15:25:29 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "8f630fb0d67c1e7c16c222d775211706"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 253784
x-amz-cf-id: EQKKaannnaH4yOjNjIhE_2eMTqPGihtoOgOylbBY7xdSf4zEB9zyJA==

GET
H2 200 21_Silvia_Arthur_Bosshard.jpg
images.ctfassets.net/9nz7ww8rgw8c/481MPn1YakMbSs45BipAcy/e780af47ae6a976d683e8b8c07832b88/ 124 KB
125 KB 328ms
323ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/481MPn1YakMbSs45BipAcy/e780af47ae6a976d683e8b8c07832b88/21_Silvia_Arthur_Bosshard.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: c8bbcf66989e3dee7dea54901c79a7b05520785f5ace119cd665ddc25cc2ca2e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 16:36:44 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "d9ffa6a27fdc117a4b0446490800f74f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 127054
x-amz-cf-id: SHAD2Cp30kArv_x-7TEbsApMWkUnLBNt6oYQ7AT93mjZ0pnFsIzeyA==

GET
H2 200 07_X3B9337_Doris-Leuthard.jpg
images.ctfassets.net/9nz7ww8rgw8c/1VVEH9Ro3jK9ZeRyqMpQjt/ab9fdc80516200b77946cd512204b608/ 147 KB
148 KB 323ms
318ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/1VVEH9Ro3jK9ZeRyqMpQjt/ab9fdc80516200b77946cd512204b608/07_X3B9337_Doris-Leuthard.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 4a6c4895284f7e0be73851d3eed451fc1cacb2ad4736ed73f5c9c4151b39f0a3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Wed, 22 Dec 2021 13:42:57 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "db1a55da77b876d0afe5ebafb34871bb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 150783
x-amz-cf-id: fuHmHTwKPC8ZsUWWxyj0ZS7LpJICzyQWU5VJy7OmIeX7S7CcxBwc1w==

GET
H2 200 M__lanie_Freymond_Portrait.jpg
images.ctfassets.net/9nz7ww8rgw8c/5wN2FAsusmJMANMVSUXlwF/842b4e8bd76d269cba7ce82d98354068/ 223 KB
224 KB 319ms
314ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5wN2FAsusmJMANMVSUXlwF/842b4e8bd76d269cba7ce82d98354068/M__lanie_Freymond_Portrait.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 373e48505a545e861cd1109ab7f8a9afd2ce03556981a0c524e3182327676b15

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 28 Dec 2021 15:37:08 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "24b79f57e2ecf66024ce50c2f2ace4e4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 228646
x-amz-cf-id: MPU-0kKVHsA6cK_ywF1opsTPYykEwXTFApiTSlqiAhXh6zyf0JitlA==

GET
H2 200 Abi_Lbadaoui_querformat.jpg
images.ctfassets.net/9nz7ww8rgw8c/5qMTycaHl32KiH9AXXVDct/570e364785c9114324d82c0c6d1daaa1/ 1 MB
1 MB 50ms
45ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5qMTycaHl32KiH9AXXVDct/570e364785c9114324d82c0c6d1daaa1/Abi_Lbadaoui_querformat.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 2266f44385c1337837b7ef108a668da3a3d829063e1fc7c6d4f54284360458f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 10:40:55 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 7884
etag: "1bd3817f29967cfd9a5cfde82052f994"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 1127852
x-amz-cf-id: EYpjpoHhR4SXE8uInOpUnzacKU3ZiZ3Sz8ODiKR4JknZr_c_L0pzIg==

GET
H2 200 14_Valya_Poghosyan_2.jpg
images.ctfassets.net/9nz7ww8rgw8c/16qkaKKAYPyVSqYBAvJ3Tq/61f7134ad1e35a06d863544f696aaf6d/ 20 MB
20 MB 38ms
33ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/16qkaKKAYPyVSqYBAvJ3Tq/61f7134ad1e35a06d863544f696aaf6d/14_Valya_Poghosyan_2.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7ab2ea8fd27fef64c455115e17f1932f0710ddce3f74455c11820b826d76154f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 26 Nov 2021 10:22:50 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
age: 7884
etag: "6b6f6406fa4b81063064d62379eb2f06-4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 20761000
x-amz-cf-id: CPIQY__ilt0jVQzv834Nj4sue5b74nUifU92cJpcQZXgu-V4O0rztw==

GET
H2 200 15_Jina-Sargizova_2-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/7jd3ReEW7mHbJ5CtiFrQY0/cc870ccfdb3589583c46d9f7a083c19d/ 106 KB
107 KB 329ms
325ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/7jd3ReEW7mHbJ5CtiFrQY0/cc870ccfdb3589583c46d9f7a083c19d/15_Jina-Sargizova_2-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e8754bab8aebc724a2e6478e9e2a69b686e99dbe63286b8198e3abeb4a2072e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 16:24:04 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "e41d106a18bd5c25500ea344a37e14f1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 108752
x-amz-cf-id: ENJ0xFu-PLC6WlIToiPCbtND7p3HpXYE6Ophnj-0bmdGcCD9Ke34DA==

GET
H2 200 01_Ursula_Luginb__hl.jpg
images.ctfassets.net/9nz7ww8rgw8c/2uY5T1us1umHqdVwepRWuB/5a0c6297a0ed88059c6d9e5aafe10e96/ 87 KB
87 KB 319ms
315ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/2uY5T1us1umHqdVwepRWuB/5a0c6297a0ed88059c6d9e5aafe10e96/01_Ursula_Luginb__hl.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: a557931c2ecdd87b97095ee3a4fb001acc6715a5616495f665d3112744389283

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:36:20 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "2393e4df8b3b181ac39261dc193086d3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 88767
x-amz-cf-id: 6nV4Y8VU1jdXhgP6bOQaNmI0BfnRUMnx18Rp_azfG-h-GX6M5wuOFQ==

GET
H2 200 06_Philipp-Wyss_X3B8983-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/3hVzQjfgN04vc0Q77CYcoQ/bd2cea2a0bdc846eb0655ed3cc3af886/ 143 KB
144 KB 390ms
386ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/3hVzQjfgN04vc0Q77CYcoQ/bd2cea2a0bdc846eb0655ed3cc3af886/06_Philipp-Wyss_X3B8983-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 702b84fac5e859748def23a4eae23892deb98f543876b89170cab0ba021de941

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Wed, 22 Dec 2021 13:39:58 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "ed82208e82afef98bad4f32a36a47a94"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 146461
x-amz-cf-id: gKaJvaO_GZccUsTmi4AZnZDMim53cXsgc_BEcmvVAwizj6DpfKf7iA==

GET
H2 200 01_Kerten_Kr__ger.jpg
images.ctfassets.net/9nz7ww8rgw8c/4lGc0sAkM4KONDkOjGZApL/fb6620a620de7e7c2f01800b0313e47e/ 150 KB
151 KB 262ms
258ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/4lGc0sAkM4KONDkOjGZApL/fb6620a620de7e7c2f01800b0313e47e/01_Kerten_Kr__ger.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 230edc85fba60b7e535f3304bd4c501efbba20e6db22600955226210a73bdd03

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:25:17 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "f97f900959c3915d5a6e7d28dec2a065"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 154108
x-amz-cf-id: _s0k7TLGlm-pTah5xb1zo0l8oP3JFpIHbw0qVAZSj1mjDPg6HWTamw==

GET
H2 200 09_CarlaNorghauer_quer_2.jpg
images.ctfassets.net/9nz7ww8rgw8c/1RN9jvsCAZIs523SubxxTZ/c804eb103646c3e01f89faffd38cd756/ 86 KB
87 KB 265ms
261ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/1RN9jvsCAZIs523SubxxTZ/c804eb103646c3e01f89faffd38cd756/09_CarlaNorghauer_quer_2.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7e1eac13f53887711729c482a796cf09cf82359b4c16a94dd3bc1744accd9a00

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:31:09 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "95b86f2cb6452f44d8949506eb442ed9"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 88284
x-amz-cf-id: -m8FUBLq-Bwcwj3z7RTiYbvRZnVxAxr5FIImWLvntXdBfqLrw-fM7w==

GET
H2 200 11_Jean-MarcRichard_quer-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/4PX0f8Q7VBwq78BG3vDAIt/727aa17b67578fe5ed46176e91e48fa0/ 73 KB
73 KB 395ms
391ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/4PX0f8Q7VBwq78BG3vDAIt/727aa17b67578fe5ed46176e91e48fa0/11_Jean-MarcRichard_quer-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 11c356ed33d2ed32d9acdeedeb2b5fef41b7211442091c51fcd23a4f5be0b25f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:33:38 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "63f028ef5ae38c7d0a611949a05fb06d"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 74248
x-amz-cf-id: 7Y1PyT1YMYs8eSh2SYJqxJDkJ3X4i2BPJCkCxhtMp-m98lF6BRALrQ==

GET
H2 200 08_Gilbert-Montavon.jpg
images.ctfassets.net/9nz7ww8rgw8c/aFVuuj38YqZ9ntg9IRDuQ/419d82e7e712c836920ea9216a565f4b/ 126 KB
126 KB 329ms
326ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/aFVuuj38YqZ9ntg9IRDuQ/419d82e7e712c836920ea9216a565f4b/08_Gilbert-Montavon.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: f474550de1e03d58f1d19a2d95b7d12781ed5752886a2639be1ddda8e5172c70

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Wed, 22 Dec 2021 13:45:28 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "08a664eb9fefbb5b53171c4e4844b4a0"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 128542
x-amz-cf-id: GgTzKUTCTCoOkIPBPhOzDYaF6cyJ7sz4EUjUGiOp2doOTJ1y6Ex0Nw==

GET
H2 200 Tristan_Esseiva_hoch-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/6VTGYao7JxEiBCHs9C3xjn/5071096ffe1a8563b3dcaf1b833e2b07/ 62 KB
63 KB 324ms
321ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/6VTGYao7JxEiBCHs9C3xjn/5071096ffe1a8563b3dcaf1b833e2b07/Tristan_Esseiva_hoch-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 705978ece57bc92b7928e87defdabb5695fe92c45f56373e6d6b0b9ac64e57f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:27:11 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "eeeba2d31ea676bea2a7cf028a666b55"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 63681
x-amz-cf-id: ARB3-hlggBA_HaHbtjFQfxoYFYNdyRCWOjqNmi67FKmCrQq2yUq4pw==

GET
H2 200 10_ToniPoltera_quer.jpg
images.ctfassets.net/9nz7ww8rgw8c/59ZN0Ws4GhMq0mMXLGny3h/db6f774ac8145c5728f65045fcb5e2cf/ 37 KB
37 KB 269ms
266ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/59ZN0Ws4GhMq0mMXLGny3h/db6f774ac8145c5728f65045fcb5e2cf/10_ToniPoltera_quer.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 36ca6086bbd619cb4a8aa383480359083f56c577fe7d6a90d0e2f8b6de9441f6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:32:21 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "2c9a412558c4fea945e5c53851cdb9d7"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 37682
x-amz-cf-id: k1OPdUhHq-P4oCgvNgrV_zbh_qSyrYnn4M943p4tZL8EOsB53Z1ZZQ==

GET
H2 200 Samira_Schlatter.jpg
images.ctfassets.net/9nz7ww8rgw8c/5outClq3gz34WvsyKY4qvw/eb22fa5dde741d9f906490fdf806ba63/ 124 KB
124 KB 279ms
276ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5outClq3gz34WvsyKY4qvw/eb22fa5dde741d9f906490fdf806ba63/Samira_Schlatter.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0b7ded52919ddb0fe85579298b5a0945168c309e49001a1bfa9cdc9b8fe36c97

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:29:04 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "90fde45bc861a3bf2afdd8d049fdb324"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 126900
x-amz-cf-id: sgs_A2Oyp7Eic5Es8wdUUWt0GXG78Csq-_pe7ZVjuN5s7icPEyEMAg==

GET
H2 200 12_DanielFohrler_hoch-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/5OD1dtKa5rmZbtBdrCPT6Q/f99d8234a3c6c5eb6546911024ef7a35/ 100 KB
100 KB 235ms
233ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5OD1dtKa5rmZbtBdrCPT6Q/f99d8234a3c6c5eb6546911024ef7a35/12_DanielFohrler_hoch-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e2df0d10eb100b81daa06c74bf17c3d613647d2222a7ac8a1d5892f6ed7f41c4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:34:56 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "32918aa3dda276072dd297fa4f0e165f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 102274
x-amz-cf-id: NomU_XjxxsH4ziSLSrCL7NMEwLtuGZu5fNE-MKCSc402CHC4IDUOxQ==

GET
H2 200 13_DorisRothen.jpg
images.ctfassets.net/9nz7ww8rgw8c/URsgmyHyrdIhqtnBNI3nK/23eff1f7cc3e6213864146d25804c7ac/ 128 KB
128 KB 271ms
269ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/URsgmyHyrdIhqtnBNI3nK/23eff1f7cc3e6213864146d25804c7ac/13_DorisRothen.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 9cf0bfbdf8164a95502ff8e1d059e7eb5847d7ae8fc12433b095e8c99de4eab5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 15:58:18 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "b02d3c59bdd266fa96c5933108d8e779"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 130664
x-amz-cf-id: eSLCbv-8AcF85BKeyvZJgAO4g-Ghk3UzwZAeBSY5fE_L7Gg3AVVx9Q==

GET
H2 200 Linda_F__h_Portrait.jpg
images.ctfassets.net/9nz7ww8rgw8c/3cBnRq6MBlUHVho9nyA1Qb/141cf4ca9ba7ad9da9df0c96fb0854b8/ 218 KB
219 KB 278ms
275ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/3cBnRq6MBlUHVho9nyA1Qb/141cf4ca9ba7ad9da9df0c96fb0854b8/Linda_F__h_Portrait.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: dce7a1990586d3fd97ccc08d16abf1524307a77df2a5e2798b5b66dd1f2d4d04

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Tue, 28 Dec 2021 15:34:14 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "502bd52203e0b1bb8f69841f7a165a34"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 223202
x-amz-cf-id: QUVVaWNQrljm4lwINZFm7-5IUlH7GvOOuU8PTX_w9FkC13fnxI4LKw==

GET
H2 200 Foto_Christoph-Ditzler-_1_.jpg
images.ctfassets.net/9nz7ww8rgw8c/5d3cMhmvjV2Y0ncVVRJje1/0e0005dcad867eacf093e40b7d4d0741/ 103 KB
104 KB 330ms
328ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/5d3cMhmvjV2Y0ncVVRJje1/0e0005dcad867eacf093e40b7d4d0741/Foto_Christoph-Ditzler-_1_.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 27727268e956a5b856b91a47ed8d906b568df9e49aceb2cf04ee1cf0df65512a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 16:04:34 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "dc4f3a1adcec880a9340f25020b1df84"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 105859
x-amz-cf-id: TpUKViM11pChjNoy48cZItCNvznfhmpfnIx-f2XzUKdAvMzxtnVDxQ==

GET
H2 200 23_Pascal-M__ckli.jpg
images.ctfassets.net/9nz7ww8rgw8c/6FlCBXbopOie3ifhxVj6xT/ac3c18f57f61eeca32c3fe2079330714/ 51 KB
51 KB 331ms
329ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/6FlCBXbopOie3ifhxVj6xT/ac3c18f57f61eeca32c3fe2079330714/23_Pascal-M__ckli.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b7063a6b78377a64df7a8eef4bc2bed3579b50a92ad09c49928d25f68a1336ce

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Fri, 17 Dec 2021 16:17:45 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "b4e34743e20aa7efe219aa8dbd52116e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 51954
x-amz-cf-id: j684KJmC_xDqjcqxpgSMEc6ueUlWoewIoUnosWZjhQCEESvCC_0fAA==

GET
H2 200 Silvia_Bosshard.jpg
images.ctfassets.net/9nz7ww8rgw8c/2Zy9GRg2VSpIuqEuFYstfW/6613f618b1bc6c26fa696c81f6175e8b/ 181 KB
181 KB 225ms
223ms Image
image/jpeg 2600:9000:211e:6c00:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9nz7ww8rgw8c/2Zy9GRg2VSpIuqEuFYstfW/6613f618b1bc6c26fa696c81f6175e8b/Silvia_Bosshard.jpg
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:6c00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 63b4d00f7e88d4c69629deab2eaf5f1120d49e02e9d807b2d9ba6925091749f2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 1a3d61cabf9778724765b3e70befe816.cloudfront.net (CloudFront)
last-modified: Wed, 29 Dec 2021 14:36:48 GMT
server: Contentful Images API
x-amz-cf-pop: FRA56-C2
etag: "9fcffd024377de3a4502ea87b76dffc3"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 185010
x-amz-cf-id: brbva7qgQEkCA0lPBNekmhampJzho_5U-f_idYkVaUCD9w5uIYj2pQ==

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ Frame 0
0 65ms
34ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.2xweihnachten.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 08:30:43 GMT
expires: Thu, 05 Oct 2023 08:30:43 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdv8gXg6tCzDu73S14gQN1K8zfm0QfnFrrq7hWLUN1vmEWQweyJrNnEHb7Pi5E86ZZl3-H0wlDixDywimwhOAwnfO3dlTrdJ

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ 86 B
616 B 83ms
81ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

925914f519063ebef6984ffff2efe62f52b5c4727f2ced03ac5f91d64c7baf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdtkwIczMbty97_fl6uXL5xgB_xjDSKLu-I1JNNfc92jr1_9KncKGrI0KrMsP2IkWw-VPTuoT1kuFzkR0MQYt-wvfxM1KGuy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74
last-modified: Wed, 04 Oct 2023 09:44:44 GMT
server: UploadServer
etag: "8ccb0ebe4e35d5545186e9e7fa0d4a59"
vary: Accept-Encoding
x-goog-generation: 1696412684637169
x-goog-hash: crc32c=TE45qQ==, md5=jMsOvk411VRRhunn+g1KWQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 74
accept-ranges: bytes
content-type: application/json
expires: Thu, 05 Oct 2023 08:31:43 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/fr_FR/ 303 KB
86 KB 51ms
26ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/fr_FR/sdk.js?hash=63c5749f425b93df741242533677a9dc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d148d296e16f1216944a5b97d6a566e247d85ee1e5b0cca642027f375eb2f53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Oct 2023 08:30:43 GMT
content-md5: jV/64y/Oxpxh9iov5mKaeA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88160
x-fb-debug: hTwIf3SQYqQxd44G2pwPKKEkDZ3eVzvuW8YFlMhwx31jX0tk5hftPe0Gfug8EvTYQyzwzMXR2OU9qXdg0LR6hg==
x-fb-content-md5: 3e67118fe1e436af96b8acdb90ccc8a9
cross-origin-opener-policy: same-origin-allow-popups
etag: "128bb6c91bfd4f21eac7a7f179ef8901"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 04 Oct 2024 07:00:41 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/479192961/ 3 KB
2 KB 120ms
44ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/479192961/?random=1696494643736&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&bttype=purchase&auid=308000128.1696494644&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aee56b28da5e5aaf6e298e13498ccf1cc5987118815bca277386e385cfd6130c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1661
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=... Show response
12086158.fls.doubleclick.net/ Frame FBF2
Redirect Chain

https://12086158.fls.doubleclick.net/activityi;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epv...
https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl...

552 B
482 B

62ms
61ms

Document
text/html

142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

5f1ec667486591a426a307907e8dc10937b0f5925cdc6447a3cb0d24f823538f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 306
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:43 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/ 3 KB
2 KB 271ms
205ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1696494643756&cv=11&fst=1696494643756&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&auid=308000128.1696494644&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcbfcb2baf729cd519d3e7cf9f39ff023a005a2ed59343b26b77a05fcf71dfd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gx2spz5bhc Show response
www.clarity.ms/tag/ 843 B
1 KB 217ms
152ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/gx2spz5bhc?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 48e16d3e56ef764c4d9b23e86d32e47003f2d40eb40bbc9c42b2162e3f46a19f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
date: Thu, 05 Oct 2023 08:30:43 GMT
x-azure-ref: 0M3QeZQAAAAC6V4RCzGChS7YutjrM9ygmWlJIRURHRTA2MjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
content-length: 843
expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 26ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 08:30:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: YeNEwud9bN26yLiJx2IK5KNAhYQWOmOJDCmJ/QPbd6e7yk2DvyQRYe8RIIanr86HK6mutNSGYNRHr2DBJ5W2wA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 228ms
130ms Script
application/javascript 23.36.163.237
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE8TB0JC77UA05OMUPR0&lib=ttq
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3e035d762dad8231b7c1a0a0477fd8d60c2b7096da7cfc14c25eea00830a5c3a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 3ef24dc4.1578126b
date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-209.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 93,23.36.161.209
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=6, inner; dur=3
content-length: 1320
pragma: no-cache
server: nginx
x-tt-logid: 20231005083043E030D4429CF4B68616B0
x-cache-remote: TCP_MISS from a23-220-104-219.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.219
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cf2546dc352f55fd2ed754ae7804d82f9e9a6c11e7f8e4429ac703e2f21d4160b7bab1b716d3aca7ace4b6250e36005ff107e11d284b5ad70752c2465d1995e8e4940cadd3f6361db0993452610faf72f2789eed09034b4985e501aef5e595b095
expires: Thu, 05 Oct 2023 08:30:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
85 KB 45ms
44ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8R7RXSFQEG&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGXRB9Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7d3213f2b9314e2af0528afbcd7d9da7bae3cd3385fef9a020f71389767a43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 05 Oct 2023 08:30:43 GMT

GET
H/1.1 200
OK widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html Show response
platform.twitter.com/widgets/ Frame E5B5 319 KB
104 KB 37ms
35ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.2xweihnachten.ch
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC4) /
Resource Hash: 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer: https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 37311
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Oct 2023 08:30:43 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Wed, 04 Oct 2023 21:58:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BC4)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 1.css
fast.fonts.net/t/ 0
547 B 358ms
281ms Stylesheet
text/css 2606:4700::6810:fa43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=undefined
Requested by: Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fa43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 5S0GC3YNGKCD8NFH
age: 480235
content-length: 0
x-amz-id-2: 9v4tizWv/PA/FaltAmYo0bCMu3FYGPSpuU4rnSUw96sdTk7b72xCl96ubbQTzNRBtf+x39Hp08U=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 81144de46de5f15c-CDG
x-amz-meta-mtime: 1519217722

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 112ms
32ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8R7RXSFQEG&cid=710779563.1696494644&gtm=45je3a20&aip=1
Requested by: Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:43 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.2xweihnachten.ch
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ch/ads/ 42 B
408 B 91ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8R7RXSFQEG&cid=710779563.1696494644&gtm=45je3a20&aip=1&z=407638581

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1602194843373061 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 163ms
161ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1602194843373061?v=2.9.132&r=stable&domain=www.2xweihnachten.ch

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

29f9afdf1c0a58bc7f01c272de175c1333b0812538c3bec1a0d88803e74f369f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 08:30:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: IgsSUHTkyXZShof2Nof56abFwVZWt4/ubE1rRoH0vSjDe5rR2GbdsdVjSWee96sRhDYLybqkz+dQkHnfVCSggg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame E5B5 869 B
658 B 485ms
138ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=e6c37cf66191cd715d3a3a3af36c668ff924d199

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.34999e64cd909e9be3bbd826bafcd2c4.html?origin=https%3A%2F%2Fwww.2xweihnachten.ch

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 103
date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 05 Oct 2023 08:30:44 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: f8f058e977f9a2e7
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 3d8f11b042269c1944094eb1613a6923a8c76e7bb87d0f54801f9de59ed80eaf
content-length: 337

GET
H3 200 fr.json Show response
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ 28 KB
8 KB 61ms
60ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/fr.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

05fe46bc03ebf5316a41b188b9d34e1a20a17e295432252c23dcbebc827f5031

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdukUKMdtSf0ZFXgSl98dgNmjxHOV_vSmXdMMxaMWZ23R-fkG2orOC8mXDyR0fkWBgACtDbRtOEB8NnbXiXBhImeEYSXDVua
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8007
last-modified: Wed, 04 Oct 2023 09:44:44 GMT
server: UploadServer
etag: "d2243445b826b06dde371d037f4d4319"
vary: Accept-Encoding
x-goog-generation: 1696412684637866
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=n4A0Hg==, md5=0iQ0RbgmsG3eNx0Df01DGQ==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 8007
accept-ranges: bytes
expires: Thu, 05 Oct 2023 08:31:44 GMT

OPTIONS
H3 200 fr.json
api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/ Frame 0
0 35ms
34ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/3NnzKkP7Sdg38D/latest/fr.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.2xweihnachten.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 08:30:43 GMT
expires: Thu, 05 Oct 2023 08:30:43 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdsvmN5ytVVb1-9tAbPejhbAnJmDHL96fzV3lA5YzQ5UibFza_lNCBdCkOJdmYOkPch84bqBFDHbqG8ulFjee1gfhu1eNwka

GET
H3

200

/
www.google.ch/pagead/1p-conversion/479192961/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
https://www.google.com/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr...
https://www.google.ch/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%...

42 B
64 B

34ms
34ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&auid=308000128.1696494644&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzNXFBWVFtN3ZnODdHTGlhdTlBUklsQVB1NFEyd1g2Z2taVklIbUtjZ3Yxdl9LSXdNdllVWnZQeEd4Ql9CU3hOLTVOTVlzOVEaWENoRUk4TDM1cUFZUXBfblNwSldsdUtiZkFSSXRBSzdmOURZWHZGYlpsVUQwZm5GS0thX0JiLThBSmJubkkwajNsR3FXaTNGeWhENTdjaWtycVN0cmlmelYiEwj1tu-Ev96BAxX1mf0HHfTiAJo&is_vtc=1&ocp_id=M3QeZbXRMvWz9u8P9MWD0Ak&eitems=ChEI8L35qAYQo6ff-Ki54aqpARIdAOss8PG_zN3nD1v3Aof9I0p1DJNA2gE7dUznCUs&random=2245096729&ipr=y

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.ch/pagead/1p-conversion/479192961/?random=1608671361&cv=11&fst=1696494643736&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&label=TQ75CJi92ugBEIHPv-QB&hn=www.googleadservices.com&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&value=0&auid=308000128.1696494644&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOEwzNXFBWVFtN3ZnODdHTGlhdTlBUklsQVB1NFEyd1g2Z2taVklIbUtjZ3Yxdl9LSXdNdllVWnZQeEd4Ql9CU3hOLTVOTVlzOVEaWENoRUk4TDM1cUFZUXBfblNwSldsdUtiZkFSSXRBSzdmOURZWHZGYlpsVUQwZm5GS0thX0JiLThBSmJubkkwajNsR3FXaTNGeWhENTdjaWtycVN0cmlmelYiEwj1tu-Ev96BAxX1mf0HHfTiAJo&is_vtc=1&ocp_id=M3QeZbXRMvWz9u8P9MWD0Ak&eitems=ChEI8L35qAYQo6ff-Ki54aqpARIdAOss8PG_zN3nD1v3Aof9I0p1DJNA2gE7dUznCUs&random=2245096729&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.10/ 57 KB
20 KB 253ms
251ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.10/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gx2spz5bhc?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:43 GMT
content-encoding: br
last-modified: Tue, 03 Oct 2023 13:37:19 GMT
x-azure-ref-originshield: 0EbIdZQAAAADAa7gxfTgFRKdd2hKLTvhzRlJBMjMxMDUwNDE3MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag: "0x8DBC415DDE8C4F1"
x-azure-ref: 0NHQeZQAAAAB3WCo6oMWVRZH4VtjvLRXTWlJIRURHRTA2MjAANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: TCP_HIT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: eb5555ba-701e-0001-72b0-f67107000000
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
accept-ranges: bytes

GET
H2 200 main.MWQ0NWRkZTlhMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 370 KB
99 KB 35ms
33ms Script
application/javascript 23.36.163.237
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CE8TB0JC77UA05OMUPR0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 157813a7
date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123833907E75E1CFE76D3E1D7F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-209.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01bd3986c18f30fb1a79752a0dbdbe6fc6a53dcad859148c974dd6770ca8a466e9fc33c6b43d4695d685a613dc016b6cfa2326bfadb5248bea67362afe2b157ba686a03e705adc87b2ddeeeb4f821215af0b2ce7f6e762b5735677c30a1434dbf4
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 100679

GET
H2 200 dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.com/ddm/fls/i/ Frame CF8F 551 B
683 B 130ms
58ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F

Requested by

Host: 12086158.fls.doubleclick.net
URL: https://12086158.fls.doubleclick.net/activityi;dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef9549e764fc189520685afa3726062c42b20743700e12fcdc1565ae02a5845

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://12086158.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 308
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:44 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/479192961/ 42 B
455 B 101ms
36ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/479192961/?random=1696494643756&cv=11&fst=1696492800000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&fmt=3&is_vtc=1&random=3252743293&rmt_tld=0&ipr=y

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ch/pagead/1p-user-list/479192961/ 42 B
154 B 39ms
38ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ch/pagead/1p-user-list/479192961/?random=1696494643756&cv=11&fst=1696492800000&bg=ffffff&guid=ON&async=1&gtm=45He3a20&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&frm=0&tiba=Ensemble%2C%20envoyons%20du%20bonheur%20%E2%80%93%202%20x%20No%C3%ABl&fmt=3&is_vtc=1&random=3252743293&rmt_tld=1&ipr=y

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:44 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1px.png
app.usercentrics.eu/session/ 489 B
834 B 30ms
29ms Image
image/png 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=3NnzKkP7Sdg38D

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:20:49 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 595
x-guploader-uploadid: ADPycdsLjA8yVUY9tLkN-JWHCPeOPjGWygkwnnWYYNZ-ziUn8lKtBypqpwiQEY9NElWSEDem9qRw4yME2G9cDRKPQ1dv
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Thu, 05 Oct 2023 08:50:49 GMT

GET
H3 200 DefaultData-655d9254-48913d86.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 2 KB
999 B 30ms
30ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/DefaultData-655d9254-48913d86.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a88df466fee0bb0d3fa786712623c7b60c713d62457466a56c1644b36fb7f86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:04:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1797998
x-guploader-uploadid: ADPycds3dzuAlAX-ScsxW2EVjEHdAqdQGGXblBJfTXzrBFuQdVBfhmFc4oJW1d7SMMFcbzfQ58FQ_3Eh19YgUuAVY8iAtxK3hc9f
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 968
last-modified: Thu, 14 Sep 2023 12:57:42 GMT
server: UploadServer
etag: "fd4bb9c5ae868f2159b7afec7b709820"
x-goog-generation: 1694696262906280
x-goog-hash: crc32c=FMG1oA==, md5=/Uu5xa6GjyFZt6/se3CYIA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 968
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:04:06 GMT

GET
H3 200 translations-fr.json Show response
api.usercentrics.eu/translations/ 8 KB
3 KB 15ms
15ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-fr.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

13ccbcacc44d5fc4c5aa018be7420ab86e5cb8980c24177f8ccd067833416ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Wed, 04 Oct 2023 13:53:11 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 67053
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdubEQ1jF_TiDmPNrSSUWdh3ZCNmTysWmY2KQTBci_5d6BIKp3nuk69CEvCCEs18jMIv4kG5M8u08wdBTmXCAU9adA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2649
last-modified: Mon, 11 Sep 2023 07:33:50 GMT
server: UploadServer
etag: "596c29bc0a4c2bccf46676943aa8614d"
vary: Accept-Encoding
x-goog-generation: 1693475533614727
x-goog-hash: crc32c=Nykohg==, md5=WWwpvApMK8z0ZnaUOqhhTQ==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2649
accept-ranges: bytes
content-type: application/json
expires: Thu, 05 Oct 2023 13:53:11 GMT

OPTIONS
H3 200 translations-fr.json
api.usercentrics.eu/translations/ Frame 0
0 37ms
37ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-fr.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.2xweihnachten.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 08:30:44 GMT
expires: Thu, 05 Oct 2023 08:30:44 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: CH,CHZH
x-guploader-uploadid: ADPycdu7pHj1WzNYJbqw71csZTcz84DMHPKzOCRoWdqvHI-a59W3QD-cOqMtSlzI5I1-YcTLTunQKSLc37Q-KITWZLEbCV4TVlk7

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
35 KB 103ms
103ms Script
application/javascript 23.36.163.237
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 15781540
date: Thu, 05 Oct 2023 08:30:44 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107094992214F0C816780695F
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-36-161-209.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0183cf230e61c464f3b74a2f5dd2496aee3962c06479feebb55343f39c0b3f4345aa87061fce68c95a14c66f0ce8080038bf7e737cfdc3b0e9348ca286caafa3fdf74b166e406fd017850282f048367e6315f085bd89b8b8f55ad7798efadebc00
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 35562

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
793 B 190ms
190ms Ping
text/plain 23.36.163.237
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 10aab777.15781541
date: Thu, 05 Oct 2023 08:30:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-209.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 124,23.36.161.209
server-timing: cdn-cache; desc=MISS, edge; dur=90, origin; dur=40, inner; dur=33
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231005083044D71578425A0F0B3FEFFF
x-cache-remote: TCP_MISS from a23-221-225-175.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 40,23.221.225.175
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cf2546dc352f55fd2ed754ae7804d82f9e15c8f32a26d0120ddc43b8b6a4634b2cb0dc6f3e0001112331924ba435666194dc5c7374a83ded3f1cb0c45192e0624aa549b382e593a1e9cedbf72cb666fc5e5d8c504163dbeaf956babea8449c7f94
access-control-allow-headers: Authorization,*
expires: Thu, 05 Oct 2023 08:30:44 GMT

GET
H3 200 3321229921329107 Show response
connect.facebook.net/signals/config/ 138 KB
36 KB 159ms
159ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3321229921329107?v=2.9.132&r=stable&domain=www.2xweihnachten.ch

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8088079975a52f6851ace14c57e8727d30fee047bcf15b5f9530ddbdc6fea3c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 05 Oct 2023 08:30:44 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: nFgFmhULIVzsnvajuJAQmrrI1WHnwMZbrMA5elQ3mLfQ0GfhejhevZZRFUEFJo/FN5L7mDkKbHAW/hftU2s2Fg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 88ms
24ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1602194843373061&ev=PageView&dl=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&rl=&if=false&ts=1696494644200&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696494644199.1486351091&ler=empty&it=1696494643890&coo=false&exp=a1&rqm=GET

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Oct 2023 08:30:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=ht... Show response
adservice.google.ch/ddm/fls/i/ Frame 2BF4 194 B
515 B 150ms
63ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/ddm/fls/i/dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIiC9YS_3oEDFZBRwgodRCoGEA;src=12086158;type=visit0;cat=post_0;ord=1;num=2613981572814;auiddc=308000128.1696494644;gtm=45He3a20;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:44 GMT
expires: Thu, 05 Oct 2023 08:30:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DefaultUI-26ba8847-4a5ca8dd.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 2 KB
789 B 14ms
14ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/DefaultUI-26ba8847-4a5ca8dd.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c3d09fc75adcaac0c22577e5ab5413bd4ff59ce3efdabd907aef7349f1e94e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:08 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798056
x-guploader-uploadid: ADPycduvrnDoaE-UjF2nlvhek6dUzp452oxCnfe5XjMmq0IfLG--fXYXoiI99_cxpjh4vm7IzsQE44pJXEvboSu45KYMlMiEYJQS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 758
last-modified: Thu, 14 Sep 2023 12:57:43 GMT
server: UploadServer
etag: "f78fb5473a22a340a6c5a9d8b15dac5e"
x-goog-generation: 1694696263506086
x-goog-hash: crc32c=kiRjqg==, md5=94+1Rzoio0CmxanYsV2sXg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 758
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:08 GMT

GET
H3 200 FirstLayerCustomization-4f604bd6-7844c3c5.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 3 KB
1 KB 16ms
16ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/FirstLayerCustomization-4f604bd6-7844c3c5.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:04:46 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1797958
x-guploader-uploadid: ADPycdvZrYWo2eybJpq76CWRR-PrYry8i7zdmcSxj2mvlOuyRAMjsic1mmJE-kDDASN8OVKMzCN_8R2qkd8VRG5ojTf-KFW0NqaM
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1075
last-modified: Thu, 14 Sep 2023 12:57:43 GMT
server: UploadServer
etag: "0a66f8bb9257c6d73cd524d46a2a83b8"
x-goog-generation: 1694696263819130
x-goog-hash: crc32c=SQBPAQ==, md5=Cmb4u5JXxtc81STUaiqDuA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1075
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:04:46 GMT

GET
H3 200 ButtonsCustomization-b2eba160-04edb142.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 473 B
267 B 17ms
16ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/ButtonsCustomization-b2eba160-04edb142.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:04:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1797998
x-guploader-uploadid: ADPycduTz1GIZpSqMnqRy4NabjYTVlKGJ4iVqlQEqmwgfq8fVrnlM-M6ytr0DWRLlhp-r4leDPAeH2E0UB67Tt541e16bbQBG5cV
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
last-modified: Thu, 14 Sep 2023 12:57:42 GMT
server: UploadServer
etag: "08b32d03424c148e01500401c73fc3b9"
x-goog-generation: 1694696261977292
x-goog-hash: crc32c=kx25cw==, md5=CLMtA0JMFI4BUAQBxz/DuQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 236
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:04:06 GMT

GET
H3 200 SecondLayerUI-78c6bc43-5e94417f.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 567 B
350 B 17ms
16ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/SecondLayerUI-78c6bc43-5e94417f.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:08 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798056
x-guploader-uploadid: ADPycduWiIKhunOKsSxVPqP2OFR2a8RuN7RBhwsXJyV1h4Q1PRijuc0deI6VceHN1sdxri9knWu6_Sul40mYT7x3B628xOqpsCzU
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 317
last-modified: Thu, 14 Sep 2023 12:57:45 GMT
server: UploadServer
etag: "80c760916c01f0cbf513e7856bc3e4d7"
x-goog-generation: 1694696265070903
x-goog-hash: crc32c=IT097A==, md5=gMdgkWwB8Mv1E+eFa8Pk1w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 317
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:08 GMT

GET
H3 200 Taglogger-51693fc2-eb327d0d.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 1 KB
653 B 15ms
14ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/Taglogger-51693fc2-eb327d0d.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 12:59:18 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798286
x-guploader-uploadid: ADPycdubNODEnf258mOC7IcLQH_gGV11XTr0DQp5N-V2Tgf3DVTXT5zmA-KRjHEOLGm-n_jvytfTE8nhb4BlVboFd3tk3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 617
last-modified: Thu, 14 Sep 2023 12:57:45 GMT
server: UploadServer
etag: "438fae1bb0e39c8915473a38af6a9107"
x-goog-generation: 1694696265702406
x-goog-hash: crc32c=LMv4gQ==, md5=Q4+uG7DjnIkVRzo4r2qRBw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 617
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 12:59:18 GMT

OPTIONS
H2 204 2
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 66ms
35ms Preflight
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.2xweihnachten.ch
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 05 Oct 2023 08:30:44 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 25f2f303263e59eadc028ff1d96f72df

POST
H2 201 2 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ 0
77 B 32ms
31ms Fetch
text/html 2600:1901:0:1e38::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/2

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.30.0/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
X-Request-ID: 32c9efa7-83f5-4674-86f4-8ca275f86ce0
content-type: application/json

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: be2209ae67e5af9c6be2c89cb62f1efc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 fr.json Show response
privacy-proxy.usercentrics.eu/latest/ 3 KB
1000 B 16ms
16ms Fetch
application/json 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-proxy.usercentrics.eu/latest/fr.json

Requested by

Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d7b65e18d9108933f2e4bc452a469b27b6ec99d5a048d5ba8ab9de75271b96e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:19:41 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
x-goog-meta-version: 3.2.2
age: 663
x-guploader-uploadid: ADPycdtB9nRsam8cl6JVHRIDTp8Da8d-vNSKjOetfZiH9URwlZKlTVH_ZQPv1E6A0AE8qbAEbiUbES-L1YHHOoaoYkv4dQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 961
last-modified: Wed, 23 Aug 2023 08:24:50 GMT
server: UploadServer
etag: "00dd4ca9c869f6f2f87b366d167bc364"
vary: Accept-Encoding
x-goog-generation: 1692779090770325
x-goog-hash: crc32c=tEiFbw==, md5=AN1Mqchp9vL4ezZtFnvDZA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 961
accept-ranges: bytes
content-type: application/json
expires: Thu, 05 Oct 2023 09:19:41 GMT

GET
H3 200 PrivacyButton-f29afb82.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 5 KB
2 KB 28ms
27ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/PrivacyButton-f29afb82.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

4d667e6159d9d32473a8c3850a7da05b26d4c92885285d9fb7527578b601fd05

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:04:13 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1797991
x-guploader-uploadid: ADPycdtiJW7ogE6fnZtI0Yosa7yIbrHea2qTNyGswTB-dNZz4u5n3TrergGsD6QLPr-En0E7UXZcK-50-hIKD4_ugcfwJaNPWr2_
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2449
last-modified: Thu, 14 Sep 2023 12:57:44 GMT
server: UploadServer
etag: "718702d30150b033845c6518ed5d3f17"
x-goog-generation: 1694696264148102
x-goog-hash: crc32c=TceyLg==, md5=cYcC0wFQsDOEXGUY7V0/Fw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 2449
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:04:13 GMT

GET
H3 200 index-78213168.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 2 KB
851 B 30ms
30ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/index-78213168.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

07b775b145c1884d1e384b10a84bad806c000bf49df92bc67f6cd1f397eaafbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798058
x-guploader-uploadid: ADPycdvmGX-edyv3n8dUugej8Obi7ycR2sD3D-1j1hUkEQBIf84e8TzrrEX451tVaQO1-AgBf7efLC5GcNGM5i63xrG71fjo5nF0
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 811
last-modified: Thu, 14 Sep 2023 12:57:52 GMT
server: UploadServer
etag: "f15d8308e10f4a1c4253c4ca6587bc90"
x-goog-generation: 1694696272722249
x-goog-hash: crc32c=hAN1nA==, md5=8V2DCOEPShxCU8TKZYe8kA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 811
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:06 GMT

GET
H2 200 uct
uct.service.usercentrics.eu/ 35 B
268 B 125ms
73ms Image
image/gif 34.95.108.180
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://uct.service.usercentrics.eu/uct?v=1&sid=3NnzKkP7Sdg38D&t=1&abv=&r=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&cb=1696494644339

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.95.108.180 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

180.108.95.34.bc.googleusercontent.com

Software

Google Frontend / Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:44 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
x-powered-by: Express
content-type: image/gif
x-cloud-trace-context: fa89acd86fedabe6d903e3b7d7f7e12c
cache-control: no-store
function-execution-id: cats84534j6r
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 359ms
110ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.2xweihnachten.ch
Date: Thu, 05 Oct 2023 08:30:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
796 B 159ms
158ms Ping
text/plain 23.36.163.237
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.163.237 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-36-163-237.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4d9ef637.15781930
date: Thu, 05 Oct 2023 08:30:44 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-36-161-209.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 119,23.36.161.209
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=33, inner; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310050830445F82DCE5A79CEA90B4D0
x-cache-remote: TCP_MISS from a23-220-104-215.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.104.215
x-tt-trace-host: 014af3859b4d71ee855b516a7c490c87cf2546dc352f55fd2ed754ae7804d82f9e23b470d3b8a74621733deb3799464ccb81b240f356905c650c8d719d680de550f0641b9ac094957a9ad500faf3e5e0547d7a3c7406d8793eb806173904e59ce774bf241d3e0a107d6b04b48a2f30a50f
access-control-allow-headers: Authorization,*
expires: Thu, 05 Oct 2023 08:30:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 25ms
24ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3321229921329107&ev=PageView&dl=https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F&rl=&if=false&ts=1696494644663&sw=1600&sh=1200&v=2.9.132&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1696494644199.1486351091&ler=empty&cs_est=true&it=1696494643890&coo=false&exp=a1&rqm=GET

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 05 Oct 2023 08:30:44 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK button.13c48d2966337fafa1c1eb5533fdf29d.js Show response
platform.twitter.com/js/ 8 KB
3 KB 31ms
31ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.13c48d2966337fafa1c1eb5533fdf29d.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Thu, 05 Oct 2023 08:30:44 GMT
Content-Encoding: gzip
Age: 37291
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2617
Last-Modified: Wed, 04 Oct 2023 21:58:32 GMT
Server: ECS (amb/6BBF)
Etag: "def6f3052007521ae22a38b870dfd318+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H3 200 index-4a780c14.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 5 KB
2 KB 17ms
17ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/index-4a780c14.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

539ae47fc9284231878fe272ba76e132e4682c62365b4fcb6f9359fb83a84122

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798058
x-guploader-uploadid: ADPycdvRMliWCd23bCG3cLRRzMnjHICYZdHf9uYZh2XFjIUHjQLuaQGzKmN5QP1O4NwqJQD0dxW142KN1usyOiYwLbggNM_g2ykq
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2058
last-modified: Thu, 14 Sep 2023 12:57:52 GMT
server: UploadServer
etag: "0ec4a6a46990b3bc703b20440ca298af"
x-goog-generation: 1694696272094063
x-goog-hash: crc32c=PKy09A==, md5=DsSmpGmQs7xwOyBEDKKYrw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 2058
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:06 GMT

GET
H3 200 SaveButton-5eda949a.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 1 KB
659 B 16ms
14ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/SaveButton-5eda949a.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

62194795ef9bd829e72ccc9387c492a9a3d317ed97a63b0b47c7351a8786fa37

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:04:46 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1797958
x-guploader-uploadid: ADPycdsO3nGvih8YR2BkjKoO12CeqkbenKN7otWxmF_VYCs6HoKX7Ha85_LkIC0OOwEYbBfUAGk0sKuFgig4OvQcmbZzRQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 616
last-modified: Thu, 14 Sep 2023 12:57:44 GMT
server: UploadServer
etag: "71addc53c6f07744b316fcb28d418c8c"
x-goog-generation: 1694696264771590
x-goog-hash: crc32c=4Gzh9A==, md5=ca3cU8bwd0SzFvyyjUGMjA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 616
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:04:46 GMT

GET
H3 200 VirtualServiceItem-c0509f9e.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 156 KB
47 KB 25ms
22ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/VirtualServiceItem-c0509f9e.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

1b3a8b533dbb5b11e617beaa9678b0bc9f03f41a64d59d2801fe57f7ff9596ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798058
x-guploader-uploadid: ADPycdumMaDj-OJzMwm2bO1IXuIfCAqNVECWnYXFhMJAvgkWU8aIu_MRnJroroZ3OAs32WzgSzsmW6ItSXH_FL4mn25hrTJwHOYI
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48507
last-modified: Thu, 14 Sep 2023 12:57:47 GMT
server: UploadServer
etag: "35f9e5da417584d3ffd58d8d75de76ae"
x-goog-generation: 1694696267331946
x-goog-hash: crc32c=hR3F6Q==, md5=Nfnl2kF1hNP/1Y2Ndd52rg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 48507
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:06 GMT

GET
H3 200 DefaultTabs-f85b1ffa.js Show response
app.usercentrics.eu/browser-ui/3.30.0/ 4 KB
2 KB 33ms
30ms Script
text/javascript 2600:1901:0:5987::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.30.0/DefaultTabs-f85b1ffa.js

Requested by

Host: www.2xweihnachten.ch
URL: https://www.2xweihnachten.ch/fr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

UploadServer /

Resource Hash

44ad38c37df9d2f99df0ae191f722290b3273f4a6dc0bc78671a689b568f5b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.google.com/
Origin: https://www.2xweihnachten.ch
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:03:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1798058
x-guploader-uploadid: ADPycdtEKPWUGi15Yl7GKDTQM_hq0U9JpFJxDPGk8L5BS98ulLLrBPE15jJ2xwxRE1A4W_liL7dSVk7tG5eCfAGX-Vpbt4QtI6w1
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1681
last-modified: Thu, 14 Sep 2023 12:57:43 GMT
server: UploadServer
etag: "23445145a048b90d32419ad9b82e7133"
x-goog-generation: 1694696263202148
x-goog-hash: crc32c=Ys9uUQ==, md5=I0RRRaBIuQ0yQZrZuC5xMw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1681
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 13 Sep 2024 13:03:06 GMT

GET
H3 200 share_button.php Show response
www.facebook.com/v2.10/plugins/ Frame 5059 42 KB
13 KB 269ms
265ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.10/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df307f7913f25c8%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Ff34d5f144045064%26relation%3Dparent.parent&container_width=54&href=https%3A%2F%2Fwww.2xweihnachten.ch%2F&layout=button&locale=fr_FR&mobile_iframe=true&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=63c5749f425b93df741242533677a9dc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddc44aa6554e907cc8bc6a5e42b9519c0cf300f828f5f35b9bf05a6ad703a94f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: ntjt3DVyrtk+0XuuVvpIV85xyVlUAQf6ox0m+8iHbC/cNbYbaa6R2Wyhb+wgWJKOUbPA82Zo5Dvxlg1+PU2acQ==
x-xss-protection: 0

GET
H3

200

/
www.facebook.com/login/ Frame 79E6
Redirect Chain

https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df38bcf3ed6e187c%26...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...

0
0

226ms
225ms

Document
text/html

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df38bcf3ed6e187c%2526domain%253Dwww.2xweihnachten.ch%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.2xweihnachten.ch%25252Ff34d5f144045064%2526relation%253Dparent.parent%26container_width%3D390%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2xweihnachten%26locale%3Dfr_FR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/fr_FR/sdk.js?hash=63c5749f425b93df741242533677a9dc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 05 Oct 2023 08:30:45 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: j805p0V/6XfOi+WPctjPqw8pb7DSMn6fte7/Om7pId+UcAxO8O9y0vbLmWS1nlN7oO12q88IIY7EwY9cFWCX1w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 08:30:44 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df38bcf3ed6e187c%2526domain%253Dwww.2xweihnachten.ch%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.2xweihnachten.ch%25252Ff34d5f144045064%2526relation%253Dparent.parent%26container_width%3D390%26hide_cover%3Dfalse%26hide_cta%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F2xweihnachten%26locale%3Dfr_FR%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
priority: u=0,i
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: MorNC8VbY/s50oKz4wTwEZLKHJ2Qc6WNY9p1F5CTNUuObgFm6qXdQ9SYyc5USro1ai1amaFCF4W3wCwtYV9xvA==
x-xss-protection: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&RedC=c.clarity.ms&MXFR=17601B923A5E67FD2C4B08333E5E69B1
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&MUID=1061CBFD99D463C6180CD85C98A462AC

42 B
467 B

48ms
47ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&MUID=1061CBFD99D463C6180CD85C98A462AC
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:45 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 08:30:44 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7AE61A7754F64C3A8CFD4E2C49920222 Ref B: ZRHEDGE1507 Ref C: 2023-10-05T08:30:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8E3FFBF6005C4660911BF559A74DFD6F&MUID=1061CBFD99D463C6180CD85C98A462AC
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 200
OK tweet_button.34999e64cd909e9be3bbd826bafcd2c4.fr.html Show response
platform.twitter.com/widgets/ Frame FEDC 34 KB
13 KB 30ms
29ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.34999e64cd909e9be3bbd826bafcd2c4.fr.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 8b0ac102bbef332ccfc7a328732983b0aa009966b6e7ad6ed4fb81a81aaf1b22

Request headers

Referer: https://www.2xweihnachten.ch/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-CH,de;q=0.9
referer: https://www.google.com/

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 37167
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12828
Content-Type: text/html; charset=utf-8
Date: Thu, 05 Oct 2023 08:30:44 GMT
Etag: "a496415b661d9f2717835be5d15a9b28+gzip"
Last-Modified: Wed, 04 Oct 2023 21:58:34 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6BBF)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
127 B 139ms
138ms Image
image/gif 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fwww.2xweihnachten.ch%2Ffr%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22fr%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1696494644804%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%227e31f10ca29dc%3A1696453545681%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=e6c37cf66191cd715d3a3a3af36c668ff924d199

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 05 Oct 2023 08:30:44 GMT
strict-transport-security: max-age=631138519
last-modified: Thu, 05 Oct 2023 08:30:44 GMT
server: tsa_f
vary: Origin
content-type: image/gif
x-transaction-id: 509528e41e381f15
cache-control: must-revalidate, max-age=600
perf: 7626143928
x-connection-hash: 3d8f11b042269c1944094eb1613a6923a8c76e7bb87d0f54801f9de59ed80eaf
content-length: 43

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 390ms
219ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.2xweihnachten.ch
Date: Thu, 05 Oct 2023 08:30:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
DATA 200
OK truncated
/ Frame FEDC 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ruxaZoupmFj.png
static.xx.fbcdn.net/rsrc.php/v3/y8/r/ Frame 5059 323 B
589 B 32ms
24ms Image
image/png 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y8/r/ruxaZoupmFj.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.10/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df307f7913f25c8%26domain%3Dwww.2xweihnachten.ch%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.2xweihnachten.ch%252Ff34d5f144045064%26relation%3Dparent.parent&container_width=54&href=https%3A%2F%2Fwww.2xweihnachten.ch%2F&layout=button&locale=fr_FR&mobile_iframe=true&sdk=joey&size=large

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:45 GMT
x-content-type-options: nosniff
content-md5: mEtfkiuN8zERyZQcBN9jeg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 323
x-fb-debug: 0cqBn5p2Sq3EZTRs+8tfc9MLY5EnC3lci79HQcJXQ9lz9n7xhrsHY6VHxWBo/2WHgkK1aBP97b01LcaYJj9g5w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sun, 29 Sep 2024 03:37:13 GMT

GET
H2 200 8kLUhvtA78c.js Show response
static.xx.fbcdn.net/rsrc.php/v3iZPf4/yH/l/fr_FR/ Frame 5059 524 KB
135 KB 31ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iZPf4/yH/l/fr_FR/8kLUhvtA78c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ac6559de9db520f6a734141e401b32bc60b08ddd9d471d5b99a06ecbbdc9476

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 08:30:45 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Cv5avQAiXSG8RBV91xOTnw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 138279
x-fb-debug: g7JLY3RJAQChup/lJurKOg91IdBmxRIb0bFqhWb7GqHYdu3lhx3uTzTsQxKYPttA771tj2jyci75HxCMwE9cyw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 03 Oct 2024 19:31:34 GMT

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
300 B 113ms
113ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.google.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.2xweihnachten.ch
Date: Thu, 05 Oct 2023 08:30:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.2xweihnachten.ch/	1970-01-20 17:24:30	Name: _gcl_au Value: 1.1.308000128.1696494644
.2xweihnachten.ch/	1970-01-21 00:50:54	Name: _ga_8R7RXSFQEG Value: GS1.1.1696494643.1.0.1696494643.60.0.0
.2xweihnachten.ch/	1970-01-21 00:50:54	Name: _ga Value: GA1.1.710779563.1696494644
www.clarity.ms/	1970-01-21 00:00:30	Name: CLID Value: a54f2d134b6c402a8d2ee7ac3b8e35d8.20231005.20241004
.tiktok.com/	1970-01-21 00:36:30	Name: _ttp Value: 2WKwaejscZiabZI9Fpf9b5bZ4W2
.doubleclick.net/	1970-01-20 15:14:55	Name: test_cookie Value: CheckForPermission
.2xweihnachten.ch/	1970-01-21 00:36:30	Name: _tt_enable_cookie Value: 1
.2xweihnachten.ch/	1970-01-21 00:36:30	Name: _ttp Value: q7Kr909FU0V78f5T0FDylz3C7su
.fonts.net/	1970-01-20 15:14:56	Name: __cf_bm Value: 5TyX.N5fpmicgM.U0.B93JJQrtmc8KaaHgKh3soE97w-1696494643-0-AT9PqH20S0MeQuuNVmZj0/msvmqXe7JkUYQVaNbDyQSNcCDlJipB2e6M3OvSDTBETbg7/0PmF3IuBbuHutYCc5I=
.2xweihnachten.ch/	1970-01-20 17:24:30	Name: _fbp Value: fb.1.1696494644199.1486351091
.2xweihnachten.ch/	1970-01-21 00:00:30	Name: _clck Value: srl702\|2\|ffl\|0\|1373
.2xweihnachten.ch/	1970-01-20 15:16:21	Name: _clsk Value: wt95tq\|1696494645001\|1\|1\|w.clarity.ms/collect
.bing.com/	1970-01-21 00:36:30	Name: MUID Value: 1061CBFD99D463C6180CD85C98A462AC
.c.bing.com/	1970-01-20 15:24:59	Name: MR Value: 0
.c.bing.com/	1970-01-21 00:36:30	Name: SRM_B Value: 1061CBFD99D463C6180CD85C98A462AC
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 00:36:30	Name: MUID Value: 1061CBFD99D463C6180CD85C98A462AC
.c.clarity.ms/	1970-01-20 15:24:59	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 15:14:55	Name: ANONCHK Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12086158.fls.doubleclick.net
2xnoel.ch
adservice.google.ch
adservice.google.com
analytics.tiktok.com
api.usercentrics.eu
app.usercentrics.eu
c.bing.com
c.clarity.ms
connect.facebook.net
consent-api.service.consent.usercentrics.eu
d33wubrfki0l68.cloudfront.net
fast.fonts.net
googleads.g.doubleclick.net
images.ctfassets.net
logger.service.usercentrics.eu
platform.twitter.com
privacy-proxy.usercentrics.eu
static.xx.fbcdn.net
stats.g.doubleclick.net
syndication.twitter.com
uct.service.usercentrics.eu
w.clarity.ms
www.2xweihnachten.ch
www.clarity.ms
www.facebook.com
www.google.ch
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
104.244.42.72
142.250.185.134
142.250.186.98
143.204.205.196
23.36.163.237
23.96.124.156
2600:1901:0:1e38::
2600:1901:0:43f8::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:211e:6c00:12:94b3:c380:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:fa43
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c04::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d014:58f:6202::64
34.95.108.180
68.219.88.97
76.76.21.21
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
02de7011c861174353741463bfa50c040236cf408e32e718f28d630d2a794dc1
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
05fe46bc03ebf5316a41b188b9d34e1a20a17e295432252c23dcbebc827f5031
07b775b145c1884d1e384b10a84bad806c000bf49df92bc67f6cd1f397eaafbc
08dfbd56f814d08e80f1a34c192c41b0dad2c48d440f356a12e8e47fafc1b998
092cb8a7c234247243577529fa46f11c66216fb8c2b91a9e12d6bda73b739ed9
0a45c52b8c2d1cdbfb5df9fcdce4ebe1b77f60f450a2cbe25129fb11d7715af1
0b7ded52919ddb0fe85579298b5a0945168c309e49001a1bfa9cdc9b8fe36c97
10c427773d74c0724adf14522a7a506056969e5eae68201f328707a9bef6f844
11c356ed33d2ed32d9acdeedeb2b5fef41b7211442091c51fcd23a4f5be0b25f
13ccbcacc44d5fc4c5aa018be7420ab86e5cb8980c24177f8ccd067833416ffb
1b3a8b533dbb5b11e617beaa9678b0bc9f03f41a64d59d2801fe57f7ff9596ea
20db7ce8e3049977535579a92d71232b26ed80f8ab0c1b7418ae67c403a6b321
22058d0653f274c9ffa819600d9cb85be3b04653dc7484c8deaa1509c9885f55
2266f44385c1337837b7ef108a668da3a3d829063e1fc7c6d4f54284360458f6
230edc85fba60b7e535f3304bd4c501efbba20e6db22600955226210a73bdd03
27727268e956a5b856b91a47ed8d906b568df9e49aceb2cf04ee1cf0df65512a
29f9afdf1c0a58bc7f01c272de175c1333b0812538c3bec1a0d88803e74f369f
2ce34c2700d9495f87cac72989beb2b0147efc4a5bb501722e9de765afd079de
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
314cf03ee8b8454937666993fdd25b155d1037dcde2da0019eeb1fa5862a023f
36ca6086bbd619cb4a8aa383480359083f56c577fe7d6a90d0e2f8b6de9441f6
373e48505a545e861cd1109ab7f8a9afd2ce03556981a0c524e3182327676b15
3e035d762dad8231b7c1a0a0477fd8d60c2b7096da7cfc14c25eea00830a5c3a
44ad38c37df9d2f99df0ae191f722290b3273f4a6dc0bc78671a689b568f5b0d
48e16d3e56ef764c4d9b23e86d32e47003f2d40eb40bbc9c42b2162e3f46a19f
4a0e0c5931babc166aaca2c1a7ca666d4ca07fcd2579fbdd9163ad9b9273102b
4a6c4895284f7e0be73851d3eed451fc1cacb2ad4736ed73f5c9c4151b39f0a3
4d667e6159d9d32473a8c3850a7da05b26d4c92885285d9fb7527578b601fd05
4f94f29ec4f6d221f6c2f8d24a5ae09ccd83c236b2b2045de4f184b737d10f4f
519536006cd07bfce7ffa9bb61618333db7e0db8b766d5448bf4962ca14ac55a
539ae47fc9284231878fe272ba76e132e4682c62365b4fcb6f9359fb83a84122
5f1ec667486591a426a307907e8dc10937b0f5925cdc6447a3cb0d24f823538f
62194795ef9bd829e72ccc9387c492a9a3d317ed97a63b0b47c7351a8786fa37
63b4d00f7e88d4c69629deab2eaf5f1120d49e02e9d807b2d9ba6925091749f2
63b5e0a3e1f02005bdc103269b0104ca5e9c9242473edc64d490dafcb306cccf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
702b84fac5e859748def23a4eae23892deb98f543876b89170cab0ba021de941
705978ece57bc92b7928e87defdabb5695fe92c45f56373e6d6b0b9ac64e57f5
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
7ab2ea8fd27fef64c455115e17f1932f0710ddce3f74455c11820b826d76154f
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7e1eac13f53887711729c482a796cf09cf82359b4c16a94dd3bc1744accd9a00
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
81c41f814f2cc03b2c5b247094ffd22ef741b8d9f9f12edd03e6ad961aa20a92
8b0ac102bbef332ccfc7a328732983b0aa009966b6e7ad6ed4fb81a81aaf1b22
925914f519063ebef6984ffff2efe62f52b5c4727f2ced03ac5f91d64c7baf73
959c295363b60bda2d7465c383e3421104a7d4af2c23c024c5abccda6a005551
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ac6559de9db520f6a734141e401b32bc60b08ddd9d471d5b99a06ecbbdc9476
9c78e8edf537b7fa554e6c2691b006264fc2533162fba95711ed95509d681bff
9cf0bfbdf8164a95502ff8e1d059e7eb5847d7ae8fc12433b095e8c99de4eab5
a557931c2ecdd87b97095ee3a4fb001acc6715a5616495f665d3112744389283
a88df466fee0bb0d3fa786712623c7b60c713d62457466a56c1644b36fb7f86e
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae97c68be4dbee6ebdfd4e06ab0537e85a79c103cadbac27f9bd58ba54372b22
aee56b28da5e5aaf6e298e13498ccf1cc5987118815bca277386e385cfd6130c
b0185885e5e8da6b489415520c5a907f5bc6319625332c448ae8c4a7f7aed4b3
b7063a6b78377a64df7a8eef4bc2bed3579b50a92ad09c49928d25f68a1336ce
b80b61ef39c889e91cdbff941065d0426ca43707bf51e22d4acf7ca4b88946f4
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
c3d09fc75adcaac0c22577e5ab5413bd4ff59ce3efdabd907aef7349f1e94e93
c7d3213f2b9314e2af0528afbcd7d9da7bae3cd3385fef9a020f71389767a43e
c8bbcf66989e3dee7dea54901c79a7b05520785f5ace119cd665ddc25cc2ca2e
c901db9e6f8fefdd9f9460445a4c4963bdb4dab1d5841f0827ab66da9b0c984b
ce875af342820f2d1ce994f6d8b97bc633307e2c3fad072a517a37e80bf3ca20
d148d296e16f1216944a5b97d6a566e247d85ee1e5b0cca642027f375eb2f53e
d4f287c2fb699469e5d1047900f29d8057f599b5069a4f17ad97f3f560e35785
d559a8baea778945ca828895bf576a389bbe37048c6460e99c0038b0b02c62a6
d7b65e18d9108933f2e4bc452a469b27b6ec99d5a048d5ba8ab9de75271b96e6
d914e564ecf0f0620ab21ce0365beb2901287fa5802d69f3f0fb5cfae2a8bad7
dc70c1e3edb979c1f2f1f3fff1b04997dbba800a965b525981161ebfa858da4b
dcbfcb2baf729cd519d3e7cf9f39ff023a005a2ed59343b26b77a05fcf71dfd2
dce7a1990586d3fd97ccc08d16abf1524307a77df2a5e2798b5b66dd1f2d4d04
ddc44aa6554e907cc8bc6a5e42b9519c0cf300f828f5f35b9bf05a6ad703a94f
e2df0d10eb100b81daa06c74bf17c3d613647d2222a7ac8a1d5892f6ed7f41c4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8088079975a52f6851ace14c57e8727d30fee047bcf15b5f9530ddbdc6fea3c
e8754bab8aebc724a2e6478e9e2a69b686e99dbe63286b8198e3abeb4a2072e5
eef9549e764fc189520685afa3726062c42b20743700e12fcdc1565ae02a5845
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f474550de1e03d58f1d19a2d95b7d12781ed5752886a2639be1ddda8e5172c70
fb9e6fd01b9a6073e84f48996d520762a37fd5c6ee47a6a24630d96027f944c5
fbb613590ab06b8838cad9193caa3797b2fb582dd88a444a1afe2424754d97ca
fdca819eed878aa74b52c43b07ef775bde65457494c40a2228697a5fe298158d

www.2xweihnachten.ch Open in urlscan Pro 2a05:d014:58f:6202::64 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

105 Requests

98 %HTTPS

69 %IPv6

19 Domains

31 Subdomains

28 IPs

4 Countries

25466 kBTransfer

28424 kBSize

19 Cookies

4 Outgoing links

Page URL History

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.2xweihnachten.ch Open in urlscan Pro
2a05:d014:58f:6202::64 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

98 %
HTTPS

69 %
IPv6

19
Domains

31
Subdomains

28
IPs

4
Countries

25466 kB
Transfer

28424 kB
Size

19
Cookies

105 HTTP transactions
1 data transactions